XYZ Registry takes a firm stance against DNS abuse to protect our domain space. Over the past decade, we’ve developed an adaptive anti-abuse program to address emerging threats. Our team proactively identifies and mitigates phishing, malware, spam, and other forms of abuse across our TLDs. With the help of cybersecurity partners, we enforce our Anti-Abuse Policy to safeguard users and maintain integrity across our namespaces.
Our commitment to responsible registry management goes beyond suspending maliciously used domains. We also recognize that legitimate registrants deserve fair treatment and protection. That means acting quickly when a site is compromised or when compliant use of a domain is mistakenly flagged as abusive.
True false positives in our enforcement process are exceptionally rare, making up less than 0.01% of domains suspended. This is a reflection of the maturity of our detection systems and partner data quality. Even so, we remain vigilant in identifying and correcting them when they occur.
This quarter, we are highlighting how we address false positive cases. These rare instances occur when the use of a domain is mistakenly flagged as abusive by external feeds or monitoring systems. When we receive such a report, the XYZ Anti-Abuse team conducts a thorough review. If we confirm that the use of the domain is legitimate, we don’t just fix it in our own systems. We take the extra step of working with the cybersecurity partners who flagged it to correct the record and prevent similar misclassifications in the future.
This proactive approach benefits everyone: registrants who rely on their domains for business or communication, partners who want the highest-quality data in their detection models, and the broader internet community that depends on accurate threat intelligence. By collaborating directly with our partners, we help improve their systems while maintaining fairness and transparency for our registrants.
Our goal is not only to disrupt abuse but also to uphold the integrity of legitimate online activity. By resolving false positives with care and coordination, we build trust in our namespaces and contribute to a stronger, more reliable security ecosystem.
Recent examples show why this work matters. In one case, a humor-driven project was incorrectly flagged as spam despite lacking any email function. We restored it and worked with the reporting partner to correct the record and improve their detection. In another, a project’s mailing list had been abused by bots using typo domains and spam traps – highlighting the need for double opt-in and regular list cleaning. In this instance, the issue was genuine, and our response helped the registrant resolve it and return to normal operations.
By treating every report with diligence, we aim to strike the right balance between accuracy and enforcement. False positives may be inevitable, but how they are resolved determines whether registrants feel supported and whether the security ecosystem improves. At XYZ, we choose to collaborate, correct, and strengthen trust across our namespaces – and by doing so, help build a safer, more resilient internet.
The Anti-Abuse Quarterly is published to the XYZ Registry Anti-Abuse hub on https://xyz.xyz/abuse. Visit to learn more about our monitoring process, find information on how to report abuse, and understand the actions we take in collaboration with industry partners and law enforcement.
As we continue to safeguard our domain space, these resources serve as a testament to our unwavering commitment to a safer internet. We encourage you to join us in the ongoing fight against online abuse.
To report abuse of .xyz or any XYZ Registry TLD, please open a ticket at https://gen.xyz/abuse or email [email protected].
XYZ is proud to share about the many incredible members that make up the XYZ community! We encourage you to do your own research before using the products and services of the websites we feature. The information about products and services contained in this blog post does not constitute endorsement or recommendation by XYZ.
