Sav Official Thread

[Nick R]

Hello NamePros community! We are creating a single thread where we can share announcements in, talk about product updates, people can ask questions and host a great discussion on all things domains!

 

[ggg777]

To add,

Now we cannot get emails from banks, from any service that we registered to using our domain emails, we cannot receive any password reset emails, clients' emails, etc.

You won't feel the frustration until it happens to you, but this is extreme. This is beyond irresponsibility... This is not even a registrar.
I don't what sav is. And i used to recommend them on twitter, lol. I feel stupid now.

 

[Blueleaf66]

I was double charged for the same bid on one of the domains. Ticket: 348348. Doesn't look like anyone's trying to solve this.

 

[ggg777]

Update: Sav still doesn't care about anything. I'm happy my other e-commerce domain names are on another registrar. Or I would have closed my businesses...

 

[Nick R]

Sure, @Nick R.

Here's just one example, where "registrar reputation" is used as one of the indicators in a commercial security solution. Not all solutions and methods are documented for the public like this, as you will hopefully understand.

In the core it's about combining all these small reputation indicators, of which "registrar" appears to be one important indicator in the case of Sav.com.

As I said earlier, organizations tasked with combating DNS Abuse consider registrar Sav.com as a "high risk" registrar. You need to improve this reputation for your registrant customers, and for the health of the Internet ecosystem in a broader sense. For more information, I would recommend you contact your partner CleanDNS, as they (should) know all this already.

https://unit42.paloaltonetworks.com/proactive-detector/

"To detect potentially abused domains as quickly as possible and protect our customers, we developed a proactive system for Palo Alto Networks DNS Security to identify malicious domains at the time of registration based on their registration records. Our method leverages predictive indicators from WHOIS records that can expose abused network hotspots (e.g., registrars, name servers) and abnormal registration behaviors (e.g., bulk domain registration)."

[..]

Based on the data available to us and our prior knowledge of network abuse, we leverage three groups of predictive indicators. The largest group of predictive indicators is the comprehensive reputation score of WHOIS records. Each domain's WHOIS record includes domain owners, registrars and name servers. Combined with the knowledge we accumulated during our continuous threat hunting, we can identify cybercriminal hotspots in the WHOIS dataset. To extract these indicators, we built a reputation system analyzing each field in WHOIS records. Then, the proactive detector calculates the reputation score of each NRD to quantify its similarity to confirmed malicious domains.

[..]

Attackers favor some service providers, including specific registrars and name servers, due to low cost and loose censorship. Therefore, particular service combinations could be indicators for potential malicious activities. For example, we observed a large cluster of malicious domains using the same services.

[..]

Using other publicly available information, the historical malicious rate of its registrant state, “Moskow,” is 74%, and that of its registrar is 44%.

[..]

Our pipeline groups NRDs with identical registrant, registrar and NS information into the same cluster.

[etc]

Ah, you are referring to a registrar's "reputation score", or something like that. We hope that disabling the portfolios of abusive domains should only help with this.

 

[Nick R]

So, now, after that sav re-enabled my account last week, i still cannot transfer my domains or change DNS.
My company's website has been down for 2 weeks, emails are also down.
Sav is barely answering my emails with instructions on how to change the nameservers, but the issue is that the name servers are not changing.
Also, domain status shows unlocked, but while i try to transfer to another registrar like spaceship or dynadot, i doesn't work. It shows that the domain name is still locked with the initial registrar.

Having all in place, from emails and communications with SAV, I will take legal action asap.

This is too much damage and irresponsibility from SAV to people who have businesses
This is the price we pay for cheap...

I am happy to help. What is your email address and a few domain names and a few domains that were re-enabled?

 

[Future Sensors]

or something like that

Really Nick, you should know more about how this works.

 

[Nick R]

Really Nick, you should know more about how this works.

Different providers call it different things so I was trying to refer to it in a general way. This is also why we work with @CleanDNS, which is way more knowledgeable than I am regarding DNS abuse.

 

[Future Sensors]

Different providers call it different things so I was trying to refer to it in a general way.

Hope my explanation helped.

 

[Future Sensors]

This is also why we work with @CleanDNS, which is way more knowledgeable than I am regarding DNS abuse.

I see that you've later edited your post to include this sentence.

What you are now saying is not positive for CleanDNS, because it is precisely a company like CleanDNS that should have actively informed and protected you against this. This affects the core of your business: your reputation and that of the registrants. Not only a technical reputation score, but also brand reputation. How long has CleanDNS been handling abuse for Sav now, 3 years already?

 

[pb]

sav seems to be tripping over its own shoelaces...

on 2024-08-12 05:02 (UTC) I got mail:
"The following backorder requests from your account will be attempted on 08/12/2024"
(domain name etc.)
"If you wish to modify the list of domains being attempted, please login to your account before 11:00pm 08/11/2024."

It's moronic to ask me to remove the backorder in the past but never mind that, as I was still interested in this domain (added it a year or two ago). I actually read this e-mail a couple days later and assumed the domain wasn't caught, because I didn't get any follow-up. But lo and behold, the domain is registered at sav on 2024-08-13 (sic!) and pointing to dan.com nameservers. Given that the mail was sent from [email protected], I hit Reply and asked them what gives. The answer was instant: "Thank you for reaching out to Sav Customer Support. To provide faster resolution to support inquiries and improve our security, we are ONLY ACCEPTING NEW TICKETS VIA OUR HELP CENTER. To submit a ticket please visit login to your Sav account and start a live chat or visit https://help.sav.com/".

Wow, such a professional and friendly approach to the customer.
Yeah, I know it's nothing new, just wanted to reiterate. A couple years ago I was willing to accept sav's shortcomings as growing pains but it seems to have stopped growing while the pains still last...

 

[Future Sensors]

It's moronic to ask me to remove the backorder in the past

Thanks for informing us @pb

I'll tag @Nick R, so he can fix this right away, like he did recently with the other glitch.

 

[Blueleaf66]

I was double charged for the same bid on one of the domains. Ticket: 348348. Doesn't look like anyone's trying to solve this.

@Nick R Can you please look into it, it's taking way too long...

 

[Nick R]

sav seems to be tripping over its own shoelaces...

on 2024-08-12 05:02 (UTC) I got mail:
"The following backorder requests from your account will be attempted on 08/12/2024"
(domain name etc.)
"If you wish to modify the list of domains being attempted, please login to your account before 11:00pm 08/11/2024."

It's moronic to ask me to remove the backorder in the past but never mind that, as I was still interested in this domain (added it a year or two ago). I actually read this e-mail a couple days later and assumed the domain wasn't caught, because I didn't get any follow-up. But lo and behold, the domain is registered at sav on 2024-08-13 (sic!) and pointing to dan.com nameservers. Given that the mail was sent from [email protected], I hit Reply and asked them what gives. The answer was instant: "Thank you for reaching out to Sav Customer Support. To provide faster resolution to support inquiries and improve our security, we are ONLY ACCEPTING NEW TICKETS VIA OUR HELP CENTER. To submit a ticket please visit login to your Sav account and start a live chat or visit https://help.sav.com/".

Wow, such a professional and friendly approach to the customer.
Yeah, I know it's nothing new, just wanted to reiterate. A couple years ago I was willing to accept sav's shortcomings as growing pains but it seems to have stopped growing while the pains still last...

What is your email address and what is the domain name? I would be happy to take a look.

 

[Nick R]

@Nick R Can you please look into it, it's taking way too long...

I apologize, I missed your earlier message in the thread. This why I always prefer a DM so I can track these on a conversation basis. DM me your email and the domain name in question so I can verify your identity. Ill take a look in the meantime.

 

[Blueleaf66]

I apologize, I missed your earlier message in the thread. This why I always prefer a DM so I can track these on a conversation basis. DM me your email and the domain name in question so I can verify your identity. Ill take a look in the meantime.

Thank you. I actually received the money just a few mins ago! It finally got sorted.

 

[alcy]

I apologize, I missed your earlier message in the thread. This why I always prefer a DM so I can track these on a conversation basis. DM me your email and the domain name in question so I can verify your identity. Ill take a look in the meantime.

hey nick. plz do something about min 60 day to expiry needed to start auction. dyna has min 15 days. your seriously not generous there.

 

[Nick R]

hey nick. plz do something about min 60 day to expiry needed to start auction. dyna has min 15 days. your seriously not generous there.

This policy is from a buyer's standpoint. We used to allow domains closer to expiration to be auctioned off but had multiple complaints from buyers winning a domain just, to have it expire a week later. From their standpoint, that isn't a great experience so we put the 60-day policy in.

 

[alcy]

This policy is from a buyer's standpoint. We used to allow domains closer to expiration to be auctioned off but had multiple complaints from buyers winning a domain just, to have it expire a week later. From their standpoint, that isn't a great experience so we put the 60-day policy in.

well ok but but now it isn't a great experience for sellers. let's make a deal in middle. 30 days ok?

 

[Nick R]

well ok but but now it isn't a great experience for sellers. let's make a deal in middle. 30 days ok?

I appreciate your offer but are going to stick with 60 days. Ultimately, happier buyers result in more bids, which result in higher selling prices and larger profits for the sellers!

 

[alcy]

I appreciate your offer but are going to stick with 60 days. Ultimately, happier buyers result in more bids, which result in higher selling prices and larger profits for the sellers!

are seeriosly telling there are buyers who will bid on such 60day left auction and not want to renew the name? nick u should be including a renewal fee right off the bat aftrt auction ends... good for u too as u have a name for another year. then reducing 60days will be no issue. u already include this renew fee anyway for all expired auction wins right?