Spamhaus Names New gTLDs Considered Worst For Spam

Spamhaus has released a list of what they consider to be the world worst top level domains for spam, and the top ten are all new gTLDs. The list shows the ratio of all domains registered that Spamhaus’ systems see and is a one month “snapshot”.Spamhaus Project logo

The worst of the TLDs is .review with 75.1 percent of all domains considered bad, followed by .diet (74.6%), .click (72.9%), .download (72.8%), .work (64.9%), .tokyo (51.8%), .science (49.8%), .racing (45.6%), .party (45.2%) and .uno (43.8%) rounding out the top ten.

This compares to .com, the world’s largest TLD now with over 126 million domains under management with 4.0 percent of its domains considered bad, .tk (the largest ccTLD and who gives away the vast majority of its domains) with 1.9 percent, .de (Germany – 0.1%) and .net (6.8%).

Of the largest new gTLDs, the only one in the top ten according to to be on the “bad” list is .science. But others feature prominently with 19.7 percent of all .xyz, the largest of all the new gTLDs with 2.6 million domains under management, domains considered bad while .top at second on the list has 16.5 percent of its 1.6 million domains considered bad.

Spamhaus notes that this list does not provide the worst TLDs in absolute quantity, other TLDs may have far more abusive domains, but they also have vastly more non-abusive domains. Instead, the list shows the ratio of all domains seen by the systems at Spamhaus versus the domains our systems profile as spamming or being used for botnet or malware abuse.

The problem largely comes about due to a few registries, registrars and resellers basing a business model based on high volumes of domain names being sold to spammers.

“Spam and other types of abuse continue to plague the internet because bad actors find it very cheap and very easy to obtain thousands of domain names from the Top Level Domain registries and their resellers, the registrars. A few registrars knowingly sell high volumes of domains to professional spammers for profit, or do not do enough to stop or limit spammers’ access to this endless supply of domains. These registrars end up basing their entire business model on network abuse.”

“Unsurprisingly, most of the TLDs listed on this page are the ‘new gTLDs’ recently introduced by ICANN; this is largely the result of a combination of factors:

  • no body of legacy good reputation from old customers with legitimate domains long since registered
  • anti-abuse mechanisms freshly deployed and still not up to the task
  • promotional sales offering domains for very cheap prices, or even free, attracting bulk registrations of throw-away resources.”