Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Data for Integration
Enhance your service and create competitive advantage by integrating Spamhaus’ world-class IP and domain reputation data.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP) Firewall
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
abuse.ch Real Time Feeds - coming soon
Actionable data signals on cyber threats, with a focus on malware and botnets, to strengthen threat investigations, detections, and help prevent data breaches.
Integration | MDaemon
Block over 99% of email-borne threats with Spamhaus’ real time DNS blocklists and MDaemon® Email Server.
Integration | Halon
Safeguard your email stream using Spamhaus’ real time DNS blocklists and Halon’s secure email infrastructure.
Integration | Messageware
Enhance Microsoft Exchange protection by blocking malicious IP addresses from connecting to your on-premise server in real time.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Exploits Dataset Statistics
View the geolocation, hosting network, malware names associated with each detection, and other critical data points.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
abuse.ch Threat Intelligence Feeds – coming soon
URLhaus, MalwareBazaar, ThreatFox, YARAify, Feodo Tracker and Sandnet enrich CTI feeds and support vulnerability mangement.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find a partner
Discover our partners and how they can support you.
Become a partner
Learn about the benefits of being a Spamhaus partner and how to get started.
Discover a wide range of blog posts, case studies and reports.
Spamhaus’ insight into malware, botnet C&Cs, and the domain reputation landscape.
Commonly asked questions about Spamhaus products and processes.
The Blocklist Tester
A tool to help you check if your servers are correctly configured to use Spamhaus DNSBLs.
The Reputation Portal
A tool for ASN owners to get visibility of their IPs’ reputation and proactively manage listings.
Help for the Project's legacy DNSBLs users
Using the Project’s legacy blocklists and suddenly experiencing email issues? This page may be able to help.
In depth information about the technical details and implementation of our products.
Posted by Fredrik Poller, Product Manager @ Halon on 12 Jul 2022
If you’re an email sender, chances are you’re familiar with SPF, DKIM, and DMARC. They are critical for verifying sender information and helping senders achieve inbox placement. But how au fait are you with “BIMI”? If you want consistent email deliverability, pay attention as Halon's Product Manager, Fredrik Poller, explains the benefit of the emerging email specification that is Brand Indicators for Message Identification (BIMI).
It’s fascinating that a standard that was first discussed back in 1997 is still around to this day – almost 25 years later. I’m of course talking about Sender Policy Framework (SPF) – the first attempt at mitigating spoofed emails. While SPF serves its purpose and has a pretty good adoption rate, it doesn’t solve a fundamental problem with spoofed emails. Now if you’re familiar with email, feel free to skip the next paragraph while we share an email fundamental that is important for understanding authentication.
We tend to think of email as having one sending address – the ‘From: address’. Actually, there is another address associated with each email, the ‘envelope sender’. This address is predominantly used for bounces or errors and isn’t visible by the user unless they dig into the email source code.
The problem with SPF is it only protects by assessing the ‘envelope sender’ address. This poses a big challenge. It’s the ‘From: address’ that’s far more likely to be spoofed, given it’s most visible to users, yet this address is not reviewed so users are left exposed.
It wasn’t until over a decade later, in 2012, that Domain-based Message Authentication Reporting and Conformance (DMARC) came along to tackle that problem. DMARC requires that the domain used in the ‘From’ header (that’s shown in the email client), matches with either the domain used for SPF or that the message is signed with another authentication technique, DomainKeys Identified Mail (DKIM) for that domain.
DMARC is a fantastic standard, but it has one major flaw; it is extremely difficult to implement if you have a large and complex infrastructure with a lot of different components sending email. This becomes evident when looking at adoption rates, with a large portion of the biggest brands and governments not implementing it yet.
Clearly, even with three authentication techniques, there are still challenges with authenticating email. Enter Brand Indicators for Message Identification – or rather – BIMI. Sounds cool, but what is it?
Published in February 2019, BIMI is a proposed standard (draft) that enables brands to have their logo displayed in recipients’ inboxes, to enhance the user experience. But, it’s of course more complicated than that when put into practice.
With domains, it’s quite easy for the recipient to notice discrepancies. However, with graphics, it’s not as simple. Because of this, there needs to be a control function in place to make sure that only legitimate brands and senders are able to add graphics with BIMI. The solution for this is to use certificate authorities and require an actual purchased certificate to implement BIMI.
This certificate is called a Verified Mark Certificate (VMC) and at the time of this writing, there are only two certificate authorities that issue them: DigiCert and Entrust. On top of that, your logo must be trademarked with an appropriate authority, which, unfortunately, right now can make it a bit tricky for companies outside of the US. But that’s hopefully about to change.
And now for the kicker; BIMI requires a sender to have DMARC implemented with an enforcement policy of p=reject or p=quarantine – you can find out more on this here. No DMARC means that there is no fancy logo in recipients’ inboxes; it’s that simple. It’s pretty obvious that one of the big goals with BIMI is to increase DMARC adoption, which is very much needed.
It’s a pretty new standard, and it hasn’t seen a lot of adoption yet. In fact, of all the big mailbox providers right now, only Google and Yahoo support it. But that’s all about to change, with Apple recently announcing they will support BIMI in their upcoming iOS, iPadOS, and macOS releases. It is predicted that this announcement will drive more companies to push for both DMARC and BIMI implementation. If one thing is for sure, it’s that BIMI is absolutely here to stay, and it’s a great step forward when it comes to email security.
But don’t forget, it’s not just BIMI and DMARC that you should set up; SPF and DKIM still play significant roles. The folk at Spamhaus tell me you can find details on these authentication methods here. Happy authenticating!
27 July 2022
Email senders - take note: in this blog, the deliverability experts from Emarsys, Twilio, and Validity share their top 5 tips for you to achieve consistent email deliverability. You're welcome!
Deliverability experts from Emarsys, Twilio and Validity share their insight into the opportunities and challenges senders should consider when changing email provider. Hint - you need to build your reputation from scratch, so how can an email filter decide if your email is genuine or attempted abuse?
As part of our Deliverability 101 series, we're inviting experts from across the email-sending community to share their pearls of wisdom. For this blog post, we get the insight from Emarsys, Twilio, and Validity on who holds responsibility for deliverability.