Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Data for Integration
Enhance your service and create competitive advantage by integrating Spamhaus’ world-class IP and domain reputation data.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP) Firewall
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find a parter
Discover our partners and how they can support you.
Become a partner
Learn about the benefits of being a Spamhaus partner and how to get started.
Discover a wide range of blog posts, case studies and reports.
Spamhaus’ insight into malware, botnet C&Cs, and the domain reputation landscape.
Commonly asked questions about Spamhaus products and processes.
The Blocklist Tester
A tool to help you check if your servers are correctly configured to use Spamhaus DNSBLs.
The Reputation Portal
A tool for ASN owners to get visibility of their IPs’ reputation and proactively manage listings.
Help for the Project's legacy DNSBLs users
Using the Project’s legacy blocklists and suddenly experiencing email issues? This page may be able to help.
In depth information about the technical details and implementation of our products.
Posted by The Spamhaus Team on 15 Feb 2022
There are many approaches to address acquisition when building email marketing lists; however, these approaches won’t always benefit your deliverability and email reputation. Here we examine the data marketers should be recording, considerations when using online forms, and address acquisition methods to avoid at all costs.
The methods utilized to build mailing lists or contact databases are critical to creating and maintaining good list hygiene. In today’s world, where laws regarding personally identifiable information (PII) [insert link to legalities article] are prevalent, you must accurately record data during the acquisition process, preserve it and update it as necessary.
If one of your IPs or domains is blocklisted and manual intervention is required to resolve the issue, ISPs and/or reputation providers often demand proof of consent. Without good records, such proof is impossible to provide, and therefore any resolution to a block will take longer.
In the event of a GDPR or similar data removal request, having these records could save your company a great deal of money in fines.
Make “opting-in” voluntary – If you collect contact email addresses via a website or online form, we recommend utilizing a checkbox that the user must voluntarily select before being added to a marketing program.
Using a pre-checked box is generally viewed as dishonest and is actively illegal in some countries. People can fail to notice the checkbox and then get an unpleasant surprise when they receive marketing emails they did not ask for or expect. Consequently, they report the mail as spam, causing you reputational and brand degradation. Be transparent in your sign-up process!
Protect your forms – Due to an ongoing and widespread problem that began in August of 2016 that has been escalating ever since, we recommend that you secure web forms against abuse by adding a CAPTCHA or ReCAPTCHA to the form (both are free tools).
Bots use unsecured forms to sign up an uncountable number of bad email addresses, resulting in database poisoning. This can also create what amounts to a denial of service attack (DoS).
Confirmed opt-in – Once a contact has completed a form, we strongly recommend using the confirmed opt-in (COI) method, obtaining active consent via email from the user. Read [insert article] for an in-depth look at opt-in options.
When it comes to increasing the number of marketing contacts in your lists, we strongly advise against any of the following methods:
Best practice states that contacts should confirm that they consent for you to send them communications (COI). Consent is not transferable, and violating it makes recipients angry. In the days of GDPR (and other laws), breaking that consent can be an exceptionally costly thing to do. See below for a detailed explanation of why you shouldn’t ever consider using one of the above three approaches to expand your marketing lists.
The damage that a purchased list can do is incalculable.
Spamhaus has clear views about purchasing and selling mailing lists: because consent is not transferable, this practice is, by definition, impossible and therefore fraudulent. Buying and selling lists do not allow the purchaser to obtain consent to send email to the recipients in that list.
The Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) has published a statement about the sale of email address lists, which Spamhaus fully supports – “The practice of selling, buying or sending to lists of purchased email addresses – whether business to business (B2B), business to consumers (B2C) or other categories, is in direct violation of M3AAWG core values.”
Harvesting is a data collection practice in which emails are obtained by scraping websites, forums, etc. Some less than scrupulous operators also try random combinations of email addresses at specific ISPs to find active email addresses.
This method provides no avenue for opt-in or any kind of permission or consent and typically causes serious blocking and delivery issues for any sender that employs it.
In marketing terms, “epending” or “appending” is the practice of taking demographic information known (or assumed) to be related to a particular customer and matching it with other data. The terms are interchangeable in use. Following published industry best practices, we firmly recommend not using this address acquisition method.
M3AAWG has published a clear statement about e-pending, which Spamhaus fully supports: “The practice of email appending is in direct violation of core MAAWG values.”.
While it is technically possible to do co-registration (co-reg) or affiliate style marketing without violating permission or applicable laws, it is exceptionally challenging. Our advice is not to do it because (again) permission is not transferrable.
When you buy, rent, epend/append, or use co-reg/affiliate lists; you have no quality assurance on the integrity of this data. You cannot purchase consent, and such lists significantly increase the risk of long-term damage to your email campaigns because permission is not transferrable. As we said at the beginning – please avoid at all costs.
With a robust sign-up policy in place, it’s time to think about how frequently you should be sending emails and the importance of engagement.
15 February 2022
Whether it’s personal, business, or email, reputation must be earned. Here's a look at why reputation matters when it comes to email and what you need to be doing to improve it.
There are various methods used to build mailing lists & contact databases. Choose wisely - the quality of your contacts directly affects deliverability.
Here are a few key elements to abide by to ensure an ISP or blocklist provider doesn't view your marketing emails as malicious.