Subscribe to RSS News Feed
About Spamhaus  |  Press Office  |  FAQs   
SBL/ZEN DNS lookups to return DROP/eDROP status

2016-04-05 21:00:00 UTC   |   by Natale Maria Bianchi   |   Category:  hijacking, drop
Recent News Articles

A day in the life of a DNSBL Droid

Spamhaus Botnet Threat Update: Q2-2020

Tracking Qbot

Spamhaus Botnet Threat Update: Q1-2020

The Current State of Domain Hijacking, and a specific look at the ongoing issues at GoDaddy

It was the best of times, it was the worst of times

Weaponizing Domain Names: how bulk registration aids global spam campaigns

Amazon Web Services - thwarting spam with a decade-old best practice

Older News Articles:
Spamhaus News INDEX

Anvil For many years Spamhaus has maintained two text lists named DROP (Don't Route Or Peer) and EDROP (Extended Don't Route Or Peer). These lists contain netblocks that are "hijacked" or leased by professional spam or cybercrime operations, and were originally designed to be used by network edge devices such as routers or firewalls to block all traffic. They are provided at no cost to the community on the Spamhaus website.

All networks in DROP and EDROP are also listed in the Spamhaus blocklist (SBL); DNS lookups for those IPs have always returned (listed) status. However, it has not been possible to determine whether a listed IP was also listed in DROP/EDROP from the DNS lookup result.

To allow spam filters and other anti-spam software to support more aggressive spam scores for networks listed on DROP or eDROP, and to support access rules for other protocols such as HTTP, starting on 1st June 2016, the, and zones will return the new code in addition to the standard return code for IP addresses that are listed in DROP or eDROP.

Those who program or maintain spam filters or other anti-spam software can test any new rules immediately by looking up the test address, or its IPv6 sibling ::ffff:7f00:9.

Spamhaus reminds its users that, since February 2016, the public version of the SBL has also contained IPv6 data and answered IPv6 lookups. Spamhaus plans to add IPv6 data to the XBL and PBL in the future. However, the majority of spam coming from IPv6 IPs at this time is snowshoe spam, which falls in the SBL territory. Spammers have been purchasing and using large IPv6 blocks in an attempt to more easily bypass spam filtering and deliver email to inboxes on IPv6-connected email facilities.

Spamhaus Information

Press Office
Spamhaus News Index
Spamhaus in the media
About Spamhaus
Spamhaus Official Statements
Article Information

Permanent link to this news article:
SBL/ZEN DNS lookups to return DROP/eDROP status

Subscribe to RSS News Feed
Spamhaus News Quotes

Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
© 1998-2020 The Spamhaus Project SLU. All rights reserved.
Legal  |  Privacy