Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP)
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API [beta]
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find out who we work with and how you can become a Spamhaus Partner.
Discover a wide range of blog posts, case studies and reports.
Commonly asked questions about Spamhaus products and processes.
In depth information about the technical details and implementation of our products.
Posted by Carel Bitter on 11 Nov 2020
There's much to be said for running your own mail server: privacy, flexibility and being in control of your own destiny; these are all good things. On the flip side, there's usually a bit more to it than just installing a software package and clicking the Go! button.
While the email ecosystem has lots of small complexities under the surface, it’s often the more basic things that can significantly help mail server administrators get things right. Here are our top tips to email success – you’ll certainly have a good start if you implement them all.
Email is heavily dependent on DNS. Often the first thing that needs to be configured is an MX record to tell the world where to send email for a specific domain. However, DNS plays an even more important role when sending emails: your mail server needs to have the correct reverse DNS set up.
Having valid reverse DNS (also known as a PTR record) is often the most basic requirement to get your mail accepted anywhere. And it works even better if the value of the reverse points back to the IP; the DNS matches both forward and in reverse.
It’s easy to mix up –for example– office traffic and mail server traffic when it’s all NAT’ed behind the same IP. But this can cause trouble: compromised end-user devices will be able to do bad things online while using the same external IP address of the mail server.
Get a dedicated IP address for your mail server, or make sure that proper firewall rules are in place that limits the use of outbound port 25 to mail servers. This can prevent a lot of trouble.
Email does not always come from email clients inside your organization: servers, printers, or other devices may send out the occasional message as well.
Route all of the above traffic through your mail server, enabling you to know what is being sent and where. Additionally, this ensures that messages are being sent correctly.
Lastly, in case of an issue arising internally, proper anti-spam controls will prevent any damage from leaking outside your network.
The Simple Mail Transfer Protocol (SMTP) can inform the sender of the outcome of the delivery. Therefore, rejecting as much malicious or potentially malicious mail during the transmission will inform the sender immediately that the mail did not reach the recipient.
By using this feature, it is always clear to the sender that the delivery failed, potentially saving consternation between both parties. Accepting an email first and then later bouncing it back is considered bad practice.
Due to the way the SMTP protocol is designed, it is easy for anyone sending malicious email to use domains that they don’t own. But thanks to the Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC) standards, it’s also easy to limit any damage that can be caused by that.
Deploy these where and when you can, as it can prevent damage should others decide to send mail in your name. Together, SPF, DKIM, and DMARC are often referred to as email authentication.
Always set up a Sender Policy Framework (SPF) record in your DNS, and ensure that it is as specific as possible, limiting the IP addresses allowed to send for your domain. Also, set-up DKIM to sign your outbound mails. The addition of both of these increases the robust nature of your email configuration.
While SPF allows a receiver to verify if an IP address is allowed to send mail using your domain, DKIM allows verification that the mail that claims to come from a domain /really was/ authorized by the domain owner. By using – again – DNS, a lookup can be performed to get a public key to verify parts of the email. This virtually eliminates domain spoofing in email.
Even if SPF and DKIM are being used for verification, it is still unclear what a receiver should do when either one fails. DMARC solves this problem by publishing a policy in the DNS.
The more often the same domain is used for all these tips, the better. It makes it far easier for a recipient to see that you are communicating with them and not an imposter.
Use the same domain name for forward and reverse DNS for the email sender and all authentication. In the industry, this is called alignment; we call it common sense.
Many of the tips we’ve shared rely on DNS, which means that a domain name is involved. Choose your domain name wisely, as many email systems will take a domain’s reputation into account when determining how to treat an email message.
Setting up all the authentication standards can improve the reputation of your domain. Finally, always use your main business domain where possible: It’s much better to have marketing.example.com and news.example.com instead of example-news.com and example-mkt.com.
Last but not least, be careful when accepting email. Always deploy sensible filtering practices to prevent malicious emails from being delivered to your users. It’s not possible to prevent bad mail from being sent, but you can certainly help yourself when it comes to accepting only the good, leaving the bad and the ugly out.
If all the tips we’ve shared are implemented, you will discover that running your own email doesn’t have to be troublesome. In return, you will get a lot of freedom to do things the way you want while staying in control of your own destiny.
Now it’s time to focus on Domain Name Server Blocklists (DNSBLs), which can help you deal with spam and other malicious inbound emails. Until then: safe mailing!
Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.
Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.
The service has never failed and utilizes the longest established DNSBLs in the industry.
27 January 2021
There are multiple benefits to using blocklists, reducing infrastructure costs, and workforce hours to increasing catch rates. However, to get the most from DNSBLs, it's vital to use them at the right points in your email filtering process.
20 January 2021
German email provider, freenet, bring their spam management in-house to increase visibility, control and ultimately protection using Spamhaus’ IP blocklists.
11 November 2020
DNS blocklists should be your first line of defense against spam and other email-borne theats. Here is an intro to some DNSBL fundamentals.