An Initiative to fight DNS abuse


The stable, safe and secure operation of the DNS has proven to be the foundation for the global expansion of the Internet as a universal public resource.

However, like every innovation and every technology, the Internet and the DNS are facing abuse, like malware, botnets, phishing, pharming or spam.

The topDNS Initiative and its members have set themselves the goal of fighting DNS abuse.


To achieve this goal, the initiative is based on two main pillars:

Education & Awareness

  • Promotion of existing efforts to fight different types of abuse
  • Education of policy & decision makers and subject-matter expert groups
  • Inclusion of hosting providers and their abuse teams
  • Amplification of the messages of the industry

Collaboration & Operationalisation

  • Collaboration at eco, a trusted platform in the Internet industry
  • Sharing best-practice guidance for abuse handling
  • Standardisation of abuse reports, use-cases, statistics & definitions
  • Development of a Trusted Notifier Framework


“The DNS is an ecosystem, not just a registration system"

The task to prevent and tackle abuse on the Internet is a complex one. The DNS ecosystem is diverse, given that it includes different stakeholders & intermediaries with different roles and responsibilities, and different options at hand to contribute to this task.

Registries and registrars are often asked to suspend domain names allegedly involved in abusive content or services. If they do, they can only take down an entire domain name, which may cause collateral damage when innocent content is or was also accessible via the same domain name.

Therefore, responses to abuse should always be proportionate in the light of the type of internet infrastructure operator concerned.

eco's diverse membership covers all sectors of the Internet industry. Our goal is to bring all relevant stakeholders & intermediaries to the table and to give visibility to those who are engaged in the fight against DNS abuse - beyond the Domain Name Industry.


Among the many eco members who are fighting abuse on the Internet every day, we would like to thank our sponsors of the topDNS Initiative.
Please send an email to if you are interested in joining!

Steering Committee

The topDNS Initiative is lead and guided by a group of leading experts in the industry:

Jeffrey Bedser

Jeffrey Bedser

CleanDNS Inc.

LG Forsberg

LG Forsberg

IQ Global AS

Marcus Busch

Marcus Busch

Managing Director

Theo Geurts

Theo Geurts

CIPP/E Privacy & GRC Officer
Realtime Register B.V.

Brian Cimbolic

Brian Cimbolic

Vice President, General Counsel
Public Interest Registry

Kelly Hardy

Kelly Hardy

Head of Registry Policy

Keith Drazek

Keith Drazek

VP of Policy & Government Relations
VeriSign, Inc.

topDNS Advisory Group

The fight against DNS abuse is a collaborative effort but we have to spend people’s time and resources wisely to avoid duplicate efforts. This is why the topDNS Initiative is working closely with leading experts and partners around the globe, not only to share knowledge and information but also to amplify their work and results in Europe.

Graeme Bunton

Graeme Bunton

DNS Abuse Institute










Events & Webinars

Middle East DNS Forum 2022

16 - 18 May 2022 - ICANN org's eighth Middle East Domain Name System (DNS) Forum will take place virtually and will offer a closer look at the evolving DNS ecosystem from a technical and policy perspective. It will have a special focus on regional challenges and opportunities for growth. Join the topDNS Initiative and the DNS Abuse Institute on Wednesday, 17 May for the Panel on DNS Security Threats.

Webinar: NetBeacon – A service to standardize abuse reports

24 May 2022 - For those impacted by DNS Abuse, reporting it is difficult, requires technical understanding, and has no standards across the DNS ecosystem. The DNS Abuse Institute is working to simplify the process with the upcoming launch of it’s NetBeacon service. The NetBeacon service is being built by eco member and topDNS sponsor CleanDNS and licensed to the DNS Abuse Institute at no cost. This webinar provides a preview to this new service. Please follow the link to register for free.

News & Articles

Nordic Domain Days 2022

In collaboration with iQ Solutions, eco´s topDNS initiative organized and co-hosted a hands-on workshop at Nordic Domain Days to address DNS Abuse. We will publish the results of the workshop shortly.

Online Training: OSINT – Fighting DNS Abuse (DNS Abuse for LEAs)

This course discusses best practices in handling DNS abuse and various tools to identify such abuses related to DNS. The course also covers how law enforcement authorities can engage with ICANN.

The target audience for this training are Law Enforcement personnel who are involved in handling abuses related to Internet Identifiers. Participants should be able to understand the various aspects of DNS related abuses and to use publicly available tools to identify those.

Recommended prerequisite: Virtual Workshop: DNS 101


By loading the video, you accept YouTube's privacy policy.
Learn more

Load video

Cloudfest: topDNS Campaign for Shared Commitment to DNS Security

With its topDNS initiative, the conference programme was complemented by a well-attended eco panel discussion: Keith Drazek, Vice-President Public Policy & Government Relations at VeriSign and one of the topDNS founding members, introduced the topic with his keynote on the need to regularly work side-by-side in mitigating DNS security threats. The panel discussion that followed involved Hans Seeuws, External Relations Manager at EURid, Carsten Sjoerup, Chief Technology & Product Officer at CentralNic and Jörg Pernfuß, Security Architect at IONOS. The panel was moderated by Thomas Rickert, Director Names & Numbers at eco – Association of the Internet Industry. Read the full news.




Online Training - ICANN's Technical Mission

Beyond the policy development coordination role for the community, ICANN plays a significant role coordinating the technical aspects of the Internet's unique identifier system. eco's topDNS Initiative and its members have set themselves the goal of fighting DNS abuse. To understand ICANN's Technical Mission is key to follow the debate on this important topic. The target audience for this training are the General Public, Newcomers, and Policy Makers.


By loading the video, you accept YouTube's privacy policy.
Learn more

Load video

DNS Abuse: Everyone’s Problem

On eco´s dotmagazine, Lars Forsberg from iQ looks at the need for awareness of DNS abuse, especially of the new gTLDs, because with awareness comes the ability to act.

Online Training - DNS Abuse: Fact or Fiction?

What is DNS abuse actually and why should the issue concern all Internet infrastructure providers? Depending on whom you ask, you get different answers as to the size of the problem and who should take measures to combat it. At it-sa, Europe's largest event for cybersecurity, Thomas Rickert discussed these aspects.


By loading the video, you accept YouTube's privacy policy.
Learn more

Load video

DMARC is here to stay. Now what?

Alex Brotman, Comcast, and Patrick Koetter, Leader of the Competence Groups Email and Anti-Abuse at eco, explain on eco´s dotmagazine how DMARC (Domain-based Message Authentication, Reporting, and Conformance) can help companies to protect their customers and their brands from abuse.

Email Blocklists for Real-Time Detection and Mitigation

At eco´s dotmagazine, Patrick Ben Koetter from eco Email & Anti-Abuse Competence Groups speaks to Lars Steffen from eco about blocklists, allowlists & the value of reputation.

Borderless Fight against Illegal Content

For over 20 years, the international INHOPE network has been successfully working to combat depictions of the abuse of minors, says Peter-Paul Urlaub from the eco Complaints Office at dotmagazine.

Discussion Paper - DNS over HTTPS (DoH)

Background information and explanations for non-technical readers, and a clear set of recommendations for best practice in line with privacy-enhancing techniques and informed user consent. Download the Discussion Paper here.

Also on eco´s dotmagazine, Patrick Koetter, Leader of the Competence Groups Email and Anti-Abuse at eco, tells the story of the emergence of the DoH protocol as a privacy-enhancing technique, and the diverse reactions to it around the world.


What distinguishes topDNS from other initiatives on DNS abuse?

eco’s membership represents a wide range of Internet infrastructure providers – from network infrastructure, Internet service providers (ISPs), content delivery networks (CDNs), registries and registrars, service and application providers, to cybersecurity and legal experts – and has been providing a platform for experts to exchange thoughts, expertise and develop best practice for more than 25 years.

Additionally, eco is well connected at the global level and will use its ties to all stakeholders concerned to raise awareness and promote co-operation against abuse in general and DNS abuse in particular.


Does eco have experience in the prevention of DNS abuse?

For over 20 years, eco has been intrinsically motivated to make sure that abuse and illegal content are combated, and that crimes are prosecuted. Cooperating with the various stakeholders in the process is as important to us as neutrality and transparency.

We are a point of contact for members, states, law enforcement, society, and politics. The eco Complaints Office and the Certified Senders Alliance underscore eco’s long-standing record of accomplishment of successful approaches to self-regulation within the Internet industry, flanked by the well-established eco working groups Anti-Abuse, Email, and Names & Numbers.


How does the topDNS Initiative define DNS abuse?

To avoid duplication of efforts, the topDNS Initiative builds on the well established DNS Abuse Framework which also corresponds with ICANN's definition of DNS abuse. The Framework involves more than 50 signatory registrars and registries that are striving to strengthen the safety and security of the DNS.

DNS abuse is composed of five broad categories of harmful activity insofar as they intersect with the DNS: malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS abuse).

The DNS Abuse Framework is not only a remarkable self-regulatory initiative within the Internet industry, but is also supoorted by a large number of eco members. The topDNS Initiative builds on the principles of the DNS Abuse Framework to support the industry in bringing the the framework's implementation to life.


What is the issue and how large is it?

Depending on you ask, you will get different answers to both points. Therefore, it is our goal to advance the discussion on what constitutes DNS abuse and the demarcation from other types of abuse. Being clear on what actually is DNS abuse will also help not conflating different types of abuse and being able to aggregate more accurate statistics.


What is eco's role at ICANN?

For many years, eco has represented the interests of its members in the domain name industry, especially in the ICANN environment.

The eco Association

This positioning makes eco a neutral and acknowledged partner to contribute to the discussion on DNS abuse and to promote best-practices among all relevant stakeholders & intermediaries within the Internet industry.


Does topDNS collaborate with other initiatives working on DNS abuse?

Fortunately, there are various working groups and initiatives focusing on the fight against DNS abuse. We have to spend people’s time and resources wisely and avoid duplicate efforts. The topDNS Initiative collaborates closely with experts, working groups and initiatives through the topDNS Advisory Group.


Other eco initiatives to fight abuse

For more than 25 years, eco has been a strong advocate of self-regulatory approaches and supports the Internet industry in taking responsibility. The topDNS complements perfectly the existing efforts of eco to mitigate and fight abusive behaviour on the Internet.

Certified Senders Alliance

The goal of the Certified Senders Alliance (CSA) is to increase the quality of commercial transactional emails. To achieve this goal, the CSA establishes legal and technical quality standards. The quality standards arise out of prevailing law and the technical requirements for mailbox providers. They are regularly updated to correspond to the current legislation and market requirements to prevent spam & phishing and promote the implementation of standards like DKIM, DMARC & SPF.

eco Complaints Office

Combatting illegal online content is a task for society as a whole. We are doing our bit: For over 25 years, eco has been intrinsically motivated to make sure that illegal content is taken down and that crimes are prosecuted. Cooperating with the various stakeholders in the process is as important to us as neutral and transparent processes. The eco Complaints Office is a point of contact for members, the state, society, and politics. eco was one of the eight founding members of INHOPE in 1999.

Join the topDNS Initiative

Do you want to learn more about the topDNS Initiative and how to join?
Please contact us!

Lars Steffen

Lars Steffen

Director eco International
Project Manager Domains

Fon: +49 (0) 221 - 70 00 48 – 176

Thomas Rickert

Thomas Rickert

Director Names & Numbers

Contact us


    Please enter code