Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Data for Integration
Enhance your service and create competitive advantage by integrating Spamhaus’ world-class IP and domain reputation data.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP)
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find out who we work with and how you can become a Spamhaus Partner.
Discover a wide range of blog posts, case studies and reports.
Commonly asked questions about Spamhaus products and processes.
The Blocklist Tester
A tool to help you check if your servers are correctly configured to use Spamhaus DNSBLs.
The Reputation Portal
A tool for ASN owners to get visibility of their IPs’ reputation and proactively manage listings.
Help for the Project's legacy DNSBLs users
Using the Project’s legacy blocklists and suddenly experiencing email issues? This page may be able to help.
In depth information about the technical details and implementation of our products.
Posted by The Spamhaus Team on 29 Mar 2018
Global managed cloud provider Rackspace is protecting customers and improving connectivity by using DNS Firewall Threat Feeds to block malicious domain traffic and botnet activity.
As the leading provider of managed cloud services, Rackspace is always looking for ways to augment its multi-layered approach to security and stay ahead of the threats from Distributed Denial of Service (DDoS) attackers looking to exploit its global infrastructure and highly connected customer base.
High volumes of domain queries across the company’s infrastructure are an integral part of usual operations, but Rackspace was looking for ways to reduce traffic related to malicious domains and help ensure that the infrastructure wasn’t used by botnets to mount DDoS attacks. In addition to these security concerns, DDoS attacks were also parasites on their infrastructure, stealing bandwidth to carry out their malicious attacks.
After a market analysis of different options, Rackspace worked with Spamhaus’ value-added delivery partner, SecurityZones, to fully deploy DNS Firewall. This included developing a pilot to ensure technical compatibility and delivery requirements with the monitoring of results prior to full implementation.
Rackspace chose to have DNS Firewall Threat Feeds delivered as a zone transfer feed to ensure domain queries were filtered on their own DNS servers to reduce latency and because they had the skills available to implement directly.
Rackspace uses industry standard BIND servers for DNS resolution and the zone transfer feed was test integrated. Almost immediately it was delivering results; blocking malicious domains without the installation of any additional hardware.
Rackspace’s customers rely on their users to have a uninterrupted online experience. For eCommerce customers that means a seamless experience from advertising through to the online store and final purchase. Underpinning this is multiple DNS resolution across different sites so any interruption would have an immediate business impact, therefore testing was a vital component to this deployment.
Following checks for technical compatibility with BIND servers and reviews of the volume of alerted traffic, DNS Firewall was made operational.
The implementation drastically cut down on botnet and other malicious Command & Control beaconing traffic. Each beaconing message is very small but an active botnet can consume massive amounts of bandwidth when it is switched on to mount a DDoS attack. Rackspace was able to virtually eliminate this traffic with no impact on customers’ business flows.
To sign up for a free 30 day trial of DNS Firewall, click here.
Applied at the DNS level of your infrastructure, these threat feeds automatically stop users from accessing malicious sites including phishing and malware dropper websites.
These threat feeds can be integrated with existing recursive DNS servers, or for those who don’t manage their own DNS, we have a managed service available.
29 June 2022
Internet Service Provider, CitraNET balances providing customers with the resources they request, while keeping them protected, with DNS Firewall Threat Feeds.
14 September 2018
With the ever increasing demands on IT, security and networking teams, tools that reduce workloads, which don't cost the earth, are always welcome. One such tool is DNS Firewall. Find out how it works, and the benefits it provides.
11 September 2018
With such a huge growth in the DNS Firewall market over the past few years there are plenty of options to choose from. Read our Top 10 questions for your next DNS Firewall provider.