The DNS Abuse Institute (DNSAI) is currently developing a Centralized Abuse Reporting Tool (CART). This tool is intended to provide a single platform to report DNS Abuse by outlining the evidence requirements for each abuse type, properly formatting and enriching the request details provided, and then forwarding it to the appropriate registry or registrar. The goal is to standardize reliable processes to improve both the act of reporting abuse and the abuse reports that registrars and registries receive.
As part of it’s requirements gathering, the DNSAI researched the reporting processes of the largest registries and registrars in order to better understand how they accept reports of abuse. Publicly available information from registry and registrar websites was collected to obtain data on their abuse reporting implementations and processes. In an attempt to mimic the experience of an abuse reporter without prior knowledge of the registry or registrar, the search for information always started on each registrar or registry homepage, followed by more extensive site navigation when required, or a separate google search if insufficient information was found on the website.
Note that the data only reflects the information found at the time of searching and not necessarily what may currently exist. Factors such as language and large or complex websites may have effectively hidden some of the information sought, but in this case it could also be reasonably assumed that abuse reporters would be similarly impacted.
It should also be noted that this work was not intended as an audit, and was not conducted with an eye towards any applicable ICANN contractual obligations. Further, a substantial amount of the information we were looking for goes above and beyond what ICANN accredited registrars and registries are required to do. The data includes results from ccTLDs that are entirely outside of the ICANN contractual regime.
Research was conducted on the top 50 registrars by the number of registered domains, comprising over a quarter of all registered domains, and a significant majority of gTLD domains.
Research was also conducted on the 32 registries that operate the 15 largest TLDs by names under management as well as the 30 largest gTLDs by names under management. This represents a majority of all domains.
Remember, these results were gathered by beginning to search through the relevant registrar or registry sites and expanding from there, so it is possible that additional resources exist but were not found after reasonable diligence. That said, if we were unable to locate the resource after reasonable diligence, it is likely an abuse reporter would have the same experience.
The data collected from registrar and registry websites indicated the following:
|Information available on abuse reporting||% of Registrars||% of Registries|
|Dedicated abuse reporting page||78%||47%|
|Link to abuse reporting page from their homepage||46%||34%|
|Required search beyond the homepage or a separate google search to find the abuse reporting page||32%||12%|
|No abuse reporting page located||22%||53%|
|Abuse contact email||74%||56%|
|Abuse email contact was not listed on the abuse reporting page, but found via the contacts page, site search, or google search||20%||19%|
|Webform for abuse reports||54%||25%|
|Only webform is available (no email, etc)||14%||6%|
|Webform has a single set of response fields for all abuse types||22%||19%|
|Abuse contact mailing address||4%||22%|
|Abuse contact telephone number||16%||12%|
|No abuse contact||10%||34%|
|Specification of abuse types||64%||25%|
|Evidence requirements for each abuse type stipulated||40%||9%|
|Separate processes for law enforcement and the use of court orders/subpoenas||22%||3%|