Sav Official Thread

[Nick R]

Hello NamePros community! We are creating a single thread where we can share announcements in, talk about product updates, people can ask questions and host a great discussion on all things domains!

 

[ryan87]

Sorry, this is far too simplistic. Domain abuse can also occur after a hack has occurred. DNS abuse encompasses a wide range of different types of abuse.

Maybe I didn't phrase that correctly. I didn't mean the domains are worthless and they should just delete them and be done with. I meant that after abuse complaints are investigated, and the decision has been made to revoke domains from the current registrant, they should bypass the auction system so there's no benefit to the registrar.

 

[Traderas]

@Nick R

Could you inform us about price changes in other TLDs that will apply since September 1st.
And more specifically, will .pro renewal raise to $19.94?

As I have told you again, informing your customers about price changes, works mostly for your benefit.
Many will renew of buy new domains before prices rise.

Also:

Do you sell .ac domains?
Your live chat says you don't , but I received an .ac domain that I had backordered...
Also .ac doesn't exist in your pricing page.

.me backorders malfunction.
I have domains backordered that they drop, without anyone else catching them.


I have reported these both issues, 5 times each, during the last 2 months.

 

[NameGroove]

10.29

Wow, this is a great price, thank you!

And I also appreciate your answer here https://www.namepros.com/threads/nameservers-changed-issues-on-sav-com.1331172/post-9226642
re how you are planning to deal with issues that may arise within a users portfolio. Obv bad actors need to be dealt with - but it's good to see you contact them first to rectify, and also disable only the bad name (rather than whole portfolios) unless it is clear the whole portfolio is clearly intended for nefarious use. Sometimes we read on Twitter how bad a company is, only to lift up the hood on the issue to discover the companies response was reasonable after all. Of course other times it was walked back but in either event, your responses provide some confidence I won't wake up someday to a fully locked and auctioned account due to one rogue name being UDRPed.

Will your transfer price in Sept (post ICANN increase) also be $10.29? Or?

 

[Future Sensors]

Sometimes we read on Twitter how bad a company is, only to lift up the hood on the issue to discover the companies response was reasonable after all.

True for a lot of customer reviews.

Not so true for the reputation Sav currently still has within the professional organizations that measure and combat abuse on our Internet. Sav.com is scoring extremely bad in lots of these reports, even in 2024. That's data that you can trust and has been objectively measured.

Hopefully this can be changed.

Good luck to Nick and his team, and CleanDNS.

 

[Mister.Domains]

@Nick R

Hello Nick,

Last year, I transferred most of my domains to Sav and considered it one of my top two domain registrars. I’ve never had any issues with Sav, but after seeing what has happened to many users recently, I’m now hesitant. Is it possible that one day I could wake up to find my account deleted, all my domains blocked, and unable to transfer them to another registrar? Could this happen because of an automated tool or signals from a competitor or a client whose offer I refused?

Should I seriously consider transferring all my domains to another registrar? I no longer feel secure with Sav—it feels like our domains could be taken from us at any time.

 

[NameGroove]

True for a lot of customer reviews.

Not so true for the reputation Sav currently still has within the professional organizations that measure and combat abuse on our Internet. Sav.com is scoring extremely bad in lots of these reports, even in 2024. That's data that you can trust and has been objectively measured.

Hopefully this can be changed.

Good luck to Nick and his team, and CleanDNS.

Understood.

From my perspective (which admittedly I have only given cursory thought to), the worst issue would be a fully locked account and auctioning off of all my domains for a single abuse point. I do not phish, do not outbound, etc., so the only way I could see a name being of issue is if I mistakenly registered a trademark. Since I try not to play with any trademarks, if this occurred, it would be a one off. Nick's response at least gives me confidence that Sav would contact me to mitigate first (which I would happily do since I don't intend to register any trademarks). And if I "missed it" or didn't agree - then that name would be closed/taken - leaving the rest of my account open.

The other issue I've read about is names disappearing within the Sav dashboard. This if course is annoying, but it appears the names were not truly lost just not in the dashboard - and could be put back once found. I manually renew all names (no auto renew) so I would catch these all annually at renew (if they occurred within my account).

I don't participate in Sav auctions (so won't run into the problem Tony mentioned, where he won a name and it was taken back 8 mos later). That would be frustrating for sure, but at least seems a different issue than the domainers who just buy and hold at Sav.

While what you're saying may be true, I'm not sure how it affects a domainer who solely keeps names with Sav, doesn't play in the phisihing/trademarked arena, and doesn't participate in their auctions, and keeps a nice xsheet with all their Sav names (in case one goes missing). If you know of other "issues" I've missed where a poorly run registrar could get this sort of domainer into trouble, I'm all ears.

Assuming I've hit all the main points however, $10.29 renewals + AN and Sedo Fast Transfer, make me continue to increase (not decrease) my participation with Sav.

 

[NameGroove]

@Nick R

Hello Nick,

Last year, I transferred most of my domains to Sav and considered it one of my top two domain registrars. I’ve never had any issues with Sav, but after seeing what has happened to many users recently, I’m now hesitant. Is it possible that one day I could wake up to find my account deleted, all my domains blocked, and unable to transfer them to another registrar? Could this happen because of an automated tool or signals from a competitor or a client whose offer I refused?

Should I seriously consider transferring all my domains to another registrar? I no longer feel secure with Sav—it feels like our domains could be taken from us at any time.

This is my primary fear as well (after reading of this occurring to other users). Nick did address it in an other post here https://www.namepros.com/threads/nameservers-changed-issues-on-sav-com.1331172/post-9226642 It would be nice to hear from their CEO Anthos on this issue directly however since its the primary reason we are all concerned. That said, Nicks response did instill some confidence in me that the fully locked accounts were guilty of widespread non-compliance and non-response rather than some wily-nily closure for unknown reasons.

 

[Future Sensors]

While what you're saying may be true, I'm not sure how it affects a domainer who solely keeps names with Sav

I'll explain that further then.

When a registrar has a bad reputation security wise, all domains (good and bad) of their customers can be flagged as "high risk" indirectly, because modern security solutions that companies use to access the Internet decide on all these combined factors whether it's wise to accept email from domains registered at such a registrar, or visiting websites to domains registered at such registrars. Your own domains can be perfectly clean, but indirectly you will be hit with a penalty because of the broader reputation of your registrar. That's why it's important to keep this registrar reputation high, at any time.

I would also like to note that many companies are already filtering out (blocking) websites that are only parked, but that's on another level and not specific to Sav.com. Commercial security solutions have categories for websites that can be blocked, and parked is one of those categories.

 

[NameGroove]

I'll explain that further then.

When a registrar has a bad reputation security wise, all domains (good and bad) of their customers can be flagged as "high risk" indirectly, because modern security solutions that companies use to access the Internet decide on all these combined factors whether it's wise to accept email from domains registered at such a registrar, or visiting websites to domains registered at such registrars. Your own domains can be perfectly clean, but indirectly you will be hit with a penalty because of the broader reputation of your registrar. That's why it's important to keep your reputation high, at any time.

I would also like to note that many companies are already filtering out (blocking) websites that are only parked, but that's on another level and not specific to Sav.com. Commercial security solutions have categories for websites that can be blocked, and parked is one of those categories.

Interesting info.

In my case, I hand reg names - and then list them (via NS) either at Brandbucket, Atom, or Afternic. Are you saying that if a registrar is "flagged" that somehow my names won't resolve or show in SEO as well as those registered with an alternate registrar then? I do not set up emails or websites for any of my domains (at Sav). Just hand regged for the low price(s) and marketed elsewhere using NS to point to the website where I want the marketing.

Am I missing something? Even if Sav is "flagged" I'm unclear how this can affect a domainer who solely uses Sav in the way I describe above. Again, I'm trying to learn (not be argumentative) so if I'm missing something - I'm absolutely open to learning.

EDIT: a new issue which pops in my head would be, if Sav is going down the path you describe, could ICANN shut them down, making my names inaccessible for some time period until they are transferred elsewhere by whatever entity takes ownership. I suppose this is a tiny chance - but, since you're making me think of all risks, it pops up for me

 

[Future Sensors]

Hi @NameGroove

Great question.

This will always be a combination of indicators that together will form a reliability score about whether or not to accept incoming emails, outbound network connections, and whether or not to be able to visit external websites. So, I am not saying that these commercial security solutions will immediately block all Sav.com registered customer domains (that would be to broad), but all these combined indicators will protect companies against attacks and misery from the Internet. This happens at all kinds of levels in different ways, from BGP routing, in DNS, to firewall rules, from IPS rules to AV software and sensors on individual workplace and desktop devices, and many more.

 

[Future Sensors]

The problem is that the information they asked me to verify is NOT correct. At first I was worried my Whois was somehow wrong, but it was not. My address is totally fine on all 100+ names I have at Sav. I manually checked one by one. The same correct address is also on my default Whois at Sav. The one they sent out was almost correct, but somehow half of the Canadian postal code and half of the numeric street address not right. And no, it is not that my address changed, it was never the one they sent out.

Thanks for bringing this to my attention @Bob Hawkes.

In the current discussion, in which CleanDNS has based itself on partially incorrect registrant information from Sav.com, this is just another, additional indication that the administration at Sav really needs to improve.

 

[Future Sensors]

I have asked repeatedly for the one they are asking me to verify to be made the same as the one in the Whois records for my Sav domains, but so far without success. I am uncomfortable saying information that is not correct is correct.

Agree 100%. You should not consent when the data is so obviously incorrect. The proper maintenance of registrant information by the registrar is essential in combating abuse and has legal implications in many areas where ownership is concerned.

 

[Nick R]

@Nick R

Could you inform us about price changes in other TLDs that will apply since September 1st.
And more specifically, will .pro renewal raise to $19.94?

As I have told you again, informing your customers about price changes, works mostly for your benefit.
Many will renew of buy new domains before prices rise.

Also:

Do you sell .ac domains?
Your live chat says you don't , but I received an .ac domain that I had backordered...
Also .ac doesn't exist in your pricing page.

.me backorders malfunction.
I have domains backordered that they drop, without anyone else catching them.


I have reported these both issues, 5 times each, during the last 2 months.

As we support hundreds of TLDs, I am not aware of all of them but I can look up on a TLD by TLD basis. .PRO does not look to be changing on 9/1.

.AC - We only backorder these at this time.

.ME - What are a few domains?

 

[Nick R]

Wow, this is a great price, thank you!

And I also appreciate your answer here https://www.namepros.com/threads/nameservers-changed-issues-on-sav-com.1331172/post-9226642
re how you are planning to deal with issues that may arise within a users portfolio. Obv bad actors need to be dealt with - but it's good to see you contact them first to rectify, and also disable only the bad name (rather than whole portfolios) unless it is clear the whole portfolio is clearly intended for nefarious use. Sometimes we read on Twitter how bad a company is, only to lift up the hood on the issue to discover the companies response was reasonable after all. Of course other times it was walked back but in either event, your responses provide some confidence I won't wake up someday to a fully locked and auctioned account due to one rogue name being UDRPed.

Will your transfer price in Sept (post ICANN increase) also be $10.29? Or?

.COM Transfer will be $9.99. I appreciate your comments on abuse as well.

 

[Nick R]

@Nick R

Hello Nick,

Last year, I transferred most of my domains to Sav and considered it one of my top two domain registrars. I’ve never had any issues with Sav, but after seeing what has happened to many users recently, I’m now hesitant. Is it possible that one day I could wake up to find my account deleted, all my domains blocked, and unable to transfer them to another registrar? Could this happen because of an automated tool or signals from a competitor or a client whose offer I refused?

Should I seriously consider transferring all my domains to another registrar? I no longer feel secure with Sav—it feels like our domains could be taken from us at any time.

Please see my past comments in the Nameserver thread about emails sent to the registrant first.

 

[Nick R]

I'll explain that further then.

When a registrar has a bad reputation security wise, all domains (good and bad) of their customers can be flagged as "high risk" indirectly, because modern security solutions that companies use to access the Internet decide on all these combined factors whether it's wise to accept email from domains registered at such a registrar, or visiting websites to domains registered at such registrars. Your own domains can be perfectly clean, but indirectly you will be hit with a penalty because of the broader reputation of your registrar. That's why it's important to keep this registrar reputation high, at any time.

I would also like to note that many companies are already filtering out (blocking) websites that are only parked, but that's on another level and not specific to Sav.com. Commercial security solutions have categories for websites that can be blocked, and parked is one of those categories.

I'm not aware of how someone could be indirectly flagged for abuse. Have a specific example?

 

[Future Sensors]

I'm not aware of how someone could be indirectly flagged for abuse. Have a specific example?

Sure, @Nick R.

Here's just one example, where "registrar reputation" is used as one of the indicators in a commercial security solution. Not all solutions and methods are documented for the public like this, as you will hopefully understand.

In the core it's about combining all these small reputation indicators, of which "registrar" appears to be one important indicator in the case of Sav.com.

As I said earlier, organizations tasked with combating DNS Abuse consider registrar Sav.com as a "high risk" registrar. You need to improve this reputation for your registrant customers, and for the health of the Internet ecosystem in a broader sense. For more information, I would recommend you contact your partner CleanDNS, as they (should) know all this already.

https://unit42.paloaltonetworks.com/proactive-detector/

"To detect potentially abused domains as quickly as possible and protect our customers, we developed a proactive system for Palo Alto Networks DNS Security to identify malicious domains at the time of registration based on their registration records. Our method leverages predictive indicators from WHOIS records that can expose abused network hotspots (e.g., registrars, name servers) and abnormal registration behaviors (e.g., bulk domain registration)."

[..]

Based on the data available to us and our prior knowledge of network abuse, we leverage three groups of predictive indicators. The largest group of predictive indicators is the comprehensive reputation score of WHOIS records. Each domain's WHOIS record includes domain owners, registrars and name servers. Combined with the knowledge we accumulated during our continuous threat hunting, we can identify cybercriminal hotspots in the WHOIS dataset. To extract these indicators, we built a reputation system analyzing each field in WHOIS records. Then, the proactive detector calculates the reputation score of each NRD to quantify its similarity to confirmed malicious domains.

[..]

Attackers favor some service providers, including specific registrars and name servers, due to low cost and loose censorship. Therefore, particular service combinations could be indicators for potential malicious activities. For example, we observed a large cluster of malicious domains using the same services.

[..]

Using other publicly available information, the historical malicious rate of its registrant state, “Moskow,” is 74%, and that of its registrar is 44%.

[..]

Our pipeline groups NRDs with identical registrant, registrar and NS information into the same cluster.

[etc]

 

[ggg777]

So, now, after that sav re-enabled my account last week, i still cannot transfer my domains or change DNS.
My company's website has been down for 2 weeks, emails are also down.
Sav is barely answering my emails with instructions on how to change the nameservers, but the issue is that the name servers are not changing.
Also, domain status shows unlocked, but while i try to transfer to another registrar like spaceship or dynadot, i doesn't work. It shows that the domain name is still locked with the initial registrar.

Having all in place, from emails and communications with SAV, I will take legal action asap.

This is too much damage and irresponsibility from SAV to people who have businesses
This is the price we pay for cheap...

 

[alcy]

So, now, after that sav re-enabled my account last week, i still cannot transfer my domains or change DNS.
My company's website has been down for 2 weeks, emails are also down.
Sav is barely answering my emails with instructions on how to change the nameservers, but the issue is that the name servers are not changing.
Also, domain status shows unlocked, but while i try to transfer to another registrar like spaceship or dynadot, i doesn't work. It shows that the domain name is still locked with the initial registrar.

Having all in place, from emails and communications with SAV, I will take legal action asap.

This is too much damage and irresponsibility from SAV to people who have businesses
This is the price we pay for cheap...

how u change dns? bulk? what does status say in whois?
dont email em.. use chat

 

[ggg777]

Bro, chat says email safety+abuse blabla and they will answer in 3 business days.
No i tried to change individually.
Unlocked also doesn't transfer to another registrar.
Nothing made in bulk

Guys if you have any company of more than 1 employee, DO NOT USE SAV as a registrar.

What a way of having a high-traffic website down for more than 2 weeks now, and then wait for 3 business days for their Safety+abuse BS team to reply to you with instructions on how to change the name servers as if you were a kid. And then changing the name servers 5 times doesn't work.
You explain that to them, and wait for 3 business days, to get the same answer.

WOW
WOW
What a superior support team