Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Data for Integration
Enhance your service and create competitive advantage by integrating Spamhaus’ world-class IP and domain reputation data.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP) Firewall
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
abuse.ch Real Time Feeds - coming soon
Actionable data signals on cyber threats, with a focus on malware and botnets, to strengthen threat investigations, detections, and help prevent data breaches.
Integration | MDaemon
Block over 99% of email-borne threats with Spamhaus’ real time DNS blocklists and MDaemon® Email Server.
Integration | Halon
Safeguard your email stream using Spamhaus’ real time DNS blocklists and Halon’s secure email infrastructure.
Integration | Messageware
Enhance Microsoft Exchange protection by blocking malicious IP addresses from connecting to your on-premise server in real time.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Exploits Dataset Statistics
View the geolocation, hosting network, malware names associated with each detection, and other critical data points.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
abuse.ch Threat Intelligence Feeds – coming soon
URLhaus, MalwareBazaar, ThreatFox, YARAify, Feodo Tracker and Sandnet enrich CTI feeds and support vulnerability mangement.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find a partner
Discover our partners and how they can support you.
Become a partner
Learn about the benefits of being a Spamhaus partner and how to get started.
Discover a wide range of blog posts, case studies and reports.
Spamhaus’ insight into malware, botnet C&Cs, and the domain reputation landscape.
Commonly asked questions about Spamhaus products and processes.
The Blocklist Tester
A tool to help you check if your servers are correctly configured to use Spamhaus DNSBLs.
The Reputation Portal
A tool for ASN owners to get visibility of their IPs’ reputation and proactively manage listings.
Help for the Project's legacy DNSBLs users
Using the Project’s legacy blocklists and suddenly experiencing email issues? This page may be able to help.
In depth information about the technical details and implementation of our products.
Posted by Tom Bartel and Melinda Plemel on 1 Nov 2023
For digital marketers, spamtrap opens and clicks present a consistent challenge to email deliverability and reputation. And despite their good intention, they are perceived only to wreak havoc with engagement metrics. But are interactions on spamtraps the real problem? We know the issues run much deeper. Join Validity's Tom Bartel and Melinda Plemel from Spamhaus Technology to unravel the myths and uncover the truth about spamtraps clicking links.
Did someone say spamtrap? Where?! Yes, spamtraps are feared by most marketers today. Not only because of the threat of having your IP blocked if an email hits multiple traps, multiple times, but also because of the perceived interference they cause with campaign metrics – opens and clicks. Unfortunately, we believe that much of the ‘spamtrap-clicking’ fear stems from the continued degradation of email performance signals for senders. For example, Apple’s Mail Protection Privacy (MPP) was designed to protect consumers by masking their IP address, yet MPP brought with it the so-called death of the open rate, further blurring a previously relied upon metric. And it’s the knowledge of the degradation of the open rate as a metric that fuels the fear of spamtraps clicking links today, foreboding the additional loss of clicks as a useful performance metric.
With the growing deployment of tools to protect receivers from malicious activity, marketers are left questioning their shrinking pool of signals. But are spamtraps and other tools taking the blame for poor deliverability practices?
The first rule of deliverability
When dealing with deliverability challenges, the first rule to remember is that it is not about you as the sender. It’s about spam, miscreants, and the email-borne threats that mailbox providers and other receivers continue to battle. Spam is as prevalent as ever, which means protecting mailboxes and providing a clean and safe inbox experience is their primary focus. But what does it mean for senders?
The truth about opens and clicks
Over the years, deliverability challenges and reputation signals have become increasingly complex for the sender. Email signals, which were once straightforward indicators of recipient engagement, have evolved.
In the early days, the open rate was a very simple and direct recipient signal. But spammers ruin everything; requiring mailbox providers to introduce anti-abuse protection, performance optimization and consider consumer privacy implications. Where the open rate metric was once a reliable tool for diagnosing campaign performance, it has become blurred and perhaps even unusable as a measure of campaign effectiveness.
Similarly, clicks were once a relatively pure signal for measuring campaign success. Yet, due to the volume of emails that systems have to protect users from – spam, phishing, and malware – they are forced to identify and investigate malicious links. This further adds to the devaluation of clicks as a metric for campaign performance. The question remains: ‘Do marketers need to worry about spamtraps?’
Spamtraps are not the problem
Most spamtraps fall into three categories: typos, recycled and pristine. As it sounds, typo spamtraps are email addresses with a misspelled domain name similar to legitimate mailbox provider domains. Recycled spamtraps are email addresses that were once valid but are now no longer used. Although they make up the majority of spamtraps, they are of less concern when it comes to spamtraps clicking links.
Pristine traps are a different story. Designed to catch specific abuse, they are typically utilized by researchers undertaking detailed investigations. These are incidents where an email should never have reached its destination, which will undoubtedly have suspicious links. These are also email addresses you do not want in your database. And yes, there could likely be a click. Researchers will investigate every detail to determine whether the emails sent to these essentially fake email addresses are malicious – including links. Nevertheless, this category of spamtrap represents a small percentage overall and should not interfere with data analysis and campaign performance.
In fact, spamtraps can be an invaluable tool for deliverability specialists. In their various forms, spamtrap metrics are indicators of overall list hygiene. By embracing these signals as pathways to investigation, senders can identify the real problem rather than merely addressing the symptoms.
What is the real problem?
In an ironic twist, the second rule of deliverability is that it IS actually all about you: the sender. Ultimately you are measured by your behaviour, and despite any opens and clicks generated by spamtraps during investigations of malicious activity, high rates of spamtrap hits are a strong indicator that you have a list acquisition and or hygiene issue. Don’t blame the signal. And don’t discard the signal due to minimal “non-human interaction”. Instead of wasting hours, days, weeks hunting for spamtraps, stop and use the signal to identify any flaws in your process that are allowing spamtraps into the system.
More importantly, you need to go back to the deliverability basics. It’s about permission and expectation for recipients, delivering on that promise, and not over sending!
Consent is the single most impactful step senders can take. And to be clear, when we say consent, we mean, “freely given permission, with an affirmative action taken by recipients to confirm they opt-in to receive email communications from a sender”. We recommend following M3AAWG’s sender best practices for obtaining Confirmed Opt-In (COI):
By employing COI, you can have confidence in the quality of the data entering your system. Where you have a database that has fallen into a state of disrepair – no sunset policy, poor bounce management – use tools to refine your data. Such tools may include list validation or a permission pass campaign to reconfirm opt-in status for your contacts.
Maximise all deliverability signals
There is value in every deliverability data point you have at your fingertips. And while it’s true opens, clicks, and other deliverability signals have become blurred, when viewed holistically with all deliverability data points, they still provide valuable insight – including spamtraps. Instead of fearing spamtrap opens and clicks, leverage them as a signal for investigation to better understand the root cause of your deliverability problems.
29 September 2023
Extracting the value from spamtraps requires time, expertise, and business assets. Learn about the benefits of sharing your spamtrap data with Spamhaus, and how we can mine these treasure troves of data on your behalf.
17 May 2022
Expand your expertise with our Know How series, aimed at filling in knowledge-gaps & helping you achieve consistent email deliverability.
15 February 2022
Spamtraps effectively identify email marketers with poor permission and list management practices. Here's our A-Z of spamtraps.