There are many products and services on the market that make it incredibly easy to buy a new domain name and set up a website and custom email address for business or personal use. However, we don’t see many easy-to-reference resources helping you understand the proper processes and procedures when sending email using a newly acquired domain name. So here are some key considerations from the XYZ team:  

The enigma of email deliverability

Email deliverability is a complex subject, and it can be difficult – even for professionals – to diagnose an issue. Spamhaus has even listed Change.org, an organization that sends billions of emails a month. No one is bulletproof. If you don’t follow best practices for sending, you will run into trouble.

A word from SpamhausIn the case of Change.org, they looked at the listing as an opportunity to review their sending process and procedures. On discussing email reputation, Alice Cornell, Directory of Deliverability at Change.org, said, “Building your email reputation is just as important as building your brand reputation. We spend a lot of money on our brand reputation,” and she questioned, “Why would we not take that same amount of care with our domains and our IPs?”

Reality vs. Myth

There is a lot of misinformation about the cause of deliverability issues – including confusion around using new domain endings. The reality is that spam filters are highly-tuned to identify unwanted email – and it isn’t related to your domain ending (otherwise known as a top-level domain.) However, it is related to your email reputation.

A freshly registered domain means handling email with care

Another word from Spamhaus… The reason for this is that the expected behavior of a legitimate new domain owner isn’t to send out bulk email having just registered it. Conversely, cybercriminals “burn” through domains. They register a domain (in any TLD), immediately use it, and as soon as it’s listed or flagged as malicious, it’s cast aside. Spamhaus has a whole blocklist dedicated to domains listed within the past 24 hours.

One thing many people do not know is that for the first 30 days after initial registration, most spam protection companies will flag a newly registered domain (in any TLD). The flag simply means the domain is under heightened scrutiny, and it is watched for spammy activities, which include immediately sending mass emails.

Prepare your domain

During these early days after registration, it is ill-advised to send marketing emails that could be interpreted as spam. For this reason, it can be a good idea to register a domain while in the planning stages of your business. In fact, affordable domain pricing can enable anyone to register multiple ideas while they are still in the process of finalizing their decision.

Once a business plan has been finalized, the domain’s age(s) will have surpassed the watchlist period. The domain owner should be “warming up” the email domain by regularly sending small amounts of emails to people who expect to be emailed. It is imperative not to start sending unexpected messages in bulk or other harmful things that spammers do.

With email best practices in mind, it’s important to understand what constitutes spam. Essentially, spam pertains to all email that is sent without the recipient’s permission or consent.

Spamhaus features a comprehensive set of articles on best emailing practices and “how not to do what spammers do.” This includes taking necessary precautions such as:

  • Authenticating email with SPF, DKIM, and DMARC records.
  • Not bulk-sending email within a short period of time with a newly created email address and/or domain.
  • Ensuring you have provided an obvious way for customers to unsubscribe.
  • Having good data hygiene and keeping your mailing lists are clean.

Websites can build trust

Another tip to improve your online presence, which can help your email deliverability, is to make sure to set up your website early and provide an accessible method to contact you. It can even help to have a simple landing page and internal email before your entire website or business is ready to launch.

Be sure to interact with your community and be mindful of your brand quality and web presence. These practices are vital components in setting yourself apart from spammers and developing a good reputation for your domain name.

XYZ’s approach to abused domains

XYZ takes abuse very seriously and has a stringent anti-abuse policy. Not only do our abuse efforts help make the internet a safer place, but they also protect the reputation of our end users. We partner with various cybersecurity partners such as Spamhaus to help us confirm abusive domains. Each flagged domain is scanned by our internal tool and checked against our sophisticated software for evidence of abuse. Once a flagged domain is confirmed by our Anti-Abuse Team to be abusive, it is then immediately suspended, and the registrar is notified.

What to do if your domain is listed or flagged

If a domain owner believes Spamhaus has wrongly listed their domain, they can use the IP & Domain Reputation Checker for more information on the listing and as a means to contact Spamhaus for removal. If they believe their domain has been wrongly suspended by the XYZ Anti-Abuse Team, they can request an unsuspension review at gen.xyz/unsuspend.

We all have a role in fighting abuse

It’s our belief that we all need to work together to end online abusive practices while championing growth and innovation. Cybersecurity companies do their best to detect abuse in their areas of expertise. Junk mail filters are responsible for detecting and filtering out content that is detected as spam.

Each of these measures can accomplish even more by reporting abuse to registrars, hosting companies, and registries, the organizations that have the means and the policies to take the abuse offline. XYZ gains no revenue in taking action. We do so because it is the right thing to do. Putting an end to online abuse and making the internet a safer place requires active participation and teamwork from all domain industry organizations.

We take on the responsibility to look after our users and treat them with respect.

Products

Data Query Service (DQS)

Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.

Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.

The service has never failed and utilizes the longest established DNSBLs in the industry.

  • Proactive & preventative
  • Save on email infrastructure & management costs
  • Actionable

Resources

Can you .bank on this registry for security?

23 March 2022

Blog

Here, fTLD, the registry for .bank and .insurance top-level domains (TLDs), provides their view of how a TLD can make it simple for users to trust their interactions with websites.

XYZ discusses industry collaboration to ban bad actors

10 March 2022

Blog

XYZ Registry explains how the lack of visibility into a bad actor's domain causes issues and provides suggestions to overcome this problem.

Getting the low-down from XYZ Registry on combating domain abuse

3 March 2022

Blog

We've been reaching out to registries for their views and opinions on combating internet abuse for this blog post series. Recently we had an in-depth conversation with XYZ on their approach to domain abuse.