An Initiative to Fight DNS Abuse
The stable, safe and secure operation of the DNS has proven to be the foundation for the global expansion of the Internet as a universal public resource.
However, like every innovation and every technology, the Internet and the DNS are facing abuse, like malware, botnets, phishing, pharming or spam.
The topDNS Initiative and its members have set themselves the goal of fighting DNS abuse.
To achieve this goal, the initiative is based on two main pillars:
Education & Awareness
- Promotion of existing efforts to fight different types of abuse
- Education of policy & decision makers and subject-matter expert groups
- Inclusion of hosting providers and their abuse teams
- Amplification of the messages of the industry
Collaboration & Operationalisation
- Collaboration at eco, a trusted platform in the Internet industry
- Sharing best-practice guidance for abuse handling
- Standardisation of abuse reports, use-cases, statistics & definitions
- Development of a Trusted Notifier Framework
“The DNS is an ecosystem, not just a registration system"
The task to prevent and tackle abuse on the Internet is a complex one. The DNS ecosystem is diverse, given that it includes different stakeholders & intermediaries with different roles and responsibilities, and different options at hand to contribute to this task.
Registries and registrars are often asked to suspend domain names allegedly involved in abusive content or services. If they do, they can only take down an entire domain name, which may cause collateral damage when innocent content is or was also accessible via the same domain name.
Therefore, responses to abuse should always be proportionate in the light of the type of internet infrastructure operator concerned.
eco's diverse membership covers all sectors of the Internet industry. Our goal is to bring all relevant stakeholders & intermediaries to the table and to give visibility to those who are engaged in the fight against DNS abuse - beyond the Domain Name Industry.
Among the many eco members who are fighting abuse on the Internet every day, we would like to thank our sponsors of the topDNS Initiative.
Please send an email to email@example.com if you are interested in joining!
The topDNS Initiative is lead and guided by a group of leading experts in the industry:
VP of Policy & Government Relations
Registry Services Ambassador
CIPP/E Privacy & GRC Officer
Realtime Register B.V.
SVP Strategy and Development
IQ Global AS
Vice President, General Counsel
Public Interest Registry
topDNS Advisory Group
The fight against DNS abuse is a collaborative effort but we have to spend people’s time and resources wisely to avoid duplicate efforts. This is why the topDNS Initiative is working closely with leading experts and partners around the globe, not only to share knowledge and information but also to amplify their work and results in Europe.
DNS Abuse Institute
Events & Webinars
topDNS Best Practice Series: How to reduce Abuse through Quality
Join the first edition of the topDNS Best Practice Series: How to reduce Abuse through Quality. Brian Cimbolic (.ORG) and Theo Geurts (Realtime Register) will show how incentive programs help to reduce abuse and increase customer satisfaction and renewal rates.
topDNS Best Practice Series: Standards and Frameworks for Evidencing Abuse Online
Jeffrey Bedser, CEO of CleanDNS will explain how standardized evidencing allows for rapid correlation and mitigation of abused domains by the appropriate party, how evidencing thresholds can be established and how online harms can be addressed via standardized evidence packages.
Roundtable Discussion: Germany’s Approach to the Internet and Digital Strategy
ICANN Org, I/P/B Internet Provider Berlin & eco – Association of the Internet Industry invite you on Monday, 15 May, 18:00 – 20:00, for a panel discussion of "Germany's Approach to the Internet and Digital Strategy" followed by an informal reception.
News & Articles
Workshop Report Published: State of the DNS in 2022
In November 2022, eco’s topDNS Initiative invited about 30 experts, including representatives of three different Directorate Generals by the EU Commission, to a workshop in Brussels to work together on a secure future for the DNS (Domain Name System). The topDNS Initiative has now published its 28-page final report.
DNS Cookies: The Transaction Mechanism to Protect the Namespace
Although they are not the cure for all name server problems, DNS cookies offer an extra layer of protection and are particularly effective against off-path attacks. Simone Catania, InterNetX, looks at how DNS cookies can make DNS transactions more secure.
Universal Acceptance Technical Training Day: Three Questions for Ronald Schwärzler
How is it possible for special characters or characters of other languages to be universally accepted on the Internet? The Universal Acceptance Technical Training Day, which is organised by eco Association and the geoTLD Group, provides assistance, explains Ronald Schwärzler in an interview.
How to Reduce Fraud and Prevent Abuse
Our colleagues at the DNS Abuse Institute published a document that aims to demonstrate the opportunities for retail domain registrars to prevent abusive registrations while reducing potential impacts to registrants and anti-abuse teams.
Measuring DNS Abuse
Our colleagues at the DNS Abuse Institute launched their reporting initiative called DNSAI Compass to measure the use of the DNS for phishing and malware. You can find their monthly reports here.
topDNS Picks up Speed
Registries, registrars and hosting providers joined forces in the topDNS initiative at the beginning of 2022. Since then, the stable, reliable and secure operation of the DNS (Domain Name System) has been their common goal. It has been about half a year, so the eco Association as initiator and the initiative members are taking a moment to review what has happened in the first few months.
Mitigating DNS Abuse: Taking a firm Position and protecting Employees
On eco´s dotmagazine, Kelly Hardy from CentralNic explains how companies benefit from fighting abuse and from protecting the employees on the front lines.
Control your Digital Brand: On the Interplay of Defensive Domain Registrations, active Monitoring, and Brand Enforcement
On eco´s dotmagazine, Verena Kuthe from LEMARIT outlines the path to retain full control of digital brands through the best brand protection approach.
Not in our Domain: How EURid is using AI and global Cooperation to tackle Cybercrime
On eco´s dotmagazine, EURid takes an innovative approach to help outwit cybercriminals, including helping to identify potentially malicious registrations at source.
QPI: A “Call to Arms” on reponsible Growth
On eco´s dotmagazine, Inma Del Rosal Mendez and Brian Cimbolic from PIR explain how the Quality Performance Index supports a reduction in abusive domain registrations.
Let’s end counter-productive Anti DNS Abuse Reporting
On eco´s dotmagazine, Natasha Pelham-Lacey from CleanDNS, on improving an imperfect system to lower the bar for reporting abuse and increasing takedowns.
Webinar: NetBeacon – A service to standardize abuse reports
24 May 2022 - For those impacted by DNS Abuse, reporting it is difficult, requires technical understanding, and has no standards across the DNS ecosystem. The DNS Abuse Institute is working to simplify the process with the upcoming launch of it’s NetBeacon service. The NetBeacon service is being built by eco member and topDNS sponsor CleanDNS and licensed to the DNS Abuse Institute at no cost. This webinar provides a preview to this new service. Please follow the link to register for free.
DNS Abuse Institute Launches NetBeacon
The DNS Abuse Institute (DNSAI), which was created by Public Interest Registry (PIR) in furtherance of its non-profit mission, announced the launch of NetBeacon, the first centralized DNS Abuse reporting service. As part of its ongoing mission to combat DNS Abuse and bolster Internet safety, the DNSAI is now launching its largest undertaking to date. The DNSAI is launching NetBeacon in collaboration with CleanDNS, an anti-abuse solution developer, which generously donated the development and technology behind NetBeacon. Both, Public Interest Registry (PIR) and CleanDNS, are not only eco members but also supporters and steering committee members of eco´s topDNS Initiative.
topDNS meets... Graeme Bunton
At Nordic Domain Days 2022 in Stockholm we had the opportunity to talk to Graeme Bunton, Executive Director of the DNS Abuse Institute and member of the topDNS Advisory Group about DNS Abuse in general and his work at the Institute in particular.
Why Preventing, Mitigating & Fighting Abuse concerns Everyone
Thomas Rickert and Lars Steffen from the eco Association, explain on on eco´s dotmagazine the importance of acting and collaborating in the fight against abuse involving the DNS.
Gaining more Insight into Malicious Domains
Theo Geurts from Realtime Register B.V. describes on eco´s dotmagazine a proactive approach to malicious domains, based on analyzing and sharing data, and responding to incidents.
The Debate around Defining, Preventing and Mitigating DNS Abuse
What is DNS abuse? On eco´s dotmagazine, Simone Catania from InterNetX looks at the definition of DNS abuse and describes scenarios for prevention and mitigation.
Fighting the Good Fight: Preventing the Spread of CSAM with Software
On eco´s dotmagazine, Els de Jong and Wido Potters from BIT, explain about software-based tools for combatting illegal and harmful content.
Vigilance of Society against Illegal Content
On eco´s dotmagazine, Alexandra Koch-Skiba from the eco Complaints Office explains the attentive reporting and take-down of illegal content on the Internet.
Evidence equals better DNS Abuse Mitigation
On eco´s dotmagazine, Gia Isabella from CleanDNS addresses the creation of standards for evidence of Internet abuse to expedite the handling of abusive content.
Middle East DNS Forum 2022
ICANN org's eighth Middle East Domain Name System (DNS) Forum has taken place virtually 16 - 18 May 2022 and offered a closer look at the evolving DNS ecosystem from a technical and policy perspective. The topDNS Initiative, the DNS Abuse Institute, and CoCCA Registry Services participated in the Panel on DNS Security Threats, moderated by Patrick Jones, Senior Director Global Stakeholder Engagement at ICANN. Watch the recording here.
Online Training: OSINT – Fighting DNS Abuse (DNS Abuse for LEAs)
This course discusses best practices in handling DNS abuse and various tools to identify such abuses related to DNS. The course also covers how law enforcement authorities can engage with ICANN.
The target audience for this training are Law Enforcement personnel who are involved in handling abuses related to Internet Identifiers. Participants should be able to understand the various aspects of DNS related abuses and to use publicly available tools to identify those.
Recommended prerequisite: Virtual Workshop: DNS 101
Cloudfest: topDNS Campaign for Shared Commitment to DNS Security
With its topDNS initiative, the conference programme was complemented by a well-attended eco panel discussion: Keith Drazek, Vice-President Public Policy & Government Relations at VeriSign and one of the topDNS founding members, introduced the topic with his keynote on the need to regularly work side-by-side in mitigating DNS security threats. The panel discussion that followed involved Hans Seeuws, External Relations Manager at EURid, Carsten Sjoerup, Chief Technology & Product Officer at CentralNic and Jörg Pernfuß, Security Architect at IONOS. The panel was moderated by Thomas Rickert, Director Names & Numbers at eco – Association of the Internet Industry. Read the full news.
Online Training - ICANN's Technical Mission
Beyond the policy development coordination role for the community, ICANN plays a significant role coordinating the technical aspects of the Internet's unique identifier system. eco's topDNS Initiative and its members have set themselves the goal of fighting DNS abuse. To understand ICANN's Technical Mission is key to follow the debate on this important topic. The target audience for this training are the General Public, Newcomers, and Policy Makers.
DNS Abuse: Everyone’s Problem
On eco´s dotmagazine, Lars Forsberg from iQ looks at the need for awareness of DNS abuse, especially of the new gTLDs, because with awareness comes the ability to act.
Online Training - DNS Abuse: Fact or Fiction?
What is DNS abuse actually and why should the issue concern all Internet infrastructure providers? Depending on whom you ask, you get different answers as to the size of the problem and who should take measures to combat it. At it-sa, Europe's largest event for cybersecurity, Thomas Rickert discussed these aspects.
DMARC is here to stay. Now what?
Alex Brotman, Comcast, and Patrick Koetter, Leader of the Competence Groups Email and Anti-Abuse at eco, explain on eco´s dotmagazine how DMARC (Domain-based Message Authentication, Reporting, and Conformance) can help companies to protect their customers and their brands from abuse.
Email Blocklists for Real-Time Detection and Mitigation
At eco´s dotmagazine, Patrick Ben Koetter from eco Email & Anti-Abuse Competence Groups speaks to Lars Steffen from eco about blocklists, allowlists & the value of reputation.
Borderless Fight against Illegal Content
For over 20 years, the international INHOPE network has been successfully working to combat depictions of the abuse of minors, says Peter-Paul Urlaub from the eco Complaints Office at dotmagazine.
Discussion Paper - DNS over HTTPS (DoH)
Background information and explanations for non-technical readers, and a clear set of recommendations for best practice in line with privacy-enhancing techniques and informed user consent. Download the Discussion Paper here.
Also on eco´s dotmagazine, Patrick Koetter, Leader of the Competence Groups Email and Anti-Abuse at eco, tells the story of the emergence of the DoH protocol as a privacy-enhancing technique, and the diverse reactions to it around the world.
What distinguishes topDNS from other initiatives on DNS abuse?
eco’s membership represents a wide range of Internet infrastructure providers – from network infrastructure, Internet service providers (ISPs), content delivery networks (CDNs), registries and registrars, service and application providers, to cybersecurity and legal experts – and has been providing a platform for experts to exchange thoughts, expertise and develop best practice for more than 25 years.
Additionally, eco is well connected at the global level and will use its ties to all stakeholders concerned to raise awareness and promote co-operation against abuse in general and DNS abuse in particular.
Does eco have experience in the prevention of DNS abuse?
For over 20 years, eco has been intrinsically motivated to make sure that abuse and illegal content are combated, and that crimes are prosecuted. Cooperating with the various stakeholders in the process is as important to us as neutrality and transparency.
We are a point of contact for members, states, law enforcement, society, and politics. The eco Complaints Office and the Certified Senders Alliance underscore eco’s long-standing record of accomplishment of successful approaches to self-regulation within the Internet industry, flanked by the well-established eco working groups Anti-Abuse, Email, and Names & Numbers.
How does the topDNS Initiative define DNS abuse?
To avoid duplication of efforts, the topDNS Initiative builds on the well established DNS Abuse Framework which also corresponds with ICANN's definition of DNS abuse. The Framework involves more than 50 signatory registrars and registries that are striving to strengthen the safety and security of the DNS.
DNS abuse is composed of five broad categories of harmful activity insofar as they intersect with the DNS: malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS abuse).
The DNS Abuse Framework is not only a remarkable self-regulatory initiative within the Internet industry, but is also supoorted by a large number of eco members. The topDNS Initiative builds on the principles of the DNS Abuse Framework to support the industry in bringing the the framework's implementation to life.
What is the issue and how large is it?
Depending on you ask, you will get different answers to both points. Therefore, it is our goal to advance the discussion on what constitutes DNS abuse and the demarcation from other types of abuse. Being clear on what actually is DNS abuse will also help not conflating different types of abuse and being able to aggregate more accurate statistics.
What is eco's role at ICANN?
For many years, eco has represented the interests of its members in the domain name industry, especially in the ICANN environment.
The eco Association
- took a leadership role working on ICANN's accountability framework for the IANA Stewardship Transition,
- has a seat on the GNSO Council through the Internet Service Provider and Connectivity Provider Constituency (ISPCP).
- was the author of the well-established GDPR Domain Industry Playbook,
- is involved in the GNSO Expedited Policy Development Process (EPDP) EPDP on the Temporary Specification for gTLD Registration Data, and
- provides the Chair of the (ISPCP) through DE-CIX.
- promotes Universal Acceptance.
This positioning makes eco a neutral and acknowledged partner to contribute to the discussion on DNS abuse and to promote best-practices among all relevant stakeholders & intermediaries within the Internet industry.
Does topDNS collaborate with other initiatives working on DNS abuse?
Fortunately, there are various working groups and initiatives focusing on the fight against DNS abuse. We have to spend people’s time and resources wisely and avoid duplicate efforts. The topDNS Initiative collaborates closely with experts, working groups and initiatives through the topDNS Advisory Group.
Other eco initiatives to fight abuse
For more than 25 years, eco has been a strong advocate of self-regulatory approaches and supports the Internet industry in taking responsibility. The topDNS complements perfectly the existing efforts of eco to mitigate and fight abusive behaviour on the Internet.
Certified Senders Alliance
The goal of the Certified Senders Alliance (CSA) is to increase the quality of commercial transactional emails. To achieve this goal, the CSA establishes legal and technical quality standards. The quality standards arise out of prevailing law and the technical requirements for mailbox providers. They are regularly updated to correspond to the current legislation and market requirements to prevent spam & phishing and promote the implementation of standards like DKIM, DMARC & SPF.
eco Complaints Office
Combatting illegal online content is a task for society as a whole. We are doing our bit: For over 25 years, eco has been intrinsically motivated to make sure that illegal content is taken down and that crimes are prosecuted. Cooperating with the various stakeholders in the process is as important to us as neutral and transparent processes. The eco Complaints Office is a point of contact for members, the state, society, and politics. eco was one of the eight founding members of INHOPE in 1999.
Join the topDNS Initiative
Do you want to learn more about the topDNS Initiative and how to join?
Please contact us!
Director eco International
Project Manager Domains
Fon: +49 (0) 221 - 70 00 48 – 176
Director Names & Numbers