Skip to main content
Namecheap
blog
Go To Namecheap.com
Hero image of The ICANN86 verification debate: what the data shows
Domains, News

The ICANN86 verification debate: what the data shows

Connor Harrison | June 5, 2026
0
5 min read

ICANN86 is coming to Seville, Spain, from June 8 to 11. One question is already running hot in the lead-up: does tightening email verification actually reduce DNS abuse? Some want the 15-day window cut down. Others want verification required before a domain enters the DNS at all.

Both sound like logical fixes. But data has a way of complicating the obvious answer. Namecheap dug into more than 5.3 million domain names registered through Spaceship to find out.

Key stats at a glance

  • 98.14% of domains suspended for DNS abuse had already passed email verification
  • 69 days median time from registration to abuse suspension
  • 74.57% of abusive domains were older than 15 days at time of suspension
  • 84.62% of domains suspended for failed email verification had no abuse involvement
  • 1.86% of abuse-related suspensions involved both abuse and failed verification
  • 1.57% of total registrations were flagged for abuse

Looking deeper 

Namecheap analyzed the registration and abuse suspension data across 5,350,455 domain names. This covered all registered and transferred-in gTLD domains on Spaceship from April 26, 2025 to April 26, 2026. 

One thing worth knowing upfront, as specified by ICANN requirements: Spaceship doesn’t trigger a new email verification if the same email was already verified at account creation or during a previous registration. The figures below cover cases where a fresh verification was required.

With that said, here’s what the data shows.

Verified and still abusive: what the top-line stat reveals

At 98.14%, nearly all abusive domains had already passed verification.

Of all domain names Spaceship suspended for DNS abuse, 98.14% had already completed email verification. The abuse happened anyway.

To understand why the abuse continued, it helps to look at how verification happens in the first place. Spaceship identifies three routes: email verified at account creation, email previously verified on another domain, and fresh email verification. Across all three, abuse rates sit between 1.16% and 1.59%. The method doesn’t really move the needle. And the timing doesn’t either. 

If verification were an effective barrier, we’d expect that number to be close to zero, with domains slipping through because they were never verified. Instead, bad actors verify just like everyone else. They click the link, then move on. The abuse follows later.

Abuse timing: Does the window even apply?

At a median of 69 days, abuse occurs long after the verification window closes.

The median time from registration to abuse suspension was 69 days, nearly 10 weeks after the domain went live. The average sits at 81 days, 18 hours.

Just 25.43% of domains suspended for abuse were flagged within 15 days of registration. Roughly three in every four abusive domains were well past any verification window before abuse was identified.

Tightening the window wouldn’t have changed the outcome for most cases here. The abuse timeline just doesn’t line up with the registration timeline.

It’s also worth noting that ICANN published a 2024 report claiming domains used in abuse tend to be recently registered. That claim cites a study from 2010. Now, cybercriminals have evolved, being known to target aged domains to circumvent modern reputation filters. 

Clearly, this story is more nuanced.

Failed verification: who actually gets caught?

At 84.62%, most domains caught by failed verification weren’t abusive at all.

Here’s the number that tends to get lost: 84.62% of domains suspended for failing email verification had no involvement in DNS abuse whatsoever.

Of the 10,219 domains suspended for failing to verify within 15 days, 8,647 were clean. Real registrants whose domains went offline not because of anything harmful, but because a deadline passed (missed emails, travel, slow responses). And of the remainder, just 1,572 were suspended for both abuse and failed verification.

That’s 1.86% of all abuse-related suspensions. Meaningful? Absolutely. But is it worth disrupting the 84.62% who weren’t doing anything wrong? That’s the harder question.

Hedgehog monitoring website speed

Verification speed: how quickly do people actually verify?

With 56% verifying within the hour, who does a shorter window actually target?

More than half, 56.08%, of successful email verifications happen within the first hour. Within a day, that figure rises to 81.58%. By the end of 15 days, it’s 99.83%.

So who does a shorter window actually catch? Not the bad actor who verified on day one and spent the next 69 days operating their domain before abuse occurred. It’s far more likely to catch registrants who got their site live on day 3, set up email on day 5, and got suspended on day 8 because a link slipped through the cracks.

Scale: How big is the abuse problem really?

At 1.57% of registrations, is the policy response proportionate to the problem?

Of the 5,350,455 domains in this dataset, 84,416 were flagged for abuse. That’s 1.57% of total registrations.

DNS abuse is real. Just like us, Spaceship takes it seriously, acting on well-evidenced and verified reports, and suspending domains in response. But if the data shows verification timing doesn’t meaningfully reduce that 1.57%, the question becomes whether the disruption to the other 98.43% is justified.

So, what does this tell us?

The data isn’t saying DNS abuse isn’t a problem. It’s saying a shorter verification window probably won’t fix it.

Most abuse in this dataset came from domains that verified just fine, then ran for weeks or months before anything was flagged.

The people a shorter window actually catches? Legitimate users who have already verified fast and had their domain up and running within days.

If over 98% of abusive domains passed verification, and abuse typically showed up months later, what does tightening the window actually change for the people it’s meant to stop?

Was this article helpful?
0
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Current Deals at Namecheap
Help us blog better

What would you like us to write more about?

Thank you for your help

We are working hard to bring your suggestions to life.

Connor Harrison avatar

Connor Harrison

Connor is a writer and musician from Nottingham in the UK. Having worked in both writing sectors and music spaces, Connor landed at Namecheap as a Domains Copywriter in 2022. Along his journey, he’s delivered for clients such as NME Networks, Virtuoso, and Kormax. While he’s away from the written word, he’s trying to come up with ideas that ‘definitely won’t fail this time’ with his business partner Harry. More articles written by Connor.

More articles like this
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Current Deals at Namecheap
Hero image of Email alternatives to Google Workspace and OutlookThe ICANN86 verification debate: what the data shows
Previous Post

Email alternatives to Google Workspace and Outlook

Read More