Spamhaus produces many different DNSBLs (blocklists), from ones focused on domains to IPs and also hashes. Each of our datasets can be applied to different parts of an email. The question is which ones to apply where?

Cake and blocklists – here’s what they have in common

Anyone who has attempted to bake a cake will tell you that you can’t “wing-it.” Ingredients need to be carefully measured and mixed in a specific order. Otherwise, you’ll have a sub-optimal outcome, or in my case, something that resembles a brick!

The same is true for the order in which you use our blocklists; apply the wrong blocklist to the wrong part of the email filtering process, and you’ll have a sub-optimal filtering outcome. On the flip side, combine the right blocklists at the right stage of the filtering process, and you will maximize your catch rates, increasing network, and end-user protection.

Where to apply Spamhaus blocklists

We are assuming that your knowledge of email source code is sound; however, if you need a refresher course, look at this post, which takes an in-depth look at the code.

In the meantime, the table below details different email elements. Each element is associated with the relevant blocklist to use with it. In addition to this, we highlight which SMTP phase this is associated with.

Table showing various email source code elements and what Spamhaus blocklists should be applied to them.

The benefits

By using Spamhaus blocklists at the right point in the email filtering process, you can block a huge percentage of unwanted emails at the SMTP handshake, and then weed out additional email threats throughout the content filtering process. This technique has been proven to save companies not only money on infrastructure costs and expensive email filtering solutions, but also man-power costs…and let’s not forget the ultimate aim – keeping their users and networks safe.

Related Products

Data Query Service (DQS)

Spamhaus’ Data Query Service (DQS) is an affordable and effective solution to protect your email infrastructure and users.

Using your existing email protection solution, you will be able to block spam and other related threats including malware, ransomware, and phishing emails.

The service has never failed and utilizes the longest established DNSBLs in the industry.

  • Proactive & preventative
  • Save on email infrastructure & management costs
  • Actionable


Additional protection with an expanding CSS dataset

2 November 2022

Blog News

As of Wednesday, November 9th, the CSS dataset will start to grow. We anticipate the addition of 1.5 million listings over the next 4-6 months; that's approximately a 100% increase! Find out why and the impact to you in this blog.

UOL’s IT team gain huge efficiencies using Spamhaus’ Data Query Service

6 October 2020

Case Study

Data Query Service enables email provider, Universo Online (UOL) to protect millions of users from spam and other malicious email threats while freeing-up 20% of the team's time resources.

Why you should use domain and hash blocklists

18 May 2020


It's a well-known fact that filtering emails using IP blocklists (DNSBLs) blocks the vast majority of malicious emails. It's effective and economical, using minimal computational power. So why should you also use domain and hash blocklists for filtering?