Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Data for Integration
Enhance your service and create competitive advantage by integrating Spamhaus’ world-class IP and domain reputation data.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP)
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find out who we work with and how you can become a Spamhaus Partner.
Discover a wide range of blog posts, case studies and reports.
Commonly asked questions about Spamhaus products and processes.
The Blocklist Tester
A tool to help you check if your servers are correctly configured to use Spamhaus DNSBLs.
Help for the Project's legacy DNSBLs users
Using the Project’s legacy blocklists and suddenly experiencing email issues? This page may be able to help.
In depth information about the technical details and implementation of our products.
Posted by on 8 Mar 2022
To the untrained eye, spotting bad actors via email can be challenging. The extent of this issue is evident; the FBI reported $1.8 billion was lost due to Business Email Compromise (BEC) in 2020 – 64 times more financially damaging than ransomware. Egress have carved out a critical role in protecting against threats like this. Find out how using Spamhaus’ Data Query Service (DQS) has assisted Egress’ solution while saving their internal team significant time and budget.
Cybersecurity software company, Egress was founded with aim of keeping email users safe, as simply as possible. Their product, Egress Intelligent Email Security, gives users context-driven and genuinely user-friendly analysis of both inbound and outbound email threats, in addition to end-to-end encryption.
When a threat is detected, Egress’ solution provides a real time notification in the user’s email highlighting the risk, such as a phishing attack from a spoofed domain, so the user, or their email administrator, can take immediate action.
Email threats no longer go undetected and the risk of falling victim to cybercriminals is reduced. Both users and their organizations are protected against BEC and other phishing attempts.
Egress identifies outbound email as the biggest security risk any organization faces, making outbound protection critical to their solution. Much of this efficacy relies on domain data to determine whether the would-be recipient is legitimate or not. This element of the solution was originally managed in-house by Egress, who collated and curated their own domain data.
A critical part of any threat-detection dataset is having the breadth of data to assess. The bigger the pool of data, the bigger the chance of finding malicious behavior. This means securing the raw data from a varied and trustworthy network, which takes time to develop and manage.
Robust mechanisms are required too – not only to identify cybercriminals as they develop their approaches to go undetected, but also to deal with operational aspects, like false positives, efficiently.
Egress wanted to enhance their solution while creating more efficiency in-house. Outsourcing to a specialist provider became a necessary consideration.
For Egress, identifying a partner was relatively straightforward. “We knew of Spamhaus as the trusted authority for reputation data, so the domain datasets were a ‘must have’ to include during our trial phase” explained Darren Cooper, Chief Technology Officer, Egress.
For completeness, Egress tested numerous other providers, but Spamhaus proved to be the most effective in catch rates, false-positives, and overall quality,
Egress also required a solution that was genuinely real time. Any latency in confirming whether a domain has a bad reputation could result in an ill-informed user taking action that negatively impacts them and/or their business.
Using Spamhaus’ real time offering, DQS, Egress’ customers would be protected as soon as a threat is listed, 24/7. DQS also allowed the team to use their existing infrastructure, and once set up, no further maintenance would be required.
By analyzing 3 million domains every day, Spamhaus ensures Egress’ customers are protected with broad and consistent threat-detection coverage.
Data from the Domain List (DBL) provides customers with insight on domains owned by spammers or used for malicious purposes, including otherwise legitimate domains that have been compromised. This is essential for Egress customers. Why?
It’s extremely difficult for Joe Bloggs, your average email user, to identify if a previously legitimate sender, say [email protected], has had their domain and mailbox hijacked. With a well-crafted spear phishing attack, there’s very little to prevent Mr Bloggs from sharing valuable information or clicking through to a compromised link, such as example.com/1ogin_and_pay_here.
Alternatively, using the DBL, Egress would flag a notification directly in Joe’s draft email highlighting the concern, allowing Joe, or Joe’s email administrators, to act and significantly reduce the risk of BEC.
Egress also utilizes the Zero Reputation Domain list (ZRD) to provide intelligence on domains registered in the last 24 hours. This is an effective screening tool as domains are rarely used by legitimate owners as soon as they are registered.
When a user composes an email and populates the ‘To’ field, Egress’ solution makes a query via DQS to the Domain Lists to identify if there’s a listing. If the would-be recipient’s domain is listed, the user is notified and can make an informed decision on whether they pursue the communication or not. Equally, their action can be blocked by administrators. This not only impacts immediate action, but provides real time teachable moments to empower users to identify future threats too.
Egress has been using the domain data via DQS since April 2021 and highlighted four key benefits:
“We have a truly reliable, consistent source of domain intelligence. With great coverage and low false positives, our customers continue to have confidence in our product”, Darren Cooper, Chief Technology Officer, Egress.
The more we can work with likeminded organizations aiming to achieve a common goal – in this case making the internet a safer place – the more focus each organization has on tackling a different piece of the puzzle.
In this case, Spamhaus focuses on providing threat intelligence data that can be easily made operational. Egress focuses on creating user-friendly solutions and preventing email users becoming victims. A symbiotic relationship to tackle the bigger problem.
To make the online world safer, we must all work to build stronger relationships and continue working as a community.
Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.
Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.
The service has never failed and utilizes the longest established DNSBLs in the industry.
12 May 2022
Email software provider, Constant Contact, has a duty of care to their customers and email recipients alike to prevent malicious behavior via outbound email. See how they’re using our domain data to tackle this.
17 March 2022
We’re offering an exclusive opportunity to help shape Spamhaus’ newly released Reputation Portal.
20 January 2022
Q4 update on the botnet command and controllers our researchers are observing, including geolocation and who is hosting them.