Nameservers Changed Issues on Sav.com

[xmarthost]

My nameservers for all domains have been changed to ns1.all-harmless.domains and ns2.all-harmless.domains, and I am unable to change the DNS again. What could be the issue?

Also, a friend of mine is facing the same problem with over 600 domains. What's going on with sav.com?

 

[Grilled]

This started with a Sav misstep, but it could easily develop into a @CleanDNS misstep, too.

How?

Shouldn't those in this thread who have locked domains be happy they now have a POC in @CleanDNS to discuss their issue(s) with?

 

[dirk]

@CleanDNS

Are you owned by/part of constellix?

 

[Future Sensors]

How?

Shouldn't those in this thread who have locked domains be happy they now have a POC in @CleanDNS to discuss their issue(s) with?

You are now going along with Sav's narrative, without perhaps realizing it. Convenient of Sav to delegate it to a new, unaccredited account on this NamePros forum. Sure, just give all your personal information to that account and let the Sav abuse handling take place via DMs on this web forum with CleanDNS. I find it very unwise.

 

[bmugford]

How?

Shouldn't those in this thread who have locked domains be happy they now have a POC in @CleanDNS to discuss their issue(s) with?

But again, what is the exact relationship?

Why does @CleanDNS have access to registrar data?

What data do they have access to?

Who is actually making the decision to lock these accounts?

I mean, at the end of the day it's on Sav.com as they are the ICANN accredited registrar.

Brad

 

[Future Sensors]

Does the Sav privacy policy state that CleanDNS may handle abuse for the company via DMs on an external forum like NamePros?

 

[Future Sensors]

A company operating in the security arena in particular should be fully aware of this.

@CleanDNS

 

[Future Sensors]

You only have one reputation. Be careful with it.

 

[Future Sensors]

Still, warm welcome to the forum.

 

[bmugford]

https://twitter.com/x/status/1818778917865664678

 

[zotix]

Unless you can establish some pattern of abuse, locking down an entire account for one instance seems kind of ridiculous. Unless, that one incident is such a blatant violation.

Many things can trigger valid (or invalid) abuse reports. Locking down an entire account, is an extreme response in most cases.

Brad

Exactly.
No compliance pattern = at least, then I would understand it and give them a thumbs-up for writing:

make the Internet a safer place each and every day.

I don't want to be offensive, Nick - but is it you posting this? At least sign the Msg with:

-N.R.
5 characters only; Its hard to believe that a Chief Transformation Officer writes that, where is the direction you want to transform SAV?

---

There we go

---

@ Experts here, who are a bit more familiar with Legal Stuff in Domaining (I dont want to tag Dr. Berryhill), but is this normal?

200$ per hour? Is C-Level working in Admin as well? If this is not gross, im shocked. Where can I get a Job? I will take care of all admin stuff + business development (-internal costs, country-specific insurances, -taxes); I am hereby apply to work for you; 190 is fine. Since you hire in India, I'm also willing to move to Pakistan (where I'm from) & India is fine as well, since my mother was born there.
Looking for a villa over there, no upfront fee - I'm in! Can send you my CV, @Nick R

That will be my new home.
https://abuse.sav.com/sav

Sincerely,
Mustafa.

 

[Grilled]

You are now going along with Sav's narrative, without perhaps realizing it. Convenient of Sav to delegate it to a new, unaccredited account on this NamePros forum. Sure, just give all your personal information to that account and let the Sav abuse handling take place via DMs on this web forum with CleanDNS. I find it very unwise.

I just asked "Why" and "How" to understand more of the risks and dangers, wasn't siding one way or another... Generally, whenever I see a stop sign, I wonder why, and when I see a danger sign, I wonder how...

 

[Future Sensors]

I just asked "Why" and "How" to understand more of the risks and dangers, wasn't siding one way or another... Generally, whenever I see a stop sign, I wonder why, and when I see a danger sign, I wonder how...

No problem.

By the way, I will be handling all abuse from now on.

 

[Grilled]

Perhaps @CleanDNS may need their own thread to discuss cleaning up the internet VS this Sav fiasqo which looks to have inadvertently caught domainers in the crossfire...

-- mentioned earlier in this thread Sav has low cost domains, which could attract both domainers and scammers. (one of these things is not like the other)

-- at the heart of this issue seems to be locking down entire accounts opposed to just reported domains

But... What is the rightful abuse process for a domain used for phishing or scamming? Should a registrar wait for the government to seize the domain before disabling dns? Should the domain owner of a domain used for phishing or scamming be allowed to transfer a domain to another registrar?

Here's an example of a crypto pig butching scam a friend of mine fell victim to. @namesilo took note of the thread, and "took down" the portion of the crime ring that was regged at namesilo. My friend who fell victim filed reports with the IC3 but never heard anything back.

But another example abuse report with a domain thief using a typo domain to steal a domain did not have a happy ending as NameCheap basically refused to do anything about the abuse report.

 

[bmugford]

Perhaps @CleanDNS may need their own thread to discuss cleaning up the internet VS this Sav fiasqo which looks to have inadvertently caught domainers in the crossfire...

-- mentioned earlier in this thread Sav has low cost domains, which could attract both domainers and scammers. (one of these things is not like the other)

-- at the heart of this issue seems to be locking down entire accounts opposed to just reported domains

But... What is the rightful abuse process for a domain used for phishing or scamming? Should a registrar wait for the government to seize the domain before disabling dns? Should the domain owner of a domain used for phishing or scamming be allowed to transfer a domain to another registrar?

Here's an example of a crypto pig butching scam a friend of mine fell victim to. @namesilo took note of the thread, and "took down" the portion of the crime ring that was regged at namesilo. My friend who fell victim filed reports with the IC3 but never heard anything back.

But another example abuse report with a domain thief using a typo domain to steal a domain did not have a happy ending as NameCheap basically refused to do anything about the abuse report.

I received an abuse report in the past regarding a domain when it came to sending spam. Only problem, the domain had been parked for years.

The abuse company had been duped by someone just using my domain as the respond to email, which is something I can't control.

Imagine in that situation if the registrar not only locked that domain, but blocked my entire account. That type of situation is rife for abuse, especially when a registrar can block access to your domains then possibly sell them via their expired auction stream. It's certainly a conflict of interest.

I have no doubt many abuse complaints are serious, but some are BS. So, it really depends on the company taking action.

It would be a very rare occasion where all domains in an account should be blocked. A company might have the right to reject business, but not the right to just keep people's property without due process.

I have been consistent with this. Even in a case like KiwiFarms, which I am no fan of, Epik initially blocked the domain then the transfer itself.

I had an issue with that. Eventually they allowed a transfer.

Brad

 

[pb]

You have full account access of Sav customers?

Whoops, look like they stepped out of the forest right onto a minefield.

 

[Future Sensors]

The abuse company has been duped by someone just using my domain as the respond to email, which is something I can't control.

This really sounds like a beginner's mistake for someone who needs to properly analyze email headers.

 

[bmugford]

This really sounds like a beginner's mistake for someone who needs to properly analyze email headers.

I received another abuse complaint in the past saying I was hosting some bank phishing script on my website. It turns out they made a typo on the domain name. The actual abuse report had nothing to do with my domain.

It happens. That is the problem when you just hand the keys over to some company.

I would love to know what data sharing arrangement these two companies have.

Though, like I said earlier Sav.com is ultimately on the hook for any action regarding blocking access to accounts.

Brad

 

[MasterOfMyDomains]

I wouldn’t trust this venue with any confidential information. Oh ya its more secure than apple or microsoft.
Personally I would like to see past pm’s I mean Dm’s erased as trust wasn’t an issue way back.
Any security company that whats to share personal, private or confidential info on a 3rd party platform has issues.
Sure glad I never bit on sav

 

[Future Sensors]

I wouldn’t trust this venue with any confidential information. Oh ya its more secure than apple or microsoft.
Personally I would like to see past pm’s I mean Dm’s erased as trust wasn’t an issue way back.
Any security company that whats to share personal, private or confidential info on a 3rd party platform has issues.
Sure glad I never bit on sav

Exactly. Companies like innovator Farsight Security (now part of DomainTools) absolutely do not act in the same way as @CleanDNS. And with good reason. I am quite surprised that CleanDNS seems to miss the point when it comes to privacy-sensitive matters. Peers I speak to also think this is very strange behavior.

 

[zotix]

Perhaps @CleanDNS may need their own thread to discuss cleaning up the internet VS this Sav fiasqo which looks to have inadvertently caught domainers in the crossfire...

-- mentioned earlier in this thread Sav has low cost domains, which could attract both domainers and scammers. (one of these things is not like the other)

-- at the heart of this issue seems to be locking down entire accounts opposed to just reported domains

But... What is the rightful abuse process for a domain used for phishing or scamming? Should a registrar wait for the government to seize the domain before disabling dns? Should the domain owner of a domain used for phishing or scamming be allowed to transfer a domain to another registrar?

Here's an example of a crypto pig butching scam a friend of mine fell victim to. @namesilo took note of the thread, and "took down" the portion of the crime ring that was regged at namesilo. My friend who fell victim filed reports with the IC3 but never heard anything back.

But another example abuse report with a domain thief using a typo domain to steal a domain did not have a happy ending as NameCheap basically refused to do anything about the abuse report.

But dont they have to provide proper evidence for those abusive Domains when shutting down a whole Account? I did a bit of research, and that's at least what common sense is. I think it is also mentioned in

"ICANN - Guidelines and policies related to DNS abuse and the responsibilities of registrars in handling abuse reports"
---
I think there are much "better" registrars out there to do fraudulent activities than fraud, payment processors are robust; people who are doing fraudulent activities prefer other registrars


I ask myself, what this party with CleanDNS is now?
https://cleandns.com/wp-content/uploads/2024/07/CleanDNS-Privacy-Policy-July-2024-1.pdf
Updated exactly at the time when this SAV thing started.
What implications does this (if positive or negative) have with the 30-40k Domain Registrations in statistics? I don't see any correction.
SAV - gives Data to a third party, CleanDNS handles data as both a controller and processor, so according to GDPR, am I allowed to ask for the Data stored about me?
Other than that, they also mention giving this Data to Third parties.


- approx 150 Domains less in your Bucket,

Mustafa