Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s Blocklist Removal Center. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s Blocklist Removal Center is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP)
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find out who we work with and how you can become a Spamhaus Partner.
Discover a wide range of blog posts, case studies and reports.
Commonly asked questions about Spamhaus products and processes.
In depth information about the technical details and implementation of our products.
Posted by Barry Branagh on 4 Jul 2018
Do you utilize Spamhaus’ free blocklists via the public mirrors? Are you currently using Google’s Public DNS, or similar public recursive server?
You may not be aware, but with this combination, every time you make a query to Spamhaus it will return a ‘non-existent domain’ (NXDOMAIN). That means we are not providing reputation advice about whether or not to receive that email i.e. your spam emails will not be blocked by the queries you are running. Here’s why…
There are a number of reasons why people choose to employ a public DNS resolver, such as Google Public DNS. Perhaps your Internet Service Provider’s (ISPs) recursive name server suffers from high latency, due to it being overloaded. Let’s be honest, given the competitive nature of this marketplace some providers have been known to ‘skimp’ in this area, in order to reduce operating costs.
Also, let’s not forget its ease of use. If you’re setting up an address to use as your DNS resolver, then 126.96.36.199 (one of Google’s public DNS resolver IP addresses) is one of the simplest numbers to remember.
So why don’t Spamhaus’s free DNSBLs work through some public DNS resolvers?
Regrettably we have had to block some public DNS resolvers because they can be exploited by some users to get more than their fair share of a free service.
Back in 1998 when both the world wide web (w.w.w.) and Spamhaus were in their infancy, 3.1% of the global population were utilising the internet, according to data from the International Telecommunication Union.
Fast forward 20 years and now 48% of the world’s population uses the internet. That takes the numbers from 188 million users in 1998 to 3,663 million users in 2017. This means that not only are the number of global internet users increasing at a phenomenal rate, but the number of those using Spamhaus’s free public mirrors is also dramatically increasing.
We believe in providing the public with threat intelligence for free; helping small independent businesses, schools and non-profit making organisations safely filter their email at no cost.
With a network of over 80 public DNSs spread across 35 countries, this significant international DNS infrastructure serves billions of queries to the public every day, for free.
But note that word ‘public’ in the above paragraph. This free service is intended to be available for those who are genuinely ‘the public’, fulfilling all of the following criteria:
Spamhaus understands that anything free is difficult to resist. Therefore usage is monitored of these free DNSBLs to ensure this resource isn’t being exploited. If an IP address exceeds the above criteria it is suggested the user pays to use the commercial DNSBL data feed service.
It’s simple – public recursive name servers act as an anonymising service and enable large scale users to hide behind them. Given the lack of transparency and inability to identify those who are abusing the free service a difficult decision was made to add some public domain name servers to our access control list… ultimately blocking your query.
To quantify the issue, over a 24 hour period Spamhaus receives approximately two billion queries from, what could be argued, the most popular public recursive DNS. This is roughly 20% of the total number of queries made over the same period.
Not a problem, as long as you meet the criteria detailed above. Spamhaus can provide you with free access to our DNSBL data feed, via our Data Query Service (DQS), simply sign up for the low-volume free DQS here. It’s straightforward and can be set up in a matter of minutes, and enables you to have access to our domain name server block lists, whilst still using a public DNS.
Any questions? Simply contact us.
Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.
Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.
The service has never failed and utilizes the longest established DNSBLs in the industry.
15 April 2020
The number of botnet Command & Controllers (C&Cs) associated with fraudulent sign-ups, reduced by 57% in Q1 2020, however it isn't all good news. Find out the full details on botnet C&C activity here.
29 October 2019
As IT budgets and resources are squeezed it’s understandable to shop around, be it for hardware, software, or threat intelligence data, for that matter. But beware…not all email blocklists (DNSBLs) are equal.
6 December 2016
Spamhaus’ Zero Reputation Domain service protects users from newly-registered domains used by cybercriminals to send spam and drive traffic to harmful websites.