Protecting users since 1998
For over two decades, Spamhaus has been making a difference. From launching threat intelligence through IP and domain blocklists to working with law enforcement cybercrime units. Industry groups around the world have recognized Spamhaus' contribution to making the Internet safer.“ After working with Spamhaus for nearly two decades on various research and investigations, I admire their commitment to identifying digital crime and abuse, as well as providing threat intelligence for law enforcement, first responders, and cybersecurity practitioners. ”
Dave Piscitello
Partner at Interisle Consulting Group LLC
In 1998 Spamhaus is born
Spamhaus was born
The Spamhaus Project was founded in London by Steve Linford and incorporated as a British not-for-profit Limited Liability Company.
In 2001 Spamhaus Blocklist is launched
Spamhaus Blocklist launched
The first zone of our IP datasets, focused on the intelligence derived from manual investigations undertaken by our threat hunters and forensic specialists. Today this team has grown into our Open Source Intelligence (OSInt) team, and they are still producing the Spamhaus Blocklist (SBL), which protects billions of mailboxes.
In 2003 Spamhaus receives Internet Hero Award from ISPA
Internet Hero Award from ISPA
Awarded for "educating people… endeavoring to thwart spammers, and urging the US to reject the opt-out approach to spam legislation”, by the Internet Service Providers Association.
In 2004 eXploits Blocklist is launched
eXploits Blocklist launched
A new zone of our IP datasets focused on IP addresses exhibiting signs of compromise by malware, trojan infections, devices controlled by botnet command and controllers (C&Cs), or open proxies.
In 2007 Policy Blocklist is launched
Policy Blocklist launched
A proactive list of IP addresses that should not be sending unauthenticated emails, which is managed by both network owners and Spamhaus. Today, the Policy Blocklist (PBL) includes dynamic IP addresses assigned to residential users and IPs marked by providers as not intended for email sending.
In 2008 Spamhaus receives Cyber Crime Fighter Award from NCFTA
Cyber Crime Fighter Award from NCFTA
Recognized by the National Cyber Forensics and Training Alliance, “in appreciation and acknowledgment of your [Spamhaus’] contribution to fighting cyber crime.”
In 2009 Combined Spam Sources Blocklist is launched
Combined Spam Sources Blocklist launched
An automatically produced dataset of IP addresses observed to send email spam. This dataset is mostly focused on static spam emitters not associated with botnets, and is distributed as part of the SBL blocklist.
In 2010 Domain Blocklist is launched
Domain Blocklist launched
The first zone of our domain datasets, now capturing rich, proactive data points for context and insight on domain-related signals, and to provide automatic, real time protection.
In 2013 Spamhaus survives biggest DDoS attack
Survived biggest DDoS attack
When you stop bad actors from executing an attack, they often try to seek revenge. One such attempt resulted in "the DDoS that almost broke the Internet." The attack generated over 300Gbps of traffic and was controlled by employing robust defences and collaborating with our DDoS mitigation service provider.
In 2021 Spamhaus supports Europol with Emotet takedown
Supported Europol with Emotet takedown
Spamhaus provided threat mitigation assistance in Jan 2021, after Europol announced a coordinated group of international authorities had taken control of the Emotet infrastructure.
In 2023 Spamhaus supports FBI with Qakbot takedown
Supported FBI with Qakbot takedown
In August 2023, the FBI announced a coordinated international group of law enforcement authorities had taken control of the Qakbot infrastructure, with Spamhaus’ assistance in remediation efforts.
In 2024 Spamhaus supports Europol with ‘Operation Endgame’
Supported ‘Operation Endgame’
Spamhaus provided remediation assistance in May 2024, after a coalition of international law enforcement agencies, led by Europol, coordinated the largest ever operation against botnets involved with ransomware.