Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Data for Integration
Enhance your service and create competitive advantage by integrating Spamhaus’ world-class IP and domain reputation data.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP) Firewall
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
abuse.ch Real Time Feeds - coming soon
Actionable data signals on cyber threats, with a focus on malware and botnets, to strengthen threat investigations, detections, and help prevent data breaches.
Integration | MDaemon
Block over 99% of email-borne threats with Spamhaus’ real time DNS blocklists and MDaemon® Email Server.
Integration | Halon
Safeguard your email stream using Spamhaus’ real time DNS blocklists and Halon’s secure email infrastructure.
Integration | Messageware
Enhance Microsoft Exchange protection by blocking malicious IP addresses from connecting to your on-premise server in real time.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Exploits Dataset Statistics
View the geolocation, hosting network, malware names associated with each detection, and other critical data points.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
abuse.ch Threat Intelligence Feeds – coming soon
URLhaus, MalwareBazaar, ThreatFox, YARAify, Feodo Tracker and Sandnet enrich CTI feeds and support vulnerability mangement.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find a partner
Discover our partners and how they can support you.
Become a partner
Learn about the benefits of being a Spamhaus partner and how to get started.
Discover a wide range of blog posts, case studies and reports.
Spamhaus’ insight into malware, botnet C&Cs, and the domain reputation landscape.
Commonly asked questions about Spamhaus products and processes.
The Blocklist Tester
A tool to help you check if your servers are correctly configured to use Spamhaus DNSBLs.
The Reputation Portal
A tool for ASN owners to get visibility of their IPs’ reputation and proactively manage listings.
Help for the Project's legacy DNSBLs users
Using the Project’s legacy blocklists and suddenly experiencing email issues? This page may be able to help.
In depth information about the technical details and implementation of our products.
Posted by The Spamhaus Team on 15 Feb 2022
Spamtraps are never revealed by their owners. Partly because they are a component of the secret sauce of their filtering, and partly because if the trap is identified, what usually happens is that the sender simply suppresses the trap address – and they don’t undertake any of the necessary to work to improve their data. Here’s an outline of the various types of spamtraps in use:
Classic spamtraps are email addresses never given to a live user or exposed on a website but have started receiving email anyway. In some cases, these are addresses at domains that accept mail to any local part (wildcard domains: e.g., *@example.com).
Seeded traps are email addresses that trap owners create and deliberately scatter – seeding around various places online that are not obvious (in webpage source code, for example).
These traps highlight that the sender is either scraping addresses from the web or is buying lists from someone else who is scraping addresses. These traps are good for identifying sources sending mail without permission and those not honoring unsubscribe requests.
These are traps at domains that are similar to common domains: yaaho.com or ynail.com, homail.com, etc. Mail to these traps suggests to the trap owner that the sender is trying to send mail to real people. These are not “pure” spam traps, can contain a lot of real mail, and are generally weighted accordingly. Employing COI at the data collection point is a perfect way to avoid your lists being polluted by these nuisance traps.
“Dead” traps were once-valid email addresses that ISPs have turned off. All mail to these addresses is rejected with a hard bounce for a period of time, often 12 months or more. After consistently rejecting mail for a pre-determined period, the addresses are silently turned back on in the form of spamtraps. These are very useful for ISPs to easily spot senders with poor list hygiene. Hitting this type of trap is a significant red flag.
Trap owners purchase expired domains and collect mail that comes into them. In many cases, these domains are turned off for a period of time, either hard bouncing mail or not resolving in DNS, before they are silently turned back on as spamtraps.
These are email addresses belonging to a real user. Owners use them for real mail, but they use the unsolicited mail coming into those addresses to make blocking decisions. Hitting these can be extremely dangerous if the person who owns them has connections.
Registration (or role account) addresses are a special type of live trap. These addresses, published in whois records, are frequently harvested and mailed. These types of addresses should almost NEVER be on a marketing mailing list. Examples include [email protected], [email protected], [email protected], etc.
At the end of the day, if you follow our best practices paying attention to data collection, hygiene, and sending frequency, you won’t need to worry about the various types of spamtraps that exist…. Because you won’t be hitting any.
We’ll finish where we started at the very beginning of this guide…
1 November 2023
Unravel the myths of spamtraps clicking links and learn how to leverage these metrics to better understand your deliverability problems.
16 August 2022
The recent spate of informational listings from The Spamhaus Project researchers created waves in the sending community. But more pertinently, it’s highlighted poor sending practices. Here’s further explanation, and helpful hints and tools to help calm the waters.
15 February 2022
Here's our guide to email frequency & engagement, helping you understand how often to email contacts and keep them engaged for email deliverability.