Good Morning All,
I want to cover a few things in this post:
Sav & CleanDNS
Sav and many other domain-related companies work with
@CleanDNS to help prevent abuse on the Internet. The data available to any single registrar or registry is very limited to just our domains which means malicious actors can just jump from one place to another after getting caught and start the abuse over again.
@CleanDNS can bring its holistic view and expertise and more easily detect the same malicious actor as they move around the internet and, help prevent innocent users from being victimized much faster than if any one registrar or registry was working alone. Since Sav does not currently provide hosting and our DNS is powered by Cloudflare, data used to verify abuse complaints all comes from sources external to Sav. The only data shared between Sav and Clean DNS is basic registrant data and links between domains and registrants. You can review our data privacy policy which includes EU and Business Function Outsourcing provisions here:
https://www.sav.com/terms/privacy
Our Obligation to Prevent Abuse
Every registrar is required by ICANN to investigate abuse complaints and take action per section 3.18 of our ICANN Registrar agreement (
https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en) Earlier this year, ICANN expanded our obligations to define abuse and the actions that we must take (
https://www.icann.org/resources/pages/advisory-compliance-dns-abuse-obligations-raa-ra-2024-02-05-en). If anyone is interested in some light reading, see the "Section 3.18 of the RAA" and "After Actionable Evidence, Prompt Action Is Required" sections specifically.
Sav & CleanDNS does not and, will not shut down an entire account for a single abuse complaint. A single spam complaint from a big-name blocklist is not weighted. However, a spam complaint compounded by multiple related abuse are. The accounts we shut down are filled with numerous verified complaints of spreading malware, phishing, pharming, and botnets. When we start to see this, we also reach out to the registrant multiple times to help them correct the issue in the case of a compromised domain. However, registrants do not usually respond or will correct the issue on one domain and start the abuse on another domain days later.
While these registrant conversations are usually private, when we have registrants posting in NamePros that their account was shut down for no reason, we are going to respond publicly both to eliminate misinformation and alert other NP users of someone that they may want to be cautious of. You can see an example of that here
https://www.namepros.com/threads/nameservers-changed-issues-on-sav-com.1331172/page-16#post-9224990
Since this post was flagged for moderation before being published, I think most users missed it.
Our Future Participation in NamePros
We are happy to participate in threads that have a clear focus on a Sav-related issue and stay on topic. However, should they be disrespectful, speculative or go wildly off track (like into a company's job postings), will pause our participation and refer people to our very-capable 24/7 support team. That was the case in the past but we are happy to try again. We are not always able to keep up with a forum thread that has 30 posts a day so should we have missed anything specific, and I’m sure we did, please DM me or
@CleanDNS directly.
Bug Bounty Program
Members of NamePros have been an amazing source of bug reports in the past and will continue to be so in the future. Some of our top customers are also NamePros users and know our site better than we do at times. Should you encounter a bug that is a security P1 – P3 risk, Sav would love to offer you a reward for reporting it to us. Please follow the details of the program exactly or we may not receive your report (for example, if the subject is not in the correct format). You can view the details here:
https://help.sav.com/hc/en-us/articles/26129438833819-Bug-Bounty-Program
Our Communication Policy Moving Forward
I would like to personally apologize for our lack of communication with registrants who were suspended. While we all want the Internet to be as safe as possible, we should have given multiple warnings to registrants that we are about to move from a domain-level suspension to an account-level if the abuse continues. We do stand by or decision, but could have gone about it better. We appreciate everyone’s feedback and are working on new communication policies as we speak.
let’s just adjust our detection system a bit to prove that we are capable to find the real fraudulent domains!
