Understanding the Three Types of Domain Transfer
Before diving into the process, it is essential to understand that "domain transfer" can mean three very different things. Confusing them leads to unnecessary downtime and lost emails.
Registrar Transfer
Moving your domain registration from one registrar to another (e.g., GoDaddy to Cloudflare). DNS records, website, and email are not affected unless you change nameservers during the process. The domain's WHOIS registrar field changes.
Duration: 1-7 days
DNS Migration
Changing your nameservers to a different DNS provider (e.g., from registrar's DNS to Cloudflare). The domain stays at the same registrar. Your website and email continue working if you recreate all DNS records at the new provider first.
Duration: Minutes to 48 hours
Full Migration (Server + DNS + Registrar)
Moving everything: domain registration, DNS, website files, databases, and email. This is the most complex scenario and requires careful coordination to avoid downtime. Each component must be migrated in the correct order.
Duration: 1-14 days total
This guide covers all three scenarios with specific focus on avoiding email and website interruptions. Whether you are moving a single blog or a business with 50 email accounts, the principles are the same.
Pre-Transfer Checklist: Do This Before Anything Else
Preparation is 90% of a successful domain transfer. Skip any of these steps and you risk downtime.
$ dig example.com ANY +noall +answer
example.com. 3600 IN A 93.184.216.34
example.com. 3600 IN MX 10 mail.example.com.
example.com. 3600 IN TXT "v=spf1 ip4:93.184.216.34 -all"
# Don't forget subdomain records
$ dig mail.example.com A +short
93.184.216.34
$ dig www.example.com A +short
93.184.216.34
$ dig _dmarc.example.com TXT +short
"v=DMARC1; p=quarantine; rua=mailto:[email protected]"
Email Continuity: The Most Critical Part
Email is the most fragile component during a domain transfer. Unlike website traffic, which can tolerate brief interruptions, lost emails are gone forever. The key insight is that MX records tell the world where to deliver your email — as long as MX records point to a working mail server, email keeps flowing.
Scenario A: Keeping the Same Mail Server
If you are only transferring the registrar or DNS provider but your mail server stays the same (same IP, same Postfix/Dovecot), email continuity is straightforward.
- Record your current MX records and their priorities exactly
- Record the A record for your mail hostname (e.g., mail.example.com)
- Record all email-related TXT records: SPF, DKIM, DMARC
- At the new DNS provider, create these records BEFORE changing nameservers
- Verify MX resolution from the new nameservers before going live
Scenario B: Changing Mail Servers
If you are also migrating to a new mail server, the process requires more careful timing.
Create all accounts
IMAP sync or backup
Point to new server
48 hours overlap
After DNS propagation
Email Backup Before Transfer
Always back up all email accounts before any domain transfer. Use IMAP synchronization to create a local copy of every mailbox.
$ imapsync \
--host1 old-mail.example.com --user1 [email protected] \
--password1 'oldpass' \
--host2 new-mail.example.com --user2 [email protected] \
--password2 'newpass' \
--ssl1 --ssl2
Host1: 3847 messages in 12 folders
Host2: 0 messages
Syncing...
Transferred: 3847/3847 messages (100%)
The Registrar Transfer Process: Step by Step
Once preparation is complete, the actual transfer follows a standardized ICANN-mandated process. While the interface varies between registrars, the steps are identical.
Registrar-Specific Transfer Procedures
| Registrar | Unlock Location | EPP Code | Transfer Time | Notes |
|---|---|---|---|---|
| GoDaddy | Domain Settings → Domain Lock | Email or Dashboard | 5-7 days | Must disable privacy |
| Namecheap | Domain List → Manage → Sharing & Transfer | Dashboard (instant) | 3-5 days | Free WHOIS privacy |
| Cloudflare | Domain Management → Configuration | Dashboard | 1-5 days | At-cost pricing, no markup |
| Google Domains | Registration Settings → Transfer Lock | Dashboard | 5-7 days | Now Squarespace Domains |
| Porkbun | Domain Management → Authorization Code | Dashboard (instant) | 3-5 days | Competitive pricing |
| Hover | Domain Overview → Transfer Lock | Email request | 5-7 days | Clean interface |
ICANN Transfer Policy: What You Need to Know
Other ICANN policies that affect transfers:
- Transfers must be completed within 7 calendar days of initiation
- The losing registrar cannot charge a fee to release the domain
- The gaining registrar must add one year of registration (paid by you)
- Expired domains can be transferred during the renewal grace period (varies by TLD)
- Some country-code TLDs (.uk, .de, .eu) have different transfer rules than generic TLDs
Post-Transfer DNS Verification
After the transfer completes, you must verify that DNS is resolving correctly. This is especially important if the transfer changed your nameservers.
$ dig example.com NS +short
ns1.newprovider.com.
ns2.newprovider.com.
# Verify A record resolves
$ dig example.com A +short
93.184.216.34
# Verify MX records for email
$ dig example.com MX +short
10 mail.example.com.
# Verify SPF
$ dig example.com TXT +short | grep spf
"v=spf1 ip4:93.184.216.34 -all"
# Check from multiple DNS servers to confirm propagation
$ for dns in 1.1.1.1 8.8.8.8 9.9.9.9; do
echo -n "$dns: "; dig @$dns example.com A +short
done
1.1.1.1: 93.184.216.34
8.8.8.8: 93.184.216.34
9.9.9.9: 93.184.216.34
Avoiding Downtime: The Zero-Downtime Transfer Strategy
Here is the exact sequence to transfer a domain with zero downtime — whether you are moving registrars, DNS providers, or both.
| Day | Action | Purpose |
|---|---|---|
| D-2 | Lower all TTLs to 300 seconds | Ensure fast DNS propagation when changes happen |
| D-1 | Document and recreate all DNS records at new provider | New DNS is ready before switching |
| D-1 | Verify new DNS records using dig @new-ns | Confirm records are correct before going live |
| D-0 | Change nameservers (or initiate registrar transfer) | Begin migration |
| D-0 | Monitor DNS propagation with dig @multiple-resolvers | Track when the switch takes effect globally |
| D+1 | Verify website and email from multiple locations | Confirm everything works end-to-end |
| D+2 | Restore TTLs to normal values (3600+) | Reduce DNS query load once stable |
| D+7 | Decommission old DNS/mail if migrating servers | Clean shutdown after full propagation |
Transferring Multiple Domains
When transferring multiple domains, batch processing saves time but requires extra caution. Here are best practices for bulk transfers.
- Transfer domains in batches of 10-20, not all at once — if something goes wrong, the blast radius is limited
- Start with your least critical domain as a test run
- Unlock all domains in a batch before initiating any transfers
- Use a spreadsheet to track: domain name, EPP code, transfer status, DNS records documented, email accounts
- Some registrars offer bulk transfer tools (Cloudflare, Namecheap) that process multiple EPP codes at once
- Stagger batches by 24 hours to allow monitoring between groups
Common Mistakes and How to Avoid Them
Mistake
Forgetting to recreate DNS records at the new provider before changing nameservers.
Prevention
Always set up DNS at the new provider first. Verify with dig @new-ns example.com. Only change nameservers after confirming all records resolve correctly.
Mistake
Not lowering TTL before transfer, causing 24+ hour propagation delays.
Prevention
Lower TTL to 300 seconds at least 48 hours before the transfer. The old TTL must expire from caches before the low TTL takes effect.
Mistake
Letting the domain expire during transfer, entering redemption period.
Prevention
Renew the domain at the current registrar for at least one year before initiating the transfer. The extra renewal cost is negligible compared to redemption fees.
Mistake
Missing email-related DNS records (DKIM, DMARC) during recreation, causing email delivery failures.
Prevention
Use dig example.com ANY and check for _dmarc, _domainkey, and other underscore-prefixed records that are easy to miss in standard DNS exports.
Special Cases: Country-Code TLDs
Country-code TLDs (ccTLDs) like .uk, .de, .eu, .nl, and .au have their own transfer policies that often differ from the standard ICANN process for generic TLDs (.com, .net, .org).
| TLD | Transfer Method | Duration | Special Notes |
|---|---|---|---|
| .uk | IPS tag change (no EPP code) | Instant to 48 hours | Change IPS tag at current registrar |
| .de | AuthInfo code (like EPP) | 1-5 days | DENIC handles directly |
| .eu | Auth code via email | 5-7 days | Must be EU/EEA resident |
| .nl | Auth code (transfer token) | 1-5 days | SIDN handles directly |
| .au | Auth code | 1-5 days | Eligibility requirements |
How Panelica Simplifies Post-Transfer Setup
After transferring your domain to a new registrar, Panelica's domain management makes the hosting setup straightforward. Add your domain through the panel and Panelica auto-provisions the complete stack: Nginx virtual host, PHP-FPM pool, SSL certificate via Let's Encrypt, and DNS records if you are using the built-in BIND DNS server or Cloudflare integration.
For Cloudflare users, the panel's DNS integration automatically creates the A record, MX records, SPF, DKIM, and DMARC entries for your transferred domain. This eliminates the most error-prone part of post-transfer setup — manually recreating dozens of DNS records. The domain health check verifies all records are correct before you start receiving traffic.