Blocklist Removal Center
About Spamhaus  |  FAQs  |  News Blog   
Frequently Asked Questions (FAQ)
An email "FROM" Spamhaus
Datafeed FAQ
Generic Questions
Hacked... Here's help
ISP Spam Issues
Legal Questions
Marketing FAQs
Online Scams
Spamhaus BCL
Spamhaus CSS
Spamhaus DBL
Spamhaus PBL
Spamhaus SBL
Spamhaus XBL


DEFINITION: "Domain Name System BlockList" (DNSBL)

What is a DNSBL?


Why use a DNSBL?
How to use a Spamhaus DNSBL?
Which DNSBL should be used?
Is a private DNS server required in order to use Spamhaus DNSBLs?
How do I check my DNS server results?
What do the 127.*.*.* Return Codes mean?
DNSBL Queries
Free Use vs Commercial Use
Will doing a query to your DNSBL servers slow my system and delay the email?
But if there is ever a delay, won't all my incoming email get backlogged?
Querying your DNSBL servers will use a lot of bandwidth, won't it?
How solid is the Spamhaus DNSBL server network?
Not just for connection queries...
Running SpamAssassin


How can I use the Spamhaus zones (ZEN or SBL, XBL, PBL) if I don't run my own mail server?
Are there any other DNSBL uses that could help?
Can I use the Spamhaus DNSBL on my web server or other applications?
What about lookups on the Spamhaus website?
Data Feed: Zone Transfers (rsync) for Corporate networks & ISPs


Your DNSBL blocks the whole Internet!
Your DNSBL blocks nothing at all!
I am getting a "This is not the DNSBL you're looking for" error, why?
I'm seeing bounces, but I don't find my IP address in your list... help?
Missing 'A' record for sbl/xbl/pbl/dbl/

DEFINITION: "Domain Name System BlockList" (DNSBL)

What is a DNSBL?
A DNSBL is a "Domain Name System Block List": A list of IP address ranges or other information compiled and presented as a DNS zone.

Information in DNS format is easy to query and transport, and its small answers are very "light" on bandwidth overhead.

Spamhaus Zen is a DNSBL, as are its component zones of SBL, XBL, CSS, and PBL.

Spamhaus DBL is a domain DNSBL. It may be used to identify URL domains with poor domain reputation, or as a "Right Hand Side Block List" (RHSBL) for email addresses.


Why use a DNSBL?
Doing a DNSBL lookup on an email message during the SMTP connection is cheap in hardware cycles and system time. If the MTA already knows the incoming message is spam it can deny a spam message before having to take additional action; The DNS server may even have the results cached from previous attempts!

System costs:
  • Passing it to a mail-scanner (medium cost);
  • Using a Bayesian filter (medium)
  • Running it through a virus scanner (medium to expensive)
  • Doing SpamAssassin network tests that check blacklists, DCC, pyzor, razor, etc. (medium to expensive)
Mail rejected by a DNSBL during delivery is not silently discarded. A realtime DNSBL rejection creates a delivery status notification (DSN) to the sender identifying the cause of the rejection, allowing troubleshooting on the sender's end.

Realtime rejection avoids the backscatter problem of some spam filters which accept delivery, close the connection, and then try to return the mail after it is determined to be spam.
  • Most spam and all viruses have forged sender addresses, and so the bounce would be sent to an innocent third party (if it is deliverable at all). This can be extremely disruptive to the third party!
Using the SBL, XBL & PBL lists together, or the combined Spamhaus Zen zone (recommended), rejects a large amount of spam and virus mail with very low "false positive" rejections of legitimate mail.

How to use a Spamhaus DNSBL?
This FAQ entry assumes that the reader is running their own mail server and has a developed technical understanding of how mail servers and DNSBLs work. Any DNSBL that is chosen for use should be fully understood before deployment.

All modern mail servers have a "DNSBL" feature (sometimes called "RBL Servers" or "Blacklist"). If it appears not to, please refer to the "Help" file or ask the mail server vendor for clarification.

The Spamhaus public mirrors can be used free of charge by querying "", if all three of the following criteria are met:
  1. Use of the Spamhaus DNSBLs is non-commercial;
  2. Email traffic is less than 100,000 SMTP connections per day;
  3. DNSBL query volume is less than 300,000 queries per day.
If traffic volume is higher than 300k, please see our Spamhaus DNSBL Usage Terms page for additional information and a quote.

Remember, MTAs should be set to query a Spamhaus DNS zone such as "".
  • Do NOT automate queries of our website lookup form!
Other ways to use DNSBLs beyond just checking the connecting IP:
  • Our Effective Spam Filtering page has suggestions for checking URLs against SBL, which has excellent results.
  • "Nameserver IPs of connecting hosts" is another check which some admins have found effective.
    • If such a check is going to be utilized, be very careful which Spamhaus zone is selected for each step!
  • Checking against SBL is quite conservative and will have few false positives.
  • Checking against XBL is more aggressive and while it will catch more spam it may also intercept more non-spam mail.
  • Using URL checks against PBL is very risky; please ensure that how this will work is completely understood before deployment.
    • It will result in rejecting non-spam mail for most servers!
NOTE: Zen contains SBL, XBL and PBL combined, so the correct response will need to be chosen based on the 127 return code.

Which DNSBL should be used?
Which DNSBL to choose depends on what the desired outcome is, and whether it is for small-volume or professional use.

For IP-based datasets, we recommend using our 3-in-1 zone, Spamhaus Zen:
  • Zen can be used by all modern mail servers by setting the mail server's anti-spam DNSBL feature (also called "Blacklist DNS Servers" or "RBL servers") to query .
  • The subzones of Zen (SBL, XBL, PBL) should not be queried seperately.
  • The 3 subzones of Zen are:
    • The "Spamhaus Block List" (SBL)
      • The SBL lists IPs identified to Spamhaus’ best ability as likely to be:
        • Direct spam sources
        • Spammer hosting/DNS
        • Spam gangs
        • Spam support services.
    • The "Exploits Block List" (XBL)
      • Automated tools observe email traffic at spamtrap and production mail servers in near-real-time to find characteristic patterns of malware or botnet-infected computers. It lists IP addresses that are hosting:
        • Bots
        • Malware-infected computers.
    • The "Policy Block List" (PBL)
      • PBL is a list of IP space that should not be sending email directly to the Internet: often these are IP ranges assigned by ISPs to broadband or dial-up customers, but the PBL does include other types of IP space.
For domain-based datasets, we recommend using the Spamhaus DBL.
  • The Domain Block List (DBL) is a list of domain names with poor reputations.
  • The DBL lists ONLY domains. The DBL should not be used to query for IP addresses.
Other DNSBLs published by other organizations can also be used. Information, reputation, and opinions about other DNSBLs are available on the web.
  • Careful selection and implementation of DNSBLs, including the order in which a mail server queries various zones, can provide optimal performance and spam protection.
NOTE: With so many different mail servers in use we can not offer technical help with setting up the query system. For instructions on how to configure a specific mail server to use the Spamhaus zones, please refer to that mail server's documentation or manuals, or ask your mail server administrator.
  • As a general rule, DNSBLs - particularly PBL - should not be applied to outbound mail.
  • Authenticating users via SMTP Authentication is strongly recommended and avoids the need to whitelist and maintain authorized dynamic ranges.
An expanded set of data is available in the DQS offering of our commercial sister company, Spamhaus Technologies, Ltd

An overview of Effective Spam Filtering strategies explains additional uses of various Spamhaus datasets in tools like SpamAssassin or Rspamd.

Is a private DNS server required in order to use Spamhaus DNSBLs?

It is not necessary, but it is worth considering.

Spamhaus DNSBL data can be accessed and used through the global Domain Name System (DNS).

  • DNS traffic itself carries the questions and answers regarding the (DNSBL listed/not-listed status) of IP addresses and domains;
  • Normally one or more DNS servers (typically two) are configured in an operating system.
    • Those are the IP addresses of the servers that will negotiate all the DNS requests made by your applications, and therefore those DNS servers will be the vehicle for your Spamhaus DNSBL requests, too.

There are several ways to access Spamhaus DNSBL data:

  • For many small, low-volume users' mail servers, Spamhaus data is available via our own global network of mirrors.
    • These low-volume mail servers issue a DNS query via the locally specified DNS server.
      • that DNS server could be operated locally on the same computer,
      • on the same network as the mail server,
      • operated by a hosting ISP or other outsourced DNS provider,
      • or it could be an "open" or "public" DNS server that answers anyone who queries it.

For higher-volume clients which exceed a query volume threshold, our expectation is that they use either

  • The Spamhaus Datafeed Rsync Service
    • This delivers the DNSBL zone data to their own local DNS server,
    • in order to utilize Datafeed Rsync, users must run a local DNS server which receives and stores Spamhaus data, and answers their queries.

  • Datafeed Query Service (DQS).
    • DQS queries work just like small-user queries, via whatever DNS server is configured in the operating system.
Most ISPs, hosting and DNS service providers are very careful about providing highly accurate DNS results. As long as legitimate DNS servers are used, our DNSBL zones will provide accurate answers and mail filtering will work correctly.

NOTE: There can be issues with using some consumer oriented ISPs and many "open" or "public" DNS services.
  • Some of them use NXDOMAIN hijacking to monetize null DNS answers as explained in this FAQ
  • Other public DNS servers are blocked from querying Spamhaus data; see this FAQ
Some public DNS providers provide non-hijacked responses for known DNSBL zones like Spamhaus, but such servers can be risky to use to answer DNSBL queries.

For additional information please see this related article on Spamhaus Technology's blog.

How do I check my DNS server results?

A quick way to check that you are getting correct Spamhaus DNSBL responses from a DNS server, whether local or third-party, is with command-line DNS queries for targets known to be (a) listed in a Spamhaus zone ( and then, (b) known to be not listed ( 'Listed' queries must answer with a proper return code; for Spamhaus that's one or more of our 127.* responses. 'Not listed' queries must always return NXDOMAIN for your mail filtering to work properly. For example:

$ dig +short @[DNS.server]
$ dig +short @[DNS.server]
Host not found: 3(NXDOMAIN)

Remember to check for both 'listed' and 'not listed' results. In either case, [DNS.server] (without the brackets) is the hostname or IP address of the DNS server you wish to query. Omit the server name or IP, and the '@', from the command line and your query will be handled by the DNS server configured in your computer's OS, which is probably the DNS server you wish to check. Checking our DBL zone uses similar DNS queries; see this DBL FAQ for details.

The command "$ host [DNS.server]" provides similar results.

In Windows, try "C:\>nslookup".

You may also wish to check the TXT record of '' with 'dig' or 'host' to confirm that your mail server will provide the correct results for delivery error messages:

$ dig +short TXT @[DNS.server]

To find which DNS server(s) your unix, linux or OSX computer is using, run this command on the machine in question: "$ cat /etc/resolv.conf". In Windows, the DNS servers are configured under "Control Panel/Network and Internet".

What do the 127.*.*.* Return Codes mean?
Spamhaus uses this general convention for return codes:

Return Code Description Spamhaus IP Blocklists Spamhaus Domain Blocklists Spamhaus Zero Reputation Domains list ERRORS (not implying a "listed" response)

Currently used return codes for Spamhaus public IP zones:

Return Code Zone Description SBL Spamhaus SBL Data SBL Spamhaus SBL CSS Data XBL CBL Data SBL Spamhaus DROP/EDROP Data (in addition to, since 01-Jun-2016) PBL ISP Maintained PBL Spamhaus Maintained are allocated to XBL for possible future use; is allocated to SBL for possible future use.

See the DBL FAQ for return codes for DBL.

Other codes are used for additional DNSBLs supplied to customers through the Data Query Service (DQS) of Spamhaus Technology, such as AuthBL and ZRD. DQS users should consult the Spamhaus Technology product documentation.

The following special codes indicate an error condition and must not be taken to imply that the object of the query is "listed":

Return Code Zone Description Any Typing error in DNSBL name Any Query via public/open resolver Any Excessive number of queries

DNSBL Queries
We recommend you use SBL together with XBL and PBL, as the three zones block different spam sources. To save you having to query three separate DNSBL zones there is a special combined DNSBL zone called Zen which contains the complete SBL, XBL and PBL data. We recommend you use this combined DNSBL zone for checking SMTP connecting IP. To use it, simply set your mail server's DNSBL check to query only. (Don't query SBL, XBL or PBL and Zen!)

DNSBL Zone to Query Returns Contains
SBL,8-9 Static UBE sources, verified spam services (hosting or support) and ROKSO spammers
XBL Illegal 3rd party exploits, including proxies, worms and trojan exploits
PBL IP ranges which should not be delivering unauthenticated SMTP email.
ZEN Combined zone (recommended)
Includes SBL, XBL and PBL.

Free Use vs Commercial Use
Use of the Spamhaus DNSBLs via DNS queries to our public DNSBL mirrors is free of charge for low-volume non-commercial use. To check if you qualify for free use, please see the Spamhaus DNSBL Usage Terms.

Use of the Spamhaus DNSBLs by ISPs, corporations and networks with high email traffic, or commercial spam filter companies requires a subscription to the dedicated Data Feed Service run by Spamhaus Technology.

Will doing a query to your DNSBL servers slow my system and delay the email?
Our servers are very fast and run software optimized specifically for speedy DNSBL replies. They are geographically distributed around the globe and connected via high-bandwidth pipes. Query response time is typically in the low milliseconds so any delays will be indiscernible, and once a query is done, it is cached at your own local DNS resolver for a period of time. That makes further queries "local" to you and extremely fast.

But if there is ever a delay, won't all my incoming email get backlogged?
Modern mail-servers process separate incoming messages in parallel, so a slight pause in processing of one message will have no effect on another.

Querying your DNSBL servers will use a lot of bandwidth, won't it?
DNS is inherently very efficient, using minimal amounts of bandwidth. Using a Spamhaus DNSBL will use far less bandwidth than having to accept every spam and virus email sent to your system. By rejecting them at the SMTP connection, no further data is sent thereby substantially reducing overall bandwidth. DNS caching by your local resolver means that not every query counts towards outside bandwidth use. (And, on the hardware side, your server(s) won't have to do expensive post-delivery filtering and storage of spam messages.)

How solid is the Spamhaus DNSBL server network?
The Spamhaus DNSBL network currently consists of over 120 servers distributed throughout the world and located mainly in major collocation facilities with dedicated multi-megabit connections and with extensive network peering at each facility. The Spamhaus DNSBL network has been designed with complete redundancy and has never been "off the air" or unavailable since its inception in 2001.

Not just for connection queries...
In addition to checking the IP addresses of the connecting servers against the SBL/XBL/PBL (or Zen), you can significantly boost your spam catch rate by also scanning the email body of any mails, that get past this first check, looking for host names of URLs (web sites) advertised in spams, and checking the IP addresses of those hosts, and their name servers, against the SBL. This is because the SBL lists the IP addresses of spammers' websites in addition to their mail servers. This feature ("URIBL_SBL") is available in SpamAssassin 3.0 on, and code to do this is also available as a sendmail milter from here.

Running SpamAssassin
Your SpamAssassin version should be at least 3.4.1, released in April 2015. If you are running an earlier release, please upgrade. SpamAssassin 3.4.1 will query the Spamhaus lists out of the box, with no configuration changes required.

Warning: SpamAssassin 3.4.1 has an important bug (described in detail here) that needs to be patched if the release of the Net::DNS Perl package installed on your system is 1.01 or larger. If you installed SpamAssassin as an O/S package, the bug may have been fixed already. If you installed it from sources, the bug is present. In all cases, locate the directory where the file is located and run the following commands:

if ! grep -q '$packet->header->rd(1)'
then	# apply patch
  cp -p
  patch << 'EOF'
---    2015-04-28 19:56:49.000000000 +0000
+++    2015-07-20 18:24:48.000000000 +0000
@@ -592,6 +592,9 @@
   if ($packet) {
+    # RD flag needs to be set explicitly since Net::DNS 1.01, Bug 7223
+    $packet->header->rd(1);
   # my $udp_payload_size = $self->{res}->udppacketsize;
     my $udp_payload_size = $self->{conf}->{dns_options}->{edns};
     if ($udp_payload_size && $udp_payload_size > 512) {
  echo " has already been patched."
It will not be necessary to do this on the forthcoming SpamAssassin 3.4.2.

For further information we recommend to consult the SpamAssassin documentation.

Queries done by SpamAssassin will sum to the other queries directly made by the MTA. The total must remain below the free usage threshold defined in the DNSBL Usage Terms.


How can I use the Spamhaus zones (ZEN or SBL, XBL, PBL) if I don't run my own mail server?
DNS Blocking Lists are designed to work most effectively during SMTP "realtime" transmission, enabling spam to be rejected early in the transaction before it burdens servers, disks and mail queues. Because the SMTP transmission is terminated before the spam can be transmitted, this also results in a "Delivery Status Notification" (error message) which notifies the sender's server of the rejection and provides a fail-safe in case of errors. Ideally you should ask your ISP or IT admin to use Spamhaus Zen on their mail server.

But, even if your mail isn't filtered at the server, you can still use DNSBLs, including SBL and XBL, with your Windows POP3 mail client (like Outlook, OE, Eudora, T-bird, etc.). Options include:

For Windows
- SpamPal Now: (freeware)
- MailWasher (free and Pro versions; be sure to disable bounces!)
- jwSpamSpy (German)
- K9 (freeware - Bayesian filtering based, but has a neat "Advanced feature" to use SBL/XBL as part of the Bayesian statistics)
- SmarterTools SmarterMail (free and pay versions; includes SpamAssassin ability)
- Spamihilator (with DNSBL Add-on)

For Mac
- Junkmatcher integrates with OS X
- has links to more spam filtering tools for Mac mail clients, and some for linux.

Setting up any one of those to work in conjunction with your mail client is fairly easy; they have can do it! But do not configure any such software to "bounce" spam - such backscatter invariably ends up sending your spam to an innocent third party, as most "From" addresses are forged. A word of caution: the zone may work better for client-level filters than, as explained in the PBL FAQ.

Advanced users with access to procmail on a shell server may wish to investigate the highly effective SpamBouncer, which supports Spamhaus lists, and optionally other DNSBLs.

Are there any other DNSBL uses that could help?
Using the data in the SBL and XBL portions of our zones can be used to prevent blog and guestbook spam and abuse. Also, some Apache webserver plugins like mod_spamhaus and this Squid DNSBL redirector can be used to ban blocklisted visitors to ones website.

Note that reading the FAQ on the XBL is a must before trying these techniques.

Can I use the Spamhaus DNSBL on my web server or other applications?

You can query the SBL and XBL to prevent things such as blog-comment and guestbook spamming, click-fraud, and automated email address harvesting. You do this by programming your application(s) to query our DNS servers to determine whether a specific IP address is on one of our blocklists. You can use such queries to stop posts from users who use IP addresses on the SBL or XBL to connect to your web site, or to block comment and guestbook posts that contain URIs hosted on IP addresses listed in the SBL or XBL.

You can also search comment and guestbook posts for URIs that contain domains found in our domain blocklist, the DBL. Consult the Spamhaus FAQ on the DBL for more information on what the DBL is and how it works.

There are open-sourced code bases available in Perl and PHP for performing DNS queries. You can find these by searching the Web. Three useful web sites that have code to perform DNS lookups are on, The Code Cave and MetaCPAN.

Some PHP code to check if ones server is listed can be found here, the website is in Japanese and called "Spamhaus チェッカー".

If you prefer to brew your own code, below is the information you will need:

  • ZONE =
  • QUERY SYNTAX = <REVIP>, where "<REVIP>" is the IP you are querying, reversed.
  • For example, if you want to check, you would query


Whenever possible, we encourage applications to query and then parse the return code(s) to determine whether to block an IP. This prevents unnecessary queries and speeds processing on your application. If your application cannot parse return codes, you can query to determine whether an IP address is on the SBL, and to determine whether an IP address is on the XBL. Either of these zones returns if the IP address is on that blocklist.

WARNING! Do not block users using IP addresses listed on the PBL from accessing Web-based applications. The PBL is not a list of "spamming IP addresses"; treating IP address on it as if they all belong to spammers will result in blocking large numbers of legitimate users. Consult the Spamhaus FAQ on the PBL for more information on what the PBL is and how it works.

What about lookups on the Spamhaus website?
The Blocklist Removal Center lookup tool is provided for people to check their own IP or domain conveniently, and to direct any listed parties to the correct information for fixing the problem and removing the listing. It is intended for manual lookups only. No automated lookups, please! Any perceived use of automated tools to access the web lookup system will result in firewalling or other countermeasures. Access to blocked IPs will result in "403 ERROR" HTTP responses.

Data Feed: Zone Transfers (rsync) for Corporate networks & ISPs
For corporate networks, Internet Service Providers and spam filter companies, Spamhaus provides a dedicated Data Feed service which transfers the Spamhaus DNSBL zones to a local DNS server on your network and keeps the zones synchronised every few minutes. Please follow this link for further informations.


Your DNSBL blocks the whole Internet!

There can be several reasons why a DNSBL appears to list all IPv4 addresses (when it really doesn't):

When you implement Spamhaus DNSBL filtering in your mail server, you must check that the zone you have just entered is spelled properly. If you accidentally put in a wrong domain such as '' or '', the DNS queries generated by your mail server will go to some entirely different and unrelated place which can answer your queries with a valid A record containing an IP address (this is often done by "typosquatters" to catch web traffic). Even if this IP is not a conventional DNSBL answer in the 127.0.0.x range, your mail server may still interpret it as a "listed" answer, and block the mail accordingly.

Another problem we have seen is where ISPs "hijack" some DNS replies. This is done to monetize website traffic. Rather than returning an NXDOMAIN ("not found") answer for a DNS request that cannot be found (resolved), a pointer to an advertising page or search page is given. Many public or "open" resolvers, as well as some secure resolvers on cloud-based or wide area networks, use NXDOMAIN hijacking. As Spamhaus' "not listed in our zone" replies are the same as a "webpage not found" reply, users behind this sort of DNS monetization schemes will always see an IP address returned rather than the correct NXDOMAIN DNS answer. If this is the issue, there are three possible ways to resolve it: (1) instruct your mail server to ignore all response codes that are not in as they come from a "man in the middle" hijacking, not from us; (2) contact your ISP or DNS provider to see if you can opt out, otherwise change DNS resolvers; or (3) set up your own DNS resolver (technically the best).

A second form of DNS hijacking has been seen, where an ISP cuts off DNS traffic to DNS servers it feels are being queried too often. That may also return an IP value, which will cause all email to be flagged as spam. They may even null the value of the DNSBL's name. That can cause unpredictable results and you will need to contact your ISP.

Finally, erroneously using DBL as an IP list rather than as a domain list may also have the effect of blocking all mail: see the DBL FAQs.

Your DNSBL blocks nothing at all!

First, check our FAQ answer for "Your DNSBL blocks the whole Internet!" and make sure you've not made a spelling mistake in your mailserver configuration.

Check what DNS resolvers you are using: If you are using a free "open DNS resolver" service such as the Google Public DNS ( and others (eg. Alternate DNS, Comodo Secure, DNS.Watch, DynDNS, FreeDNS, Hurricane, NeuStar DNS Advantage, Norton ConnectSafe, OpenNIC, Puncat, Quad9, SafeDNS, Uncensored, Verisign, Yandex.DNS), or large cloud/outsourced public DNS servers, such as Level3's, Verizon's or AT&T's to resolve your DNSBL requests, in most cases you will receive a "not listed" (NXDOMAIN) reply from Spamhaus' public DNSBL servers. We recommend using your own DNS servers when doing DNSBL queries to Spamhaus. If this is not possible, contact us for other options.

I am getting a "This is not the DNSBL you're looking for" error, why?
You have probably misspelled "" as "" in your mail server configuration. This is the error message defined by the people administering that domain (not us). This case belongs to the category discussed under the Your DNSBL blocks the whole Internet! question.

I'm seeing bounces, but I don't find my IP address in your list... help?

The Spamhaus Blocklists are only some of many public DNSBL systems. In addition to publicly-queriable lists, many networks maintain their own private blocking lists. And DNSBLs are only one of many reasons that could cause a Delivery Status Notication (DSN).

Read the bounce ('DSN') messages carefully; they should provide clues as to why your mail was rejected. Unfortunately, some of them are not accurate or helpful; sometimes they even point to Spamhaus SBL for no reason at all. But, since each system which rejects your mail may give a different DSN, do read several of the messages and you will find some that make sense and help you track down the problem.

Locate the IP address which was rejected, generally the IP address of your outbound mail server and usually noted in the DSN message. Test it in the "IP Removal" form at If it does not show up with that form, the address is not listed in any Spamhaus DNSBL (that form queries all the most current Spamhaus zones).

A few sites which might help you track down DNSBL issues with other lists are:

Remember that none of those sites is a DNSBL itself so it cannot possibly block your mail, and that they are offered on a voluntary basis, without support. Use their web services, but please don't pester them!

Some DNSBLs are simply too aggressive, unreliable or otherwise unsuited to use by more than a few hobbyist domains, places where most legitimate senders are unlikely to ever send any mail. If your IP address is in such a list, just ignore it! It's not stopping you from mailing anyone and no one who knows anything about mail cares about such lists.

Missing 'A' record for sbl/xbl/pbl/dbl/
"I can't trace, I get 'host not found'..."
"All your DNSBLs are down! I can't resolve any of them to an IP!"

Occasionally users inform us that our DNSBLs must be down or that our DNS may be broken because: "I can't resolve to an IP address" or "I can't ping".

Spamhaus DNSBL zones (,,,, & are not hosts or servers, they are DNS zones. DNS zones map specially-formatted queries (such as '') to DNSBL servers which in turn provide authoritative answers to the DNSBL queries. DNS zones do not normally have 'A' records, therefore you can not resolve a DNS zone to an IP address or to a specific machine.

Trying to resolve or ping a DNS zone is like trying to resolve or ping '.com' (which is also a DNS zone) and of course '.com' doesn't have an 'A' record (so you can not resolve '.com' to an IP address either).

Each of Spamhaus's DNSBL zones is load-balanced into sub-zones, served by over 120 DNSBL servers ('mirrors') located around the world. Our DNSBL server IP addresses change frequently as servers are added or removed from the pool, but the DNS zone always knows where to find them.

Never set your anti-spam filter to query the IP addresses of Spamhaus zone DNS servers, as these can change at any time. For IP address checks, always query only the advertized zones themselves: SBL, XBL, PBL, or preferably the combined Zen zone. For domains, use the DBL zone.

© 1998-2020 The Spamhaus Project SLU. All rights reserved.
Legal  |  Privacy