Comparison of DNS blacklists

The following table lists technical information for a number of DNS blacklists used for blocking spam.

Blacklist operator	DNS blacklist	Zone	Listing goal	Nomination	Listing lifetime	Notes	Collateral listings	Notifies upon listing
Abusix	combined	combined.mail.abusix.zone	Aggregate zone	Aggregate zone	Aggregate Zone	Single lookup that contains results from black, exploit and policy lists.	No	No
	black	black.mail.abusix.zone	Lists individual IP addresses that have sent mail to spam traps. And some manual added netblocks.	Mostly Automatic with some manual additions.	For automated listings 5.6 days after last event, manual additions are permanent.		No	No (but planned)
	exploit	exploit.mail.abusix.zone	Lists IP addresses behaving in a way that indicates the IP is compromised, infected, proxy, VPN, TOR, malware,	Automatic	5.6 days after last event		No	No (but planned)
	policy	dynamic.mail.abusix.zone	Lists IP addresses that should not be connecting directly to MX, such as residential IPs etc.	Automatic	Permanent (until delist requested)	Lists ranges that have generic or templated rDNS. Individual IPs can be delisted immediately via web.	No	No
	dblack	dblack.mail.abusix.zone	Lists domains seen in spam hitting traps.	Automatic	5.6 days after last event	Can be used as an RHSBL and a URIBL.	No	No (but planned)
	nod	nod.mail.abusix.zone	Lists domains that are newly observed (first use)	Automatic	25 hours	Based on historical passive DNS data, lists domains first seen in the wild within the last 25 hours).	No	No
	shorthash	shorthash.mail.abusix.zone	Lists short URLs (SHA-1 hashed) seen in traps.	Automatic	5.6 days after last event	Created to handle popular shorteners that are misused to hide domains from blacklisting.	No	No
	drivehash	drivehash.mail.abusix.zone	Lists URLs of online drive services (SHA-1 hashed) seen in traps.	Automatic	5.6 days after last event	Current only listing Google Drive and Yandex Disk URLs that are used to avoid domain blacklisting.	No	No
WebIron LLC RBL	BABL	babl.rbl.webiron.net	Lists IP ranges belonging to officially published abuse addresses that either bounce or request not to receive abuse notices. The aim of this list is to block companies that openly shrug their abuse responsibilities.	Abuse addresses that fail to be deliverable for 3 out of the last 7 days are automatically added.	Lifetime listing or automatic once mail delivery resumes in the case of automated additions.		Yes	No
	CABL	cabl.rbl.webiron.net	Lists IP ranges belonging to abuse addresses that have failed to handle abuse issues for at least 30 days. The aim of this list is to hold companies accountable for the abuse that originates from their networks rather than just ignoring it.	IP ranges belonging to abuse addresses with reported and unresolved issues for at least 30 days are automatically added.	Automatic removal is done once all hosts with abuse unresolved for 30 days have been clean for 2 weeks.	Data for lists are generated from live data collected by the WebIron web security platform.	Yes	Yes
	STABL	stabl.rbl.webiron.net	Lists single IP addresses recently attacking websites and servers.	Lists IP addressed belonging to hosts that have attacked at least twice within the last 48 hours.	Automatic removal is done once a host has gone 24 hours without an incident	Data for lists are generated from live data collected by the WebIron web security platform.	No	No
	All	all.rbl.webiron.net	Contains IP addresses and ranges from BABL, CABL, and STABL	Depends on list	Depends on list		Yes	No
	Crawler	crawler.rbl.webiron.net	Web Crawler IP lookup used to match user agents with known crawler IP addresses. Data from this list is considered BETA.			This DNSRBL contains valid and legitimate crawlers. Matching alone should not be used for blocking	No	No
ARM Research Labs, LLC GBUdb	Truncate	truncate.gbudb.net	Extremely conservative list of single IP4 addresses that produce exclusively spam/malware as indicated by the GBUdb IP Reputation system. Most systems should be able to safely reject connections based on this list.	Automatic: IPs are added when the GBUdb "cloud" statistics reach a probability figure that indicates 95% of messages produce a spam/malware pattern match and a confidence figure that indicates sufficient data to trust the probability data.	Automatic: Continuous while reputation statistics remain bad. Warning: Produces false positives, and has no remedy/removal process. IPs are dropped quickly if the statistics improve (within an hour). IPs are dropped within 36 hours (typ) if no more messages are seen (dead zombie).	Source data is derived from a global network of Message Sniffer[1] filtering nodes in real-time. Truncate data is updated from statistics every 10 minutes. Warning: Unreliable, as it produces false positives. It is impossible to find additional information or to manually troubleshoot the problem. It is based on results created by their proprietary software running a proprietary algorithm.	No	No
invaluement DNSBL	ivmSIP	Paid access via rsync	Single IP addresses which only send UBE. Specializing in snowshoe spam and other 'under the radar' spams which evade many other DNSBLs. Has FP-level comparable to Zen.	Automatic (upon receipt of a spam to a real person's mailbox), with extensive whitelists and filtering to prevent false positives	Typically an automatic expiration 11 days after the last abuse was seen, but with some exceptions	Spam samples are always kept on file for each listing. Removal requests are manually reviewed and processed without fees.	No	No
	ivmSIP/24	Paid access via rsync	Lists /24 blocks of IP addresses which usually only send UBE and containing at least several addresses which are confirmed emitters of junk mail. Collateral listings are kept to a minimum because subsections are often carved from /24 listings when spammers and legit senders share the same /24 block.	Automatic once at least several IP addresses from a given block are individually listed on ivmSIP, with extensive whitelists and filtering to prevent false positives	Expiration time increases to many weeks as the fraction of IP addresses in the /24 block in question sending junk mail increases	Removal requests are quickly and manually reviewed and processed without fees.	Yes	No
	ivmURI	Paid access via rsync	Comparable to uribl.com and surbl.org, this is a list of IP addresses and domains which are used by spammers in the clickable links found in the body of spam messages	Automatic (upon receipt of a spam to a real person's mailbox), with extensive whitelists and filtering to prevent false positives	Typically an automatic expiration several weeks after the last abuse was seen.	Spam samples are always kept on file for each listing. Removal requests are quickly and manually reviewed and processed without fees.	No	No
proxyBL	dnsbl	dnsbl.proxybl.org	Lists all types of open (publicly accessible) proxies	Automated listing through crawling of websites	As long as proxy is verified open (automated)[2] Service discontinued mid 2014	Time between verifications increases exponentially in relation to the number of times the host was verified an open proxy	Yes	No
UCEPROTECT-Network	UCEPROTECT Level 1	dnsbl-1.uceprotect.net (also free available via rsync [3])	Single IP addresses that send mail to spamtraps	Automatic by a cluster of more than 60 trapservers [4]	Automatic expiration 7 days after the last abuse was seen, optionally express delisting for a small fee.	UCEPROTECT's primary and the only independent list	No	No
	UCEPROTECT Level 2	dnsbl-2.uceprotect.net (also free available via rsync [3])	Allocations with exceeded UCEPROTECT Level 1 listings	Automatic calculated from UCEPROTECT-Level 1	Automatic removal as soon as Level 1 listings decrease below Level 2 listing border, optionally express delisting (for a fee)	Fully depending on Level 1	Yes	No
	UCEPROTECT Level 3	dnsbl-3.uceprotect.net (also free available via rsync [3])	ASN's with excessive UCEPROTECT Level 1 listings	Automatic calculated from UCEPROTECT-Level 1	Automatic removal as soon as Level 1 listings decrease below Level 3 listing border, optionally express delisting (fee)	Fully depending on Level 1	Yes	No
Spam and Open Relay Blocking System (SORBS)	dnsbl	dnsbl.sorbs.net	Unsolicited bulk/commercial email senders	N/A (See individual zones)	N/A (See individual zones)	Aggregate zone (all aggregates and what they include are listed on SORBS)[5]	As per component list	Via SORBS Report Manager
	safe.dnsbl	safe.dnsbl.sorbs.net	Unsolicited bulk/commercial email senders	N/A (See individual zones)	N/A (See individual zones)	"Safe" Aggregate zone (all zones in dnsbl.sorbs.net except "recent", "old", "spam" and "escalations")	No	Via SORBS Report Manager
	http.dnsbl	http.dnsbl.sorbs.net	Open HTTP proxy servers	Feeder servers	Until delisting requested.		No	Via SORBS Report Manager
	socks.dnsbl	socks.dnsbl.sorbs.net	Open SOCKS proxy servers	Feeder servers	Until delisting requested.		No	Via SORBS Report Manager
	misc.dnsbl	misc.dnsbl.sorbs.net	Additional proxy servers	Feeder servers	Until delisting requested.	Those not already listed in the HTTP or SOCKS databases	No	Via SORBS Report Manager
	smtp.dnsbl	smtp.dnsbl.sorbs.net	Open SMTP relay servers	Feeder servers	Until delisting requested.		No	Via SORBS Report Manager
	web.dnsbl	web.dnsbl.sorbs.net	IP addresses with vulnerabilities that are exploitable by spammers (e.g. FormMail scripts)	Feeder servers	Until delisting requested or Automated Expiry		No	Via SORBS Report Manager
	new.spam.dnsbl	new.spam.dnsbl.sorbs.net	Hosts that have sent spam to the admins of SORBS or SORBS Spamtraps in the last 48 hours	SORBS Admin and Spamtrap	Renewed every 20 minutes based inclusion in on 'spam.dnsbl.sorbs.net'		No	Via SORBS Report Manager
	recent.spam.dnsbl	recent.spam.dnsbl.sorbs.net	Hosts that have sent spam to the admins of SORBS or SORBS Spamtraps in the last 28 days	SORBS Admin and Spamtrap	Renewed every 20 minutes based inclusion in on 'spam.dnsbl.sorbs.net'		No	Via SORBS Report Manager
	old.spam.dnsbl	old.spam.dnsbl.sorbs.net	Hosts that have sent spam to the admins of SORBS or SORBS Spamtraps in the last year	SORBS Admin and Spamtrap	Renewed every 20 minutes based inclusion in on 'spam.dnsbl.sorbs.net'		No	Via SORBS Report Manager
	spam.dnsbl	spam.dnsbl.sorbs.net	Hosts that have allegedly sent spam to the admins of SORBS or SORBS Spamtraps at any time	SORBS Admin and Spamtrap.	Until delisting requested.		No	Via SORBS Report Manager
	escalations.dnsbl	escalations.dnsbl.sorbs.net	Netblocks of service providers believed to support spammers	SORBS Admin fed.	Until delisting requested and matter resolved.	Service providers are added on receipt of a 'third strike' spam	Yes	Via SORBS Report Manager
	block.dnsbl	block.dnsbl.sorbs.net	Hosts demanding that they never be tested	Request by host	N/A		No	Via SORBS Report Manager
	zombie.dnsbl	zombie.dnsbl.sorbs.net	Hijacked networks	SORBS Admin (manual submission)	Until delisting requested.		No	Via SORBS Report Manager
	dul.dnsbl	dul.dnsbl.sorbs.net	Dynamic IP address ranges	SORBS Admin (manual submission)	Until delisting requested.	Not a list of dial-up IP addresses	No	Via SORBS Report Manager
	noservers.dnsbl	noservers.dnsbl.sorbs.net	No Servers Permitted by ISP Policy	Netblock Owner Administered	Not Applicable.	No Servers Permitted by ISP Policy	No	Via SORBS Report Manager
	rhsbl	rhsbl.sorbs.net	Aggregate RHS zones	N/A	N/A		No	No
	badconf.rhsbl	badconf.rhsbl.sorbs.net	Domains with invalid A or MX records in DNS	Open submission via automated testing page.	Until delisting requested.		No	No
	nomail.rhsbl	nomail.rhsbl.sorbs.net	Domains which the owners have confirmed will not be used for sending email	Owner submission	Until delisting requested.		No	No
Spamhaus	SBL Advisory	sbl.spamhaus.org	Verified sources of spam, including spammers and their support services, per policy	Manual	From five minutes to a year or more, depending on issue and resolution		Rarely (escalation)	Yes (partial)
	XBL Advisory	xbl.spamhaus.org	Illegal third-party exploits (e.g. open proxies, email spambots, malware download sites and botnets)	Third-party with automated additions	Varies, under a month, self removal via Composite Blocking List lookup.	Consists of the Composite Blocking List	No	No
	PBL Advisory	pbl.spamhaus.org	Addresses not meant to be initiating SMTP connections, such as residential dynamic IPs	Manual, by providers controlling the IPs or by Spamhaus PBL Team	Self-removal (see spamhaus web site)	Should not be confused with the MAPS DUL and Wirehub Dynablocker lists	No	No
	SBL+XBL	sbl-xbl.spamhaus.org	A single lookup for querying the SBL and XBL databases				As per component list	As per component list
	Zen	zen.spamhaus.org	A single lookup for querying the SBL, XBL and PBL databases.			Preferred list to check all Spamhaus listings with one query.	As per component list	As per component list
ORBITrbl Aggressive RBL	RBL	rbl.orbitrbl.com	Unsolicited bulk/Commercial email senders (/24 IP address block)	Feeder servers	Until delisting requested? (Only when found to not be a spam source)Their web server is down[6] 2014-11-17 - Their RBL server is reporting all queries as SPAM.	Aggregate zone	Yes	No
Composite Blocking List	CBL	cbl.abuseat.org (also free available rsync access, on request see FAQ [7])	Only IP addresses exhibiting characteristics specific to open proxies, spamware, malware downloaders, botnets and the like.	Automatic: large spamtraps, production mail servers and other detection methods.	Less than a month after last listable event, self-removal via CBL lookup.	Use Spamhaus XBL or Spamhaus Zen instead; they include CBL.	No	No
IBM DNS Blacklist	Cobion	dnsbl.cobion.com				This DNSBL zone is part of the default configuration for Proventia Mail Security System and Lotus Protector for Mail Security	No	No
Passive Spam Block List	PSBL	psbl.surriel.com (also free available via rsync [1])	IP addresses used to send spam to trap	spamtraps	Temporary, until spam stops		No	No
DNSRBL - DNS Real-time Blackhole List	DNSRBL	dnsrbl.org	IP addresses used to send spam to trap	spamtraps	Temporary, until spam stops		No	No
Weighted Private Block List	WPBL	db.wpbl.info	IP addresses used to send UBE to members	spamtraps	Temporary, until spam stops		No	No
Protected Sky RBL	RBL	bad.psky.me	IP Reputation based. Seems to be proprietary.	Automatic, "based on several factors".	Temporary. Has self removal, users can not request delisting.	Accused by Spamhaus of unauthorized and undisclosed listings reuse.[8]	Yes	No
SpamCop Blocking List	SCBL	bl.spamcop.net	IP addresses which have been used to transmit reported email to SpamCop users	Users submit	Temporary, until spam stops, has self removal		No	Yes (partial)
SpamRats	RATS-NoPtr	noptr.spamrats.com	IP addresses detected as abusive at ISP's using MagicMail Servers, with no reverse DNS service	Automatically Submitted	Listed until removed, and reverse DNS configured		Yes	No
	RATS-Dyna	dyna.spamrats.com	IP addresses detected as abusive at ISP's using MagicMail Servers, with non-conforming reverse DNS service (See Best Practises) indicative of compromised systems	Automatically Submitted	Listed until removed, and reverse DNS set to conform to Best Practises		Yes	No
	RATS-Spam	spam.spamrats.com	IP addresses detected as abusive at ISP's using MagicMail Servers, and manually confirmed as spam sources	Manually Submitted	Listed until removed		Yes	No
	RATS-Auth	auth.spamrats.com	IP addresses detected probing passwords or authenticating without sending mail	Automatically Submitted	Listed until removed		Yes	No
SpamCannibal	spamcannibal.org	bl.spamcannibal.org	IP addresses and related generic netblocks that have sent spam.	spamtraps	Until removal requested and matter resolved by changing server DNS ptr record to a non-generic name.	{{{1}}} Offline since 2018-05-30.	Yes	No
Distributed Realtime Blocking List	drand DRBL node	spamtrap.drbl.drand.net	IP addresses used to send spam to traps or members	Automated [de]listing.	Varies from spam type, rate and other sophisticated factors. 30 s to 1 week.	High IP network aggregate threshold greater than or equal 254. Offline since 2010. [9]	Yes	No
Junk Email Filter	Hostkarma	hostkarma.junkemailfilter.com blacklist.hostkarma.com	Detects viruses by behavior using fake high MX and tracking non-use of QUIT	Automated [de]listing	Black list Data lives for 4 days. White list data lives for 10 days.	127.0.0.1=white 127.0.0.2=black 127.0.0.3=yellow	Yes	No
The Abusive Hosts Blocking List (AHBL)	dnsbl	dnsbl.ahbl.org	Aggregate zone, contains UCE/bulk email senders, open proxies, open relays, trojaned/infected machines, comment/trackback spammers	Feeder systems, manual	Until delisting requested As announced,[10] all public zones are no longer functioning (they return positive responses for all queries)	Aggregate zone (all aggregates and what they include are listed on AHBL)[11]	Yes	no
	rhsbl	rhsbl.ahbl.org	Domains sending spam, domains owned by spammers, comment spam domains, spammed URLs	Manual			Yes	No
	ircbl	ircbl.ahbl.org	Subset of dnsbl, contains only open proxies, compromised machines, comment spammers	Until delisting requested		Designed for use on IRC servers	Yes	No
Quorum.to	ip-dnsbl	list.quorum.to. ( or per-subscriber: [id].list.quorum.to. )	Stop spam from hosts that send no legitimate mail (list most non-mail-sending hosts).	Listings based on "instant" automated checks, recipient nomination and traps.	Listings can be challenged. Subscribers vote to decide sender status.	Public list follows standard dnsbl protocol. Subscription based service is more capable, but does not follow standard.	Yes	No
Heise Zeitschriften Verlag GmbH & Co. KG, hosted by manitu GmbH	NiX Spam (nixspam)	ix.dnsbl.manitu.net	Lists single IPs (no IP ranges) that send spam to spamtraps. Lists mailhosts, rather than domains, and thus blocks entire hosting providers and ISPs.	Automated listing due to spamtrap hits. Exceptions apply to bounces, NDRs and whitelisted IPs.	12 hours after last listing or until self delisting	TXT records provide information of listing incident - NiX Spam also provides hashes for fuzzy checksum plugin (iXhash) for SpamAssassin.	No	Yes (for ISPs/ESPs on request)
inps.de	inps.de-DNSBL	dnsbl.inps.de	Single IP addresses	IP addresses can be reported as known spam sources by users, additionally automated listing if spam arrives at the mailservers of inps.de	IP addresses are listed until they are removed manually via the website.	A- and TXT records are available for each entry; Removal is free after 30 days for automatic additions and after 7 days for manual additions; otherwise removal fee is at least EUR 10,00.	Maybe	No
blocklist.de [2]	dnsbl	bl.blocklist.de	IP-Addresses who Attacks other Server/Honeypots over ssh, imap, smtp, ftp, web, rfi, sqli, ddos....	Automatic: over Honeypots and with over 515 Users and 630 Servers from blocklist.de via Fail2Ban or own scripts	Automatic: 48 Hours after the last Attack. But earlier remove is available over the Delist-Link	Services are free. Source data is from Honeypot-Systems and over 515 User with 630 Servern there reports Attacks with Fail2Ban	No	Yes
SRN:SurGATE Reputation Network	SRN	srnblack.surgate.net	Spam sources, relay abusers	Feeder servers	Automatic expiry (varies by type); webpage allows delisting	Removal requests are quickly and manually reviewed and processed without fees.	Yes	No
s5h.net Internet Services	s5h.net	all.s5h.net	Spam sources from email, forums, referrer spam and dictionary attacks	Traps	Twelve months unless ISPs request removal earlier	By request. ISPs can provide request exclusion.	Yes	No
MegaRBL	RBL	rbl.megarbl.net	IP addresses used to send spam to traps	spamtraps, in order to avoid abusive reports (Competitors, false positive, etc...) only MegaRBL team can add an IP to the list.	Until delisting requested, which is impossible.	Removal requests are impossible, since the necessary login after registration fails every time. So without possibility to log in there is really no way to place a removal request. Once listed on MegaRBL an IP stays there forever. Maybe preparation for upcoming business model to earn much money with a removal service. Should not be considered a serious source for blacklist info. Domain expired in November, 2019 and service is discontinued.[12]	No	Yes
realtimeBLACKLIST.com	RBL	rbl.realtimeblacklist.com	Spam Trap	List of IP addresses that sends spam or causing troubles with botnets or phishing	Until delisting requested.	Removal requests will be investigated and processed within 24 hours of submission. Previously known as IPrange.net RBL Project	No	No
James Sawyer	Blocklist	security.jamessawyer.co.uk	Collection of Bad Actors from various sources, Works great with PiHole for personal use.	Spammers, Scammers, Malware, Cryptominers, TOR, botnets, phishing, attackers, harvesters, exfiltration etc. Basically anything and everything "bad"	Until delisting requested.	Removal requests will be investigated. Contact details provided.	Yes	No
BarracudaCentral	RBL	b.barracudacentral.org	Spam Trap	Provides a list of IP addresses which are sending spam. The Barracuda Reputation system uses automated collection methods to add and delete IP addresses from the BRBL.	Until delisting requested.	Requires registration of administrator and hosts to use. Removal requests are typically investigated and processed within 12 hours of submission if provided with a valid explanation.	No	No
SPFBL.net	RBL	dnsbl.spfbl.net	Bad reputation, difficult to identify the responsible, dynamic IP, SLAAC flag without genuine email service and inappropriate use of the URL	Provides a list of IPv4/IPv6 addresses and domains which are sending spam or phishing.	Until delisting requested or seven days with good reputation.	The feedback system runs at SMTP layer. See https://spfbl.net/en/feedback	Yes	Yes
Virbl	RBL	virbl.dnsbl.bit.nl	IP addresses that recently sent viruses.	2 virus mails sent to an associated system.	Automatic delisting. Listed as long as there were more than 2 virus mails sent in the last week. Offline Since May 2016		No	No
LashBack	UBL	ubl.unsubscore.com	IP addresses which have sent email to addresses harvested from suppression (opt-out) files	Traps	For 30 days after last offending message unless removal is requested		No	No
The NordSpam Project	NordSpam IP Blacklist	bl.nordspam.com	IP addresses detected as unsolicited bulk/commercial email senders, webspam	Manual	Until delisting requested.	Removal requests are manually reviewed and processed without fees.	Rarely (escalation)	Sometimes
	NordSpam Domain Blacklist	dbl.nordspam.com	Unsolicited bulk/commercial email senders, webspam	Manual	Until delisting requested.	Removal requests are manually reviewed and processed without fees.	No	Sometimes
0Spam Project	DNSBL	0spam.fusionzero.com	Spam Traps	A single IP(127.0.0.#) is listed upon sending spam to a spam trap, sending from multiple IPs within a range within a short period of time will result in a class C listing(127.0.#.0).	Until an IP owner/authorized admin requests listing removal.	Single IP Listed with Data result 127.0.0.# Class C IP Block Listed with Data result 127.0.#.0 Codes are as follows: (ie. General spam single IP result 127.0.0.1 ) general spam, Sending spam to our spam traps. Removal request made but missing required information, please make a new request and be sure to complete the form properly. Does not follow valid can-spam rules for newsletters / lists. Not RFC compliant, server errors or improper configuration. Repeat offenders, these are IP's that have been removed and listed again (3) or more times in a short period of time. Bouncing email to the wrong server, RFC-non-compliant configurations. Relay or Open relay with reports of spam. bouncing spoofed emails, you need to disable bounce of spoofed emails in order to get de listed. Fraud/Scam emails, malware or illegal/abusive content.	No	No
Brukalai.lt	DNSBL	black.dnsbl.brukalai.lt	IPs and domains for junk mail filtering (aggregate zone).	Mostly automatic with some manual additions.	Until delisting requested.		Yes	No

Notes

"Collateral Listings" - Deliberately listing non-offending IP addresses, in order to coerce ISPs to take action against spammers under their control.

"Notifies upon listing" - Warns the owner of the IP/Domain when they list an IP. (so owners can take action to fix the problem)

References

1. "armresearch.com". armresearch.com. Retrieved 2012-05-06.
2. "Archived copy". Archived from the original on 2015-06-23. Retrieved 2015-06-22.
3. UCEPROTECT® abc@uceprotect.org. "UCEPROTECT®-Network - Germanys first Spam protection database". Uceprotect.net. Retrieved 2012-05-06.
4. Simpson, Ken. "Getting Onto a Blacklist Without Sending Any Spam". MailChannels Anti-Spam Blog. MailChannels Corporation. Archived from the original on 19 September 2011. Retrieved 16 September 2011.
5. "sorbs.net". sorbs.net. Retrieved 2012-05-06.
6. http://www.orbitrbl.com
7. "The Cbl Faq". Cbl.abuseat.org. 2006-12-31. Archived from the original on 2012-05-11. Retrieved 2012-05-06.
8. "Fraudulent DNSBL uncovered: Protected Sky (bad.psky.me)". www.spamhaus.org.
9. https://web.archive.org/web/20100310122155/http://www.drbl.ru/
10. "Archived copy". Archived from the original on 2015-01-28. Retrieved 2015-01-06.
11. "Services - Abusive Hosts Blocking List". 27 April 2007. Archived from the original on 27 April 2007.
12. https://www.dnsbl.com/2019/11/status-of-megarblnet-dead.html

External links

• Blacklist Checker queries the major DNS Blacklists for specific IP address and returns whether it is listed for any malicious activities.
• RBL Check, RBL Check, Multiple & Real-Time
• Blacklists Compared, weekly reports since July 2001 (no new reports since 13 September 2014)
• Intra2net Blacklist Monitor, tracking more than 40 blacklists and giving weekly reports on hits and false positives
• Instant Multiple DNSBL Check Test, Open-to-use, Multiple DNSBL Check Test
• Multi-RBL Checking Tool, Multi-RBL Checker Tool (Check to see if your IP is showing up one or more RBLs)
• RBLTracker DNSBL Monitoring, Automated, Real-Time Black List Monitoring Service.
• SpamAssassin rule statistics, SpamAssassin's rule ham/spam ratios over time.
• List of all RBLs, Information about all existing blacklists including discontinued blacklists.
• Mail Server Blacklist Monitor, Blacklist monitoring service checking 150 blacklists, can be used freely.
• Barracuda Central, Devoted to sharing information with Barracuda Networks customers and the Internet security community.
• WebIron, Dedicated to advanced bot network detection, tracking, blocking and eradication through cleanup and reporting.
• WebSitePulse. Real-time monitoring service ensures the IP a mail server has not fallen into one of the major DNSBL blacklists.
• INPS Comparison of DNS blacklists and whitelists including spam hits, non-spam hits and error rates.