Resource Hub

Spamhaus’ take on Cold Emailing…AKA spam

Cold emailing, as it’s practiced today, is spam — for inboxes, businesses, and the internet. It’s a thriving industry, but one raising concerns in the email community. In this article we define cold emailing from our perspective, share concerns about its misuse, particularly in B2B communication, and highlight the organizations enabling it.

Stronger through sharing: PhishFort and Spamhaus working together

PhishFort - an anti-phishing specialist - has collaborated with Spamhaus to share verified threat data from their phishing detection systems. In this guest blog, Lucas Sierra, CEO of PhishFort, explains how making their data available to trusted organizations like Spamhaus, is helping make the internet safer everyone.

Mail relays - Part 2 | Problems with forwarded mail?

Forwarded mail can be more trouble than it’s worth - especially when it’s done without checks, validation, or spam filtering. Typos, unintended recipients, and forged senders can quickly snowball into blocklistings and delivery failures. In part two of this quick series on mail relays, we dive into the mess forwarding can cause, and what you can do to avoid it.

Botnets disrupted worldwide...Operation Endgame is BACK!

Operation Endgame, “Season 2”, is officially announced as of Friday, May 23rd, 2025. International law enforcement agencies and their partners have once again joined forces to disrupt and dismantle botnet infrastructure and their operators. In this post, get details of the take-down itself and Spamhaus’ role in victim account remediation.

Mail relays - Part 1 | Authenticate your outgoing mail!

Email authentication used to be something only big players worried about. Not anymore. While small senders may not feel the heat yet, it’s only a matter of time before it reaches them. In this blog, we explore how authentication can be implemented at the relay level to improve deliverability, prevent abuse, and get ahead. Let’s start with a look at what this means.

Abuse takes its “toll” on .top: But who is paying the price?

Despite ICANN issuing a formal notice to .top citing a breach of contract for failing to address DNS abuse, the situation has not improved. Over the last six months, abuse of .top hasn’t just persisted, it’s gotten 50% worse! So, why is this happening, and what can be done to stop it?

Domain Reputation Update Oct 2024 - Mar 2025

Query the legacy DNSBLs via Microsoft? Move to Spamhaus Technology’s free Data Query Service

If you're using the free legacy DNS Blocklists (DNSBLs) through the Public Mirrors while running on Microsoft’s infrastructure, you'll need to make a few small adjustments to your email setup. These changes are simple to apply, but if you don’t take action, you risk having some - or even all - of your email blocked after April 9, 2025!

How I’m fighting cybercrime with Spamhaus (and how you can too!)

Meet Jeroen Gui - student, founder of JustGuard, and a top contributor to Spamhaus' Threat Intel Community Portal. Passionate about making the internet a safer place, Jeroen submits thousands of malicious domains, URLs, and raw email sources every month. But what drives him to share his data, and how can you get involved too?

Networks hosting botnet C&Cs: Same players, same problems

With every Botnet Threat Update we publish, the same networks consistently appear in the Top 20 for hosting botnet command and control (C&C) servers. But why does this keep happening? In this Botnet Spotlight, we look into the root causes behind this persistent issue and what networks must do to break the cycle.

Botnet Threat Update July to December 2024

If you query the legacy DNSBLs via Hetzner move to Spamhaus Technology’s free Data Query Service

Currently accessing the free legacy DNS Blocklists (DNSBLs) via the Public Mirrors, and using Hetzner's network? You'll need to make some minor changes to your email infrastructure. The changes are simple to implement, but if you fail to do so, you could find that at some point post-February 19th 2025, all or none of your email is blocked!

Truffe via PEC - Far perdere tempo e denaro alle aziende italiane

In questo articolo condividiamo un caso dove dei criminali hanno utilizzato delle credenziali rubate ad un ignaro imprenditore per spedire centinaia di PEC malevoli ad altrettanto ignari altri utilizzatori di PEC, causando un notevole dispendio di tempo e denaro, ed analizziamo i rischi della proposta portata avanti dalla UE per una PEC europea.

PEC “invoice scam” - Stealing time, money, and trust from businesses

PEC stands for “Posta Elettronica Certificata” - a type of legally binding “certified email” used in Italy. It's also a hub of abuse targeting business owners. In this article, we share a real-life case of criminals stealing PEC credentials to send malicious emails, causing significant loss of time and money, and explore the risks of a proposed European PEC system.

Avoiding Blocklistings: Part 3 - Take Matters into Your Own Hands to Protect Your Senders

Welcome back to the final instalment of our three-part series, where Lauren Meyer, CMO at SocketLabs, shares her top strategies for avoiding block listings. In Part 3, Lauren explores the proactive steps YOU can take to help senders avoid blocklistings.