Have you been blocked?
All blocklists are researched and managed by The Spamhaus Project.
Simply click on the link below, which will take you to the Project’s IP and Domain Reputation Checker. From here you will be able to enter your IP or Domain and begin your request for removal.
Please note that the Project’s IP and Domain Reputation Checker is the only place where removals are handled.
IT and security teams consistently face multiple business challenges. Discover how our solutions can help overcome some of those issues.
From processing issues, to email-borne threats our blocklists easily integrate with your current email set-up to improve anti-spam & anti-virus email filtering.
Employ our threat intelligence to increase visibility across security events, reveal potential weaknesses in your network, and threats to your brand.
Stay on top of the latest threats and proactively combat botnet infections, and other forms of abuse, with our solutions.
From clicking on phishing emails to visiting malware dropper sites, our threat intelligence provides automatic protection for your users.
Our products provide additional layers of security for networks and email. They also present security teams with additional insight into malicious behavior.
Border Gateway Protocol (BGP)
Block the worst of the worst at your network edge, taking advantage of your existing BGP-capable routers. Configuration only takes minutes.
Data Query Service (DQS)
Benefit from industry-leading real time blocklists. These DNSBLs easily plug into your existing email infrastructure to block spam and other email threats.
A powerful research tool to investigate relationships between internet infrastructures. Quickly pivot to new areas of concern to rapidly investigate potential threats.
Immediately block connections to dangerous sites, including phishing and malware dropper websites. A ‘set and forget’ solution.
Spamhaus Intelligence API
Threat intelligence data in API format to enable users to easily integrate metadata relating to threats with their own applications, programs, and products.
A wide range of datasets, providing multiple layers of protection. They can be plugged directly into your existing hardware, making them an affordable choice.
Border Gateway Protocol (BGP) Feeds
Do Not Route Or Peer (DROP) and Botnet Controller List (BCL) datafeeds can peer with your existing BGP-capable router.
Domain (DBL), Zero Reputation (ZRD) and Hash blocklists (HBL) enable you to block content in emails, filtering out a higher rate of email-borne threats.
Data for Investigation
Passive DNS and extended datasets give you additional information on internet resources. They provide deeper insights into incidents and possible threats.
DNS Firewall Threat Feeds
A wide range of feeds to apply to your DNS recursive server. Choose the right level of protection for your organization.
Spam (SBL), Policy (PBL), Exploits (XBL) and Auth (AuthBL) blocklists allow you to filter email from IPs associated with spam, botnets, and other threats.
Find out more about us.
Learn more about Spamhaus; who we are, and what we do.
Find out who we work with and how you can become a Spamhaus Partner.
Discover a wide range of blog posts, case studies and reports.
Commonly asked questions about Spamhaus products and processes.
The Blocklist Tester
A tool to help you check if your servers are correctly configured to use Spamhaus DNSBLs.
Help for Spamhaus Public Mirror users
Using the Project’s Public Mirrors and suddenly experiencing email issues? This page may be able to help.
In depth information about the technical details and implementation of our products.
Posted by Sarah Miller on 23 Mar 2021
The developer community grasped the opportunity to experiment with the Spamhaus Intelligence API beta release with open arms. This got us thinking... what about offering up our datasets to developers on a more permanent basis? What about a Spamhaus Developer License?
Spamhaus believes in making the internet a safer place. The wider access there is to the latest IP and reputation data, the better.
We manage the free Data Query Service (DQS), on behalf of The Spamhaus Project, for this very reason. The DQS provides small-scale users with access to DNS Blocklists free of charge, 24/7.
We also provide the free DNSF Firewall Threat Feeds to protect against the worst of the worst threats for those running their DNS infrastructure. Last but not least, there’s free access to Passive DNS for users wanting to check historical DNS records on an occasional basis.
But we wanted to take this community spirit a step further; to encourage and support the development of applications and solutions using the wide range of threat intelligence data we have available.
We’re aware that it can take time to find the right use case and build the right application to meet its needs. So, we’ve created a license to give developers access to the data without the 30-day time limit attached to a trial. The developer license runs for six-month periods.
There’s also a dedicated dev community, connecting like-mind developers to share ideas, challenges and issues. We hope this community will support its members through builds, share use cases, and feedback on the data, so we can keep improving it.
For those who want to stress test a solution and require additional query volumes for a limited testing time, please reach out to us. Where possible, we’re here to support your requirements.
The Developer License is currently only available for the Spamhaus Intelligence API (SIA). Still, in the not-too-distant future, we hope to be sharing additional products and datasets to enable developers to experiment with all our datasets and see what challenges they can address.
SIA provides simple access to our enhanced datasets. This makes it easy to integrate into threat intelligence platforms, automate reporting, along with many other applications.
Companies, such as Red Sift Open Cloud, are already reaping the benefits from the increased intelligence that SIA’s metadata supplies. SIA has given them a competitive advantage, enabling them to deliver immediate insight to their customers, “saving them weeks of work.” Read more about this use case here.
Fill in the form on our Developer License page. Once you’ve verified your email address, an account is created for you in our Customer Portal, along with access to SIA. It’s that simple.
This API provides access to metadata relating to IP addresses exhibiting compromised behavior, including malware, worm and trojan infections, and SMTP-specific traffic emitting spam.
The breadth of data available via an easily consumable API provides security developers with scores of opportunities.
28 September 2021
An easy-to-exploit security vulnerability that allows remote code execution (RCE) on virtual machines where Open Management Infrastructure (OMI) is installed has been observed. Users need to take action.
30 June 2021
Spamhaus has released the extended CSS Blocklist (CSS) and made it available via our API service. This provides users with additional insights relating to compromised and malicious IP addresses.
15 April 2021
After a quiet(ish) end to 2020 in Spamhaus' botnet world, the first quarter of this year kicked off in style. The major news surrounded the takedown of the Emotet botnet in January. Nonetheless, as one malware departs, others arrive on the scene, as proved by the 24% increase in the total number of botnet C&Cs Spamhaus researchers observed.