Back

28 Abuse Prevention and Mitigation

gTLDFull Legal NameE-mail suffixDetail
.GGEEGMO Internet, Inc.gmoregistry.comView
In order to safeguard the security and stability of .ggee, as well as the Internet at large, GMO Internet, Inc. (the registry) takes abuse very seriously and employs proactive measures to mitigate abusive activities.

In general, the registry’s abuse mitigation strategies fall into the following broad areas:

- cocnducting pre-verification of registration eligibility
- developing and publishing a set of comprehensive abuse policies including clear definitions of abusive activities;
- establishing and publishing a single abuse point of contact to address and resolve abuse complaints at Registry startup and on an ongoing basis; and
- developing procedures for handling complaints, including takedown requests, in a timely manner.


Pre-Verification of Registration Eligibility

.ggee is a domain for GMO Internet, Inc. and its stakeholders, and the registry believes that it is important to prevent unqualified registrations in order to keep the TLD space safe and reliable; therefore, the registry will conduct registrant pre-verification in all .ggee registration phases.

Registration and management of .ggee domain names will be carried out via the .ggee dedicated account provided by a .ggee accredited registrar. Access to the .ggee dedicated account will be limited to the registrants and their authorized administrative contacts, subject to verification of registration eligibility. The verification will be conducted by the registry, and organizations that wish to apply for a .ggee dedicated account will be required to provide proof of registration eligibility to the registry via a .ggee accredited registrar. Proposed valid forms of documentary proof include, but are not limited to,
- company seal (registered or unregistered)
- signature of management staff

The registry will conduct verification on a per-registrant basis only. Once verified, the registrant or its authorized administrative contact will have access to the .ggee dedicated account, through which it may apply for multiple .ggee domain names without further verification, under the condition that the registrant and administrative contact information of an applied-for domain name is identical to that which the registry has verified. If there are any material changes to the verified information, the registrant or administrative contact must notify the registry of the change. Failure to comply with the policies may result in the suspension or cancellation of the .ggee dedicated account, and⁄or the denial, cancellation or transfer of any registration or transaction, as well as the placement of lock, hold or similar statuses on applying-for and⁄or existing domain names.

The registry believes that the verification will help mitigate abusive activities including abusive registrations as well as promote Whois accuracy.


Draft Abusive Use Policy

The registry defines abuse as any activity that may harm the stability and security of the DNS and Internet, including, but not limited to:

- Illegal or fraudulent activities;
- Phishing;
- Pharming;
- Using or distributing malicious software (malware);
- Sending unsolicited bulk messages (spam);
- Posting, trading, or exchanging information that harms minors; and
- Posting information that is offensive to public order or morals.

The registry reserves the right to deny, cancel or transfer any registration or transaction, or place any domain name on lock, hold or similar status, at its sole discretion, to enforce the policy.


Abuse Public Contact Information

In order to comply with Specification 6.4.1 of New gTLD Agreement, the registry will provide to ICANN its Abuse contact details. The information will include a valid e-mail and mailing address and a primary contact, and the registry will promptly provide to ICANN a notice of any changes to the contact.

Also, the registry will also publish its abuse public contact information on its web site when it publicly releases the .ggee domain name registration policies, The abuse public contact will be responsible for handling complaints concerning abusive activities relating to domains registered under the .ggee TLD that violate the Abuse Use Policy and require expedited attention. The abuse public contact will be available 24 hours a day 7 days a week. A person who wishes to contact the abuse public contact will be required to submit the Abuse Complaint Form via e-mail or via the online Abuse Complaint Form on the Registry web site.


Abuse Complaint Form

In order to gather pertinent information about a reported incident, facilitate accurate investigation, and avoid false alarms ⁄ positives, the registry will provide an Abuse Complaint form on the registry website. The Abuse complaint form is required at the time a person contacts the abuse public contact and can be submitted online or by email in the format specified on the registry website.


Draft Takedown Procedure

- Complaint is submitted using the abuse complaint form via email or the registry web site;
- Upon receiving a complaint, the registry’s operational and registrar support team will
 assign a ticket number
 review complaint form
- request additional information if complaint form is deemed insufficient to carry out effective investigation
 investigate the complaint to verify accuracy, and to record proof of abuse
 based on the nature of the abuse, assign level of severity: normal or emergency
- Emergency: the registry will suspend the domain name in question and close the complaint ticket. At the same time, it will open a ticket to inform the sponsoring registrar of the suspension along with the reason.
- Nomal: open a ticket to inform the sponsoring registrar to take corrective actions. The registrar must inform the registry of actions taken. If the registrar does not take any action (that includes no response from the registrar) within a reasonable timeframe, the registry will suspend the domain name in question and close the complaint ticket.
 If the domain name was suspended by the registry, and the situation is remedied by the registrant, the registrar will contact the registry via the ticket number. The registry operational and registrar support team will verify that the issue has indeed been remedied and re-enable the domain name, closing the ticket.
 All actions by the operational and registrar support team will be logged

The registry understands that the Registration Abuse Policies Working Group has been working on developing best practices for registries and registrars addressing the fraudulent use of domain names. The registry will closely follow the working group discussions and documents, with a view of adopting the best practices to enhance abuse mitigation capabilities.

In addition, the registry will participate in security forums to keep track of the latest developments in abuse mitigation best practices and refine our abuse policies and procedures from time to time.


Orphan Glue Records

The registry’s view on orphan glue records is consistent with the Security and Stability Advisory Committee Comment on Orphan Glue Records
〈http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf〉. The registry supports the use of orphan glue records for legitimate purposes. Upon receiving a complaint relating to an orphaned glue record used in connection with malicious activities, the registry will verify and take corrective actions in accordance with its takedown procedures.


Resourcing Plans

The implementation and operation of this aspect of registry operations involve the following roles:
● Technical Manager
● Network Engineer
● Applications Engineer
● Database Administrator
● System Architect
● Security Officer
● Technical Support
● Registry Administrators
● Trademark Protection Officer
● QA and Process Manager

The attached table, “resource_fte.png”, outlines the overall FTE equivalent resources available to GMO Registry for the initial implementation and ongoing operations of the registry, of which abuse handlings a subset.


Initial Implementation

Initial implementation of this aspect of registry operations refers to:
● development of detailed procedures on the policies and procedures set forth above
● configuration of the customer support ticketing system for efficient handling of abuse complaints
● training of the operational staff

During this phase, all roles listed above are involved in the planning and implementation of their respective systems in support of this component.


Ongoing Maintenance

The ongoing maintenance of abuse mitigation involves:
● proactive monitoring of the SRS, Whois and DNS services to detect and curb abuse
● acting as the primary abuse point of contact to coordinate the handling of complaints received and escalating to relevant vendors as necessary
● monitoring of security mailing lists for takedown requests arising from security researchers and emergency response teams
● participating in relevant ICANN communities to engage in knowledge sharing, implementing best practices that may emerge


The follow roles are involved in this phase of the operations:
● Technical Manager
● Technical Support
● Security Officer
● Registry Administrator
● Trademark Protection Officer
● QA and Process Manager
gTLDFull Legal NameE-mail suffixDetail
.suzukiSUZUKI MOTOR CORPORATIONgmoregistry.comView
In order to safeguard the security and stability of .suzuki, as well as the Internet at large, SUZUKI Motor Corporation (the registry) takes abuse very seriously and employs proactive measures to mitigate abusive activities.

In general, the registry’s abuse mitigation strategies fall into the following broad areas:

- cocnducting pre-verification of registration eligibility
- developing and publishing a set of comprehensive abuse policies including clear definitions of abusive activities;
- establishing and publishing a single abuse point of contact to address and resolve abuse complaints at Registry startup and on an ongoing basis; and
- developing procedures for handling complaints, including takedown requests, in a timely manner.


Pre-Verification of Registration Eligibility

.suzuki is a domain for SUZUKI Motor Corporation and its stakeholders, and the registry believes that it is important to prevent unqualified registrations in order to keep the TLD space safe and reliable; therefore, the registry will conduct registrant pre-verification in all .suzuki registration phases.

Registration and management of .suzuki domain names will be carried out via the .suzuki dedicated account provided by a .suzuki accredited registrar. Access to the .suzuki dedicated account will be limited to the registrants and their authorized administrative contacts, subject to verification of registration eligibility. The verification will be conducted by the registry, and organizations that wish to apply for a .suzuki dedicated account will be required to provide proof of registration eligibility to the registry via a .suzuki accredited registrar. Proposed valid forms of documentary proof include, but are not limited to,
- company seal (registered or unregistered)
- signature of management staff

The registry will conduct verification on a per-registrant basis only. Once verified, the registrant or its authorized administrative contact will have access to the .suzuki dedicated account, through which it may apply for multiple .suzuki domain names without further verification, under the condition that the registrant and administrative contact information of an applied-for domain name is identical to that which the registry has verified. If there are any material changes to the verified information, the registrant or administrative contact must notify the registry of the change. Failure to comply with the policies may result in the suspension or cancellation of the .suzuki dedicated account, and⁄or the denial, cancellation or transfer of any registration or transaction, as well as the placement of lock, hold or similar statuses on applying-for and⁄or existing domain names.

The registry believes that the verification will help mitigate abusive activities including abusive registrations as well as promote Whois accuracy.


Draft Abusive Use Policy

The registry defines abuse as any activity that may harm the stability and security of the DNS and Internet, including, but not limited to:

- Illegal or fraudulent activities;
- Phishing;
- Pharming;
- Using or distributing malicious software (malware);
- Sending unsolicited bulk messages (spam);
- Posting, trading, or exchanging information that harms minors; and
- Posting information that is offensive to public order or morals.

The registry reserves the right to deny, cancel or transfer any registration or transaction, or place any domain name on lock, hold or similar status, at its sole discretion, to enforce the policy.


Abuse Public Contact Information

In order to comply with Specification 6.4.1 of New gTLD Agreement, the registry will provide to ICANN its Abuse contact details. The information will include a valid e-mail and mailing address and a primary contact, and the registry will promptly provide to ICANN a notice of any changes to the contact.

Also, the registry will also publish its abuse public contact information on its web site when it publicly releases the .suzuki domain name registration policies, The abuse public contact will be responsible for handling complaints concerning abusive activities relating to domains registered under the .suzuki TLD that violate the Abuse Use Policy and require expedited attention. The abuse public contact will be available 24 hours a day 7 days a week. A person who wishes to contact the abuse public contact will be required to submit the Abuse Complaint Form via e-mail or via the online Abuse Complaint Form on the Registry web site.


Abuse Complaint Form

In order to gather pertinent information about a reported incident, facilitate accurate investigation, and avoid false alarms ⁄ positives, the registry will provide an Abuse Complaint form on the registry website. The Abuse complaint form is required at the time a person contacts the abuse public contact and can be submitted online or by email in the format specified on the registry website.


Draft Takedown Procedure

- Complaint is submitted using the abuse complaint form via email or the registry web site;
- Upon receiving a complaint, the registry’s operational and registrar support team will
 assign a ticket number
 review complaint form
- request additional information if complaint form is deemed insufficient to carry out effective investigation
 investigate the complaint to verify accuracy, and to record proof of abuse
 based on the nature of the abuse, assign level of severity: normal or emergency
- Emergency: the registry will suspend the domain name in question and close the complaint ticket. At the same time, it will open a ticket to inform the sponsoring registrar of the suspension along with the reason.
- Nomal: open a ticket to inform the sponsoring registrar to take corrective actions. The registrar must inform the registry of actions taken. If the registrar does not take any action (that includes no response from the registrar) within a reasonable timeframe, the registry will suspend the domain name in question and close the complaint ticket.
 If the domain name was suspended by the registry, and the situation is remedied by the registrant, the registrar will contact the registry via the ticket number. The registry operational and registrar support team will verify that the issue has indeed been remedied and re-enable the domain name, closing the ticket.
 All actions by the operational and registrar support team will be logged

The registry understands that the Registration Abuse Policies Working Group has been working on developing best practices for registries and registrars addressing the fraudulent use of domain names. The registry will closely follow the working group discussions and documents, with a view of adopting the best practices to enhance abuse mitigation capabilities.

In addition, the registry will participate in security forums to keep track of the latest developments in abuse mitigation best practices and refine our abuse policies and procedures from time to time.


Orphan Glue Records

The registry’s view on orphan glue records is consistent with the Security and Stability Advisory Committee Comment on Orphan Glue Records
〈http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf〉. The registry supports the use of orphan glue records for legitimate purposes. Upon receiving a complaint relating to an orphaned glue record used in connection with malicious activities, the registry will verify and take corrective actions in accordance with its takedown procedures.


Resourcing Plans

The implementation and operation of this aspect of registry operations involve the following roles:
● Technical Manager
● Network Engineer
● Applications Engineer
● Database Administrator
● System Architect
● Security Officer
● Technical Support
● Registry Administrators
● Trademark Protection Officer
● QA and Process Manager

The attached table, “resource_fte.png”, outlines the overall FTE equivalent resources available to GMO Registry for the initial implementation and ongoing operations of the registry, of which abuse handlings a subset.


Initial Implementation

Initial implementation of this aspect of registry operations refers to:
● development of detailed procedures on the policies and procedures set forth above
● configuration of the customer support ticketing system for efficient handling of abuse complaints
● training of the operational staff

During this phase, all roles listed above are involved in the planning and implementation of their respective systems in support of this component.


Ongoing Maintenance

The ongoing maintenance of abuse mitigation involves:
● proactive monitoring of the SRS, Whois and DNS services to detect and curb abuse
● acting as the primary abuse point of contact to coordinate the handling of complaints received and escalating to relevant vendors as necessary
● monitoring of security mailing lists for takedown requests arising from security researchers and emergency response teams
● participating in relevant ICANN communities to engage in knowledge sharing, implementing best practices that may emerge


The follow roles are involved in this phase of the operations:
● Technical Manager
● Technical Support
● Security Officer
● Registry Administrator
● Trademark Protection Officer
● QA and Process Manager