DNProtect is the Internet’s leading risk management service for internet domain names.
DKIM stands for DomainKeys Identified Mail. DKIM is an email authentication method designed to detect forged email addresses in email. DKIM should be set up in the DNS records of the domain name if email is sent or received from the domain name. You'll need to contact your domain name registrar (where you bought your domain name) or your web hosting service in order to set up DKIM on your domain name. DNProtect believes it is important to set up DKIM on domain names that send and receive email. Setting up DKIM on a domain name can help protect from someone pretending to send email from that domain name, which can lead to email spam and the domain potentially getting blacklisted on email blacklists. For more information about DKIM, see DKIM.org or Wikipedia: https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail
DMARC stands for Domain-based Message Authentication, Reporting & Conformance. DMARC is an email authentication protocol designed to give domain name owners the ability to protect their domain name from unauthorized use. DNProtect believes it is important to set up DMARC on a domain name to help protect from business email compromise attacks, phishing emails, email scams and other cyber threat activities. In order to set up DMARC, you need to talk with your website host. For more information, see DMARC.org or Wikipedia https://en.wikipedia.org/wiki/DMARC
DNSSEC stands for Domain Name System Security Extensions. DNSSEC helps secure certain kinds of information provided by the Domain Name System. The DNS System is the used when someone types in a domain name or an email is sent, for example. It essentially encrypts the data as it passes over the internet. To enable DNSSEC on a domain name, you need to talk to your domain name registrar. Certain domain name registrars will let you enable DNSSEC via your registrar's dashboard or some will enable it for you if you contact them via a support request. DNProtect believes it is important to set up DNSSEC on domain names to protect them from future risk. Domain names that do not have DNSSEC enabled may receive negative points in their scores. For more information, see the ICANN website about DNSSEC https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en
Is the domain name currently on any email blacklists? Domain names should generally not be listed on any email blacklists unless there is a history of spam being sent from it. If the domain name is listed on any of the email blacklists that DNProtect checks, we believe that it can have a negative effect on the deliverability of email sent from that domain name. There are several public email blacklist checks that you can access. If the domain name is on an email blacklist, DNProtect recommends that you take steps to remove the domain from the appropriate email blacklists. DNProtect believes that a domain name on email blacklists will have an effect on future use of the domain name and it poses a risk. Therefore, DNProtect may assign negative points based on the number of email blacklists where the domain name appears and which email blacklists the domain name appears.
The domain name Create Date is when the domain name was first registered. If the domain name expired and then was registered again, it will have a new Create Date. DNProtect reviews the Create Date of the domain name in the WHOIS record of the domain name. Older domain names that have been registered for multiple years in the past and renewed each year, especially when the domain name has a history of having a live website on it, is a positive thing. DNProtect may review the Create Date of the domain name and the history of the domain name and assign positive points for every year that the domain name has been registered in the past.
The domain name Expiration Date is when the domain name will expire. Domain names must be renewed on an annual basis and can be registered for more than one year into the future. Domain names may be registered for 100 years (offered by some registrars) or they can be registered for an unlimited number of years in the future and never expire, a service offered by the registrar Epik.com. DNProtect believes that domain names registered for several years in the future (more than one year in the future) may be a positive thing, so DNProtect may assign positive points onto the DNP Score for each year the domain name is registered in the future. Likewise, DNProtect may assign negative points onto the DNP Score if a domain name expires soon or is currently in an on-hold or expired status.
The current domain status indicates whether or not the domain name is current on its registration or not. There are several domain name statuses, including ClientDeleteProhibited (domain name is currently registered and in good standing). Other domain statuses indicate whether or not the domain name is on hold, pending delete (going to expire soon), etc. There are 21 different domain name statuses that can be viewed here. Generally speaking, the domain name should be in a status that does not indicate that it will expire or is on hold. DNProtect may assign negative points to domain names that will expire soon or are on hold.
Is the word or string of characters in the domain name (minus the TLD Top Level Domain like .com, .net. ,etc.) in the United States Trademark Search database? if the word or string of characters is listed, there may be a trademark issue with the domain name. DNProtect checks the United States USTPO trademark database called TESS. If part of the domain name (the part without the domain ending) appears in this database, then there may be a trademark issue with the domain name. If this is your domain name then that is OK—if there is no match in the trademark search, DNProtect may assign positive points as a part of the DNP Scoring Process. You can search the USPTO trademark database.
World Intellectual Property Organization, the organization responsible for maintaining and taking care of UDRP domain name disputes. The domain name should not have any UDRP decisions, ideally. DNProtect searches the database of prior UDRP domain name disputes. If the domain name was the subject of a domain name dispute in the past, DNProtect may add negative points as a part of the DNP Scoring system. We recommend you review the case if a domain name dispute was filed on a domain name. You can search the WIPO UDRP database here: https://www.wipo.int/amc/en/domains/search/
Does the website that is on the current domain name have malware associated with it? Malware should not be associated with the domain name. Is there a history of the domain name hosting malware in the past? DNProtect believes that malware is certainly a problem and can have a negative effect and cause website visitors issues if the domain name contains malware. DNProtect may assign negative points to the DNP Scoring system for the domain name if it ever hosted malware in the past or if the domain name currently contains malware.
Several different services offer domain name reputation services and will check a domain name. Most of these are based on the IP address of where the domain name currently resides. Domain names should have a good or acceptable reputation. DNProtect uses several different services to determine the domain name reputation. If the domain name is deemed to have a bad or unacceptable reputation, then we may assign negative points as a part of the DNP Scoring system.
Has the domain name been registered to more than one individual or company in the past? Does the domain name have a history of being registered but then different owners have owned the domain name? What is the history of the domain name registrant? DNProtect believes that if a domain name has been registered over and over again (registered, then expired, then registered, expired, then registered again, etc.) or the domain name has had a lot of different registrants, it might indicate a potential risk. We realize that a few registrant changes are perfectly legitimate. However, if the registrant has changed more than 5 or 10 times in the same year or in the past few years, this might indicate a risk for the domain name. DNProtect may assign negative points based on the number of times a domain name is registered or the number of times a domain name has changed registrants if we determine it is excessive.
Where is the domain name currently hosted? What is the IP address of the website where it is hosted? Certain IP addresses or web servers can be "bad neighborhoods" where particular spammy or "bad websites" are hosted. So, we review the current IP address. DNProtect may determine that the IP address of where the domain name is hosted (which web server it is on) can be positive or negative. DNProtect may assign positive or negative points as a part of the DNP scoring system based on the IP address of where the domain name is hosted.
Every domain name must point to a name server that tells web browsers where the website is located for the domain name. Each domain name needs web hosting for websites to be accessible in a web browser. If the name servers have changed often it could indicate a risk for the domain name. DNProtect reviews the name servers where the domain name is hosted. We also may review the number of changes that have occurred in the past, as frequently changing name servers may indicate a risk for the domain name even if the domain name registrant did not change.
We are constantly improving the DNP Score algorithm, and adding various factors to the calculation of the score. DNP Score is taken into account before we issue a DNProtect policy, such as a Domain Name Ownership Coverage policy. During the underwriting process, we may use other data when determining the final cost of the policy. This could include factors such as the current status of the domain name (is it used for a live website? Are there good, bad, low quality links pointing to the website from other websites? Is the website banned in the search engines? Where is the website hosted?).
To improve your DNP Score, review each of the items below and make changes. Some of these require a one-time set up on the domain name, such as adding a DKIM and DMARC record on the domain name, or adding DNSSEC. Others, however, may require more work, such as improving the websites Majestic Trust Flow (getting additional trusted links to the site). If you have questions about improving the DNP Score on a specific domain name, feel free to contact us.