Subscribe to RSS News Feed
About Spamhaus  |  Press Office  |  FAQs   
SBL/ZEN DNS lookups to return DROP/eDROP status

2016-04-05 21:00:00 UTC   |   by Natale Maria Bianchi   |   Category:  hijacking, drop
Recent News Articles

Poor sending practices trigger a tidal wave of informational listings

Spamhaus Botnet Threat Update: Q4-2021

SERVICE UPDATE | Spamhaus DNSBL users who query via Cloudflare DNS need to make changes to email set-up

Spamhaus Botnet Threat Update: Q3-2021

Spammer Abuse of Free Google Services

Spamhaus Botnet Threat Update: Q2-2021

Emotet Email Aftermath

Wordpress compromises: What's beyond the URL?

Older News Articles:
Spamhaus News INDEX

Anvil For many years Spamhaus has maintained two text lists named DROP (Don't Route Or Peer) and EDROP (Extended Don't Route Or Peer). These lists contain netblocks that are "hijacked" or leased by professional spam or cybercrime operations, and were originally designed to be used by network edge devices such as routers or firewalls to block all traffic. They are provided at no cost to the community on the Spamhaus website.

All networks in DROP and EDROP are also listed in the Spamhaus blocklist (SBL); DNS lookups for those IPs have always returned (listed) status. However, it has not been possible to determine whether a listed IP was also listed in DROP/EDROP from the DNS lookup result.

To allow spam filters and other anti-spam software to support more aggressive spam scores for networks listed on DROP or eDROP, and to support access rules for other protocols such as HTTP, starting on 1st June 2016, the, and zones will return the new code in addition to the standard return code for IP addresses that are listed in DROP or eDROP.

Those who program or maintain spam filters or other anti-spam software can test any new rules immediately by looking up the test address, or its IPv6 sibling ::ffff:7f00:9.

Spamhaus reminds its users that, since February 2016, the public version of the SBL has also contained IPv6 data and answered IPv6 lookups. Spamhaus plans to add IPv6 data to the XBL and PBL in the future. However, the majority of spam coming from IPv6 IPs at this time is snowshoe spam, which falls in the SBL territory. Spammers have been purchasing and using large IPv6 blocks in an attempt to more easily bypass spam filtering and deliver email to inboxes on IPv6-connected email facilities.

Spamhaus Information

Press Office
Spamhaus News Index
Spamhaus in the media
About Spamhaus
Spamhaus Official Statements
Article Information

Permanent link to this news article:
SBL/ZEN DNS lookups to return DROP/eDROP status

Subscribe to RSS News Feed
Spamhaus News Quotes

Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
© 1998-2023 The Spamhaus Project SLU. All rights reserved.
Legal  |  Privacy