A beginner’s guide to domain reputation – what is it?

The role of domains

Stripping the internet back, all devices communicate using IP addresses – long strings of mostly numbers. Since these strings are hard to remember, humans tend to use words or names instead. These names are translated to IP numbers using the Domain Name System (DNS). Think of this as the phone book for the internet. By using a domain name, you establish your own entry in this global ‘phone book’.

So whether you want to access a website, send an email, connect with your work’s Virtual Private Network (VPN) – it almost all relates back domain names. Understanding what domains are good and bad is mission critical for keeping the internet as safe as possible.

What is domain reputation?

Stating the obvious – it’s the reputation of a domain. Fundamentally, reputation is a great indicator as to if, when, and how we engage with a domain.

It’s not as simple as ‘good’ and ‘bad’ though. Much like in the real world, domain reputation is far from binary. There are the good ones, the downright bad ones, and the somewhere-in-the-middle ones… So, domain reputation is not that different from a credit score.  And just as a credit score requires active maintenance, so does domain reputation.

While intentions can – and should – be good, actions speak louder than words. Good reputation comes with good action, following best practices, and being vigilant of potential routes to compromise.

What impacts a domain’s reputation?

Any activity you can think of that relates to a domain, be that: how quickly a domain is used after being registered, the network it’s hosted on, email being sent from it, hosted links… you get the picture. All these activities leave an online fingerprint.

It’s that fingerprint that researchers like Spamhaus use to determine how safe a domain is to engage with. All data points assessed are provided in a trusted and secure way, without Personally Identifiable Information (PII) being shared. You can read more here.

How does domain reputation impact you?

Yes, you may be able to spot phishy domains online, via email or SMS, but domain reputation data is a critical layer of intelligence being used to keep you from harm, probably without your knowledge.

How?

This wealth of information is typically assessed for security, fraud, and/or vetting purposes. Blocking connections to malicious sites, monitoring and blocking malicious email, informing threat intelligence investigations and security operations… the list goes on.

So in almost every online transaction you make, domain reputation data is being utilized – mostly indirectly and usually unbeknown to you. Behind the scenes, it is used by Internet Service Providers, Email Service Providers, enterprises, threat intelligence service providers, and more to keep users safe.

Remember then, domain reputation influences a significant proportion of the online ecosphere; you just don’t see most of it. So, if you own a domain, you must actively adhere to best practices and consistently monitor your reputation.

What happens if your domain reputation is deemed bad?

The most common examples of how you could be impacted if your domain reputation is deemed bad or poor are:

1.       Website: connections could be blocked to your site if you are hosting malicious content (whether you’re intentionally hosting it or not), search engine indexing can be penalized, and messages containing your website’s URL may be throttled or flagged.

2. Email: at best, your messages could end up in the recipient’s junk folder rather than in their inbox. At worst, your emails get blocked, including transactional service emails such as order confirmations.

So how do you maintain your domain reputation?

We said it before but will say it again – good intentions are not enough; good action is what matters, or you risk the above. So, here are some best practices to help you avoid the negative impact of a bad reputation:

1.      Strong login/password – if you control your domain name, ensure it stays that way. Have a strong and unique login/password combination for domain name management and add 2FA onto that. Many other services you might use depend on email or other verification methods usually tied to your domain name. A compromise or takeover of a domain name exposes everything tied to that.

2.     Ensure your network neighborhood is sound – hosting your domain name on a questionable network may reflect poorly on its reputation. Just as a business contributes to the character of a neighborhood, the neighborhood’s character also reflects on the business. Remember that domains work in the same way!

3.     Domain name ownership – anonymity does not contribute to good reputation. If a company/business owns a domain name, make sure it is visible in registration data. Even though a business name is not PII, many registrars will still filter it.

4.     Less is more – regarding the number of domain names you use. When buying additional domain names, always ask yourself if using a subdomain of your primary domain name is better. Often it is. If you really need different domain names, ensure they can be easily tied to the primary domain name. Always consider the reputational impact of a new domain name on email, SEO, and customer/audience expectations. A new domain that looks too much like your existing domain may be reported as phishing!

5.     Domain age – As most legitimate domain names have now been around for a long time, anything that is new is almost always at least treated with suspicion. Be sure you understand the implications of having a new domain name, and how associated activities impact reputation – like a website, an email campaign or entering a new market or geography.

6.     Domain history – be aware that if a domain has been used previously and was associated with spamming or other malicious activity, this will affect the domain’s reputation.

Keeping on top of your domain reputation

Today, websites and email are critical for many business operations. So to maintain business as usual, it will serve you well to actively assess your domain reputation.

Use multiple resources to monitor your reputation, eliminate issues as soon as you detect them, and put measures in place so these issues don’t arise again.

Spamhaus is the trusted authority in this space and runs a free tool, the IP and Domain Reputation checker (https://check.spamhaus.org/). If no listings are shown, great! But you can’t declare victory and go home; make sure best practices are in place, keep on top of vulnerabilities and be proactive in managing them.