Subscribe to RSS News Feed
About Spamhaus  |  Press Office  |  FAQs   

Spamhaus DNSBL return codes: technical update

2019-09-30 17:29:19 UTC   |   by Chris Thompson   |   Category:  dnsbl, return codes
Recent News Articles

Poor sending practices trigger a tidal wave of informational listings

Spamhaus Botnet Threat Update: Q4-2021

SERVICE UPDATE | Spamhaus DNSBL users who query via Cloudflare DNS need to make changes to email set-up

Spamhaus Botnet Threat Update: Q3-2021

Spammer Abuse of Free Google Services

Spamhaus Botnet Threat Update: Q2-2021

Emotet Email Aftermath

Wordpress compromises: What's beyond the URL?

Older News Articles:
Spamhaus News INDEX

Spamhaus' primary data sets are published in DNS zones known as DNSBLs. Users of that data ask the zone a question (a "query") and the zone provides a response - a return code - in the form of an IPv4 IP address within a designated range (RFC1918 internal network). The meaning of each of those particular IP responses may carry additional information to the querier. We post those return code values in our DNSBL Usage FAQ.

A new range containing return codes ( has been added to return possible errors related to the DNSBL queries themselves, which should NOT be interpreted as any sort of reputation related to the data being queried. While it will be quite uncommon for most Spamhaus users to encounter these codes, it is vitally important that software developers implement all return codes correctly, and not treat these error codes as any sort of reputation or "listed" values. The first two new error codes, and links to pages further explaining their meaning, are:

Return Code Zone Description Any Query via public/open resolver Any Excessive number of queries

Anyone that encounters either of those return codes should recognize that their queries are receiving error responses. Those responses must not be interpreted as advisories of Spamhaus reputation data regarding the object which was queried. Accordingly, any software which queries a Spamhaus DNSBL must distinguish between valid reputational responses and those error code responses. Any software which does not distinguish response codes from Spamhaus DNSBLs is, unfortunately, already out of date and may not be reliable in these or other cases. A common result of not correctly parsing DNSBL return codes is either treating all responses as either "LISTED," or treating them all as "NOT LISTED," and that means either all mail is treated by the indiscriminate software as "spam," or all mail is treated as "not spam." Neither result is desirable.

Failure to correctly parse these return codes will render the query results meaningless and detrimental for the querier. Here is information on how to correctly configure commonly used MTAs for use with our public mirrors.

These two return codes apply only to Spamhaus Project publicly queried zone mirrors. Clients of Spamhaus Technology DQS or rsync services will never encounter these return codes.

  • 12 February 2021: Final warning!

  • Spamhaus Information

    Press Office
    Spamhaus News Index
    Spamhaus in the media
    About Spamhaus
    Spamhaus Official Statements
    Article Information

    Permanent link to this news article:
    Spamhaus DNSBL return codes: technical update

    Subscribe to RSS News Feed
    Spamhaus News Quotes

    Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
    © 1998-2023 The Spamhaus Project SLU. All rights reserved.
    Legal  |  Privacy