[dns-operations] Uptick in number of domains losing delegation recently

Doug McIntyre merlyn at geeks.org
Tue Apr 22 23:29:32 UTC 2014

On Tue, Apr 22, 2014 at 12:01:39PM -0700, Todd Lyons wrote:
> We've had an increase in customers over the past month call in with
> problems being unable to browse to their website (2 or 3 a week, it's
> not like it's a huge number).  In almost all cases, they have a
> GoDaddy or a Tucows domain which is currently registered, the
> expiration date is still a ways off, and whois is delegated to the
> correct DNS....

ICANN has instituted a new policy as of 1/1/2014 that directly impacts
domain names just like this, but has received little press. 


The core of what this says is that within 15 days of registration, change, or transfer, (but I've also seen this as failure of their normal WDRP)

that ...

"Verify: the email address of the Registered Name Holder (and, if different, the Account Holder) by sending an email requiring an affirmative response through a tool-based authentication method such as providing a unique code that must be returned in a manner designated by the Registrar,..."

"In either case, if Registrar does not receive an affirmative response from the Registered Name Holder, Registrar shall either verify the applicable contact information manually or suspend the registration, until such time as Registrar has verified the applicable contact information.."

So, ICANN is requiring all domain names to have valid email addresses,
and if the current contact bounces, the registrar is required to
suspend the domain name within 15 days, or verify it via other methods. 

This means that unless a domain registrar is proactive and actively
seeks out its clients via an alternative mathod, that the registrar is
required to suspend the domain if anybody has an old or bogus email
address on a domain name. (so, only like what, 30-50% of all domain

OpenSRS and GoDaddy are most likely the registrars most in compliance
with this. OpenSRS sends its' resellers a daily report of which
domains are threatened to be suspended. 

Since most resellers probably don't have any more information than
what is listed in the domain whois entry, if anybody has an old email
address listed, their domain will get suspended. 

When you see this as ClientHold without any further information and it
isn't around the expiration time, that this policy has kicked in, and
the contact info is old and bogus and bouncing their domain offline.

More information about the dns-operations mailing list