The Spamhaus PBL, a one year old anti-spam heavyweight

One year ago this month, Spamhaus launched the Policy Block List, also known as the PBL. Now a year later we look back to see what effect it has had.

The PBL was created to be used together with our other DNSBL zones, the SBL and the XBL. At the same time as the PBL we launched ZEN, a new all-in-one DNSBL (if you haven't switched over from our other zones to ZEN - do it now!). While the XBL was and is still a very powerful tool in stopping spam sent through exploited computers there is spam that may not be instantly caught by the XBL's detection-based design. Enter the PBL, which lists IP address ranges that should never send out unauthenticated email. The PBL builds on the concept of older dynamic/dialup lists, but with some very important differences:

• The PBL does not only list dynamic addresses, but focuses on end-user ranges.
• There are two categories of listings: Spamhaus maintained and ISP/network-owner supplied. These are distinguishable by the response when a mailserver queries the PBL.
• End users who do run a mailserver in PBL-listed ranges can suppress their own IP address from the PBL list.

So where do we stand a year after the launch of PBL? Of course that question is best answered by the users of PBL who report dramatic decreases in the amount of spam delivered. While the PBL has some overlap with the XBL, it also stops a lot of spam that does not get listed on the XBL. The combination of both can, in most cases, stop between 80% and 90% of all spam right at "the front door". This is a serious cost savings for ISPs and companies, who can directly save on bandwidth, storage and support costs in their email infrastructure. When coupled with other techniques, the total spam catch rate can average 99.6%, or 299 of every 300 spams caught.

Much as with our original SBL, and the XBL, Spamhaus takes great care to insure that "clean" mailserver IP addresses are never included in the PBL which would cause legitimate email to be treated as spam.

But there's more. Another cost-saving aspect for ISPs is to contribute and maintain their own network ranges through a "PBL ISP account". Due to the large numbers of worldwide PBL users, participating ISPs have seen a drop in abuse desk spam complaint volume. Their IP address space becomes a less valuable target for spammers looking for "clean" ranges to spam from.

ISP-maintained PBL listings currently cover almost 25% of all PBL listed IP addresses, or roughly 100 million IP addresses. These have been submitted by over 500 ISPs, ranging from the very small to the millions-of-users sized. Who better to trust about not accepting email from an IP address than the ISP that operates the network address range? Any ISP or company with an IP address space is welcome to sign up for an account, it's quick and free to do.

So what to expect for the new year? We will keep adding more IP address ranges every day. We will keep working to get more ISPs and companies aboard to maintain their own ranges. So a big "thank you" to all who are already participating and another big "thank you" to all our users, small and large. While prediction is quite difficult we are confident that with more PBL, in 2008 you will see less spam.

How can the PBL (and the full ZEN) help you who are getting flooded with spam? Well, if you're an end-user, see if you can get your ISP or company to use the Spamhaus data. If you're an ISP admin or network-manager, try the PBL and our other zones for a month and see what a difference they make on your spam-load.