Even the words “domain reputation” are likely to make most people outside of the IT industry roll their eyes in boredom. But, if you have a non-freemail email address, or run a small (or large) website, there are some fundamentals relating to domain reputation you need to know about, otherwise you may run into trouble.

The role of domains

Stripping the internet back, all devices communicate using IP addresses – long strings of mostly numbers. Since these strings are hard to remember, humans tend to use words or names instead. These names are translated to IP numbers using the Domain Name System (DNS). Think of this as the phone book for the internet. By using a domain name, you establish your own entry in this global ‘phone book’.

So whether you want to access a website, send an email, connect with your work’s Virtual Private Network (VPN) – it almost all relates back domain names. Understanding what domains are good and bad is mission critical for keeping the internet as safe as possible.

What is domain reputation?

Stating the obvious – it’s the reputation of a domain. Fundamentally, reputation is a great indicator as to if, when, and how we engage with a domain.

It’s not as simple as ‘good’ and ‘bad’ though. Much like in the real world, domain reputation is far from binary. There are the good ones, the downright bad ones, and the somewhere-in-the-middle ones… So, domain reputation is not that different from a credit score.  And just as a credit score requires active maintenance, so does domain reputation.

While intentions can – and should – be good, actions speak louder than words. Good reputation comes with good action, following best practices, and being vigilant of potential routes to compromise.

What impacts a domain’s reputation?

Any activity you can think of that relates to a domain, be that: how quickly a domain is used after being registered, the network it’s hosted on, email being sent from it, hosted links… you get the picture. All these activities leave an online fingerprint.

It’s that fingerprint that researchers like Spamhaus use to determine how safe a domain is to engage with. All data points assessed are provided in a trusted and secure way, without Personally Identifiable Information (PII) being shared. You can read more here.

How does domain reputation impact you?

Yes, you may be able to spot phishy domains online, via email or SMS, but domain reputation data is a critical layer of intelligence being used to keep you from harm, probably without your knowledge.

How?

This wealth of information is typically assessed for security, fraud, and/or vetting purposes. Blocking connections to malicious sites, monitoring and blocking malicious email, informing threat intelligence investigations and security operations… the list goes on.

So in almost every online transaction you make, domain reputation data is being utilized – mostly indirectly and usually unbeknown to you. Behind the scenes, it is used by Internet Service Providers, Email Service Providers, enterprises, threat intelligence service providers, and more to keep users safe.

Remember then, domain reputation influences a significant proportion of the online ecosphere; you just don’t see most of it. So, if you own a domain, you must actively adhere to best practices and consistently monitor your reputation.

What happens if your domain reputation is deemed bad?

The most common examples of how you could be impacted if your domain reputation is deemed bad or poor are:

1.       Website: connections could be blocked to your site if you are hosting malicious content (whether you’re intentionally hosting it or not), search engine indexing can be penalized, and messages containing your website’s URL may be throttled or flagged.

2. Email: at best, your messages could end up in the recipient’s junk folder rather than in their inbox. At worst, your emails get blocked, including transactional service emails such as order confirmations.

So how do you maintain your domain reputation?

We said it before but will say it again – good intentions are not enough; good action is what matters, or you risk the above. So, here are some best practices to help you avoid the negative impact of a bad reputation:

1.      Strong login/password – if you control your domain name, ensure it stays that way. Have a strong and unique login/password combination for domain name management and add 2FA onto that. Many other services you might use depend on email or other verification methods usually tied to your domain name. A compromise or takeover of a domain name exposes everything tied to that.

2.     Ensure your network neighborhood is sound – hosting your domain name on a questionable network may reflect poorly on its reputation. Just as a business contributes to the character of a neighborhood, the neighborhood’s character also reflects on the business. Remember that domains work in the same way!

3.     Domain name ownership – anonymity does not contribute to good reputation. If a company/business owns a domain name, make sure it is visible in registration data. Even though a business name is not PII, many registrars will still filter it.

4.     Less is more – regarding the number of domain names you use. When buying additional domain names, always ask yourself if using a subdomain of your primary domain name is better. Often it is. If you really need different domain names, ensure they can be easily tied to the primary domain name. Always consider the reputational impact of a new domain name on email, SEO, and customer/audience expectations. A new domain that looks too much like your existing domain may be reported as phishing!

5.     Domain age – As most legitimate domain names have now been around for a long time, anything that is new is almost always at least treated with suspicion. Be sure you understand the implications of having a new domain name, and how associated activities impact reputation – like a website, an email campaign or entering a new market or geography.

6.     Domain history – be aware that if a domain has been used previously and was associated with spamming or other malicious activity, this will affect the domain’s reputation.

Keeping on top of your domain reputation

Today, websites and email are critical for many business operations. So to maintain business as usual, it will serve you well to actively assess your domain reputation.

Use multiple resources to monitor your reputation, eliminate issues as soon as you detect them, and put measures in place so these issues don’t arise again.

Spamhaus is the trusted authority in this space and runs a free tool, the IP and Domain Reputation checker (https://check.spamhaus.org/). If no listings are shown, great! But you can’t declare victory and go home; make sure best practices are in place, keep on top of vulnerabilities and be proactive in managing them.

Spamhaus Intelligence API (SIA)

Spamhaus Intelligence API (SIA) contains context-rich metadata relating to IP and domain reputation. Integrate this data with your applications to enhance existing data feeds, or consume as an independent data source.

In this easy-to-consume format, SIA can be used for threat detection and investigation, risk scoring, customer vetting, validation and much more.

  • Save valuable time investigating and reporting
  • Simple and quick to access
  • Data you can trust in

Data Query Service (DQS)

Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.

Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.

The service has never failed and utilizes the longest established DNSBLs in the industry.

  • Proactive & preventative
  • Save on email infrastructure & management costs
  • Actionable

DNS Firewall Threat Feeds

Applied at the DNS level of your infrastructure, these threat feeds automatically stop users from accessing malicious sites including phishing and malware dropper websites.

These threat feeds can be integrated with existing recursive DNS servers, or for those who don’t manage their own DNS, we have a managed service available.

  • Reduce IT costs
  • Set and forget
  • Save money on risk insurance

Resources

When it comes to your web domains, put the controls back in your hands

29 March 2023

Blog

Choosing a domain name registrar may seem simple, but considering security risks in the domain and DNS ecosystem is crucial. In this blog post, Vincent D'Angelo, Global Director at CSC, shares insight into the role of domain registrars in domain ecosystem security and reputation.

Understanding top-level domain (TLD) abuse helps illuminate and predict domain threat trends

23 March 2023

Blog

The Domain Name System (DNS) is the backbone of the internet, enabling agile communication between internet entities. This blog post will focus on top-level domains (TLD), and how they can impact the security landscape.

Best practice for owners of a newly registered domain: PART 3

11 March 2023

Best practice

Nurture your new domain and successfully build its reputation to ensure it’s an asset for the long term, not just the next 10 minutes. Learn how in this best practice.