Why is a domain listed in Domain Blocklist (DBL)?
Back
Why is a domain listed in Domain Blocklist (DBL)?
The Spamhaus Domain Block List (DBL) evaluates many factors for inclusion of domains. We do not discuss the specific criteria we use.
- Domains must match several criteria in order to be listed.
- We will not reveal specific listing criteria in most cases.
- DBL listings are constantly reevaluated by our systems, and listings do expire automatically when listing criteria are no longer met.
These are general observations to help domains build a good reputation and avoid DBL listings.
NOTE: These observations are universal and do not apply only to the Spamhaus reputation systems.
Domain reputation
- Reputations are built over time, and building a good reputation takes longer than building a bad reputation.
- Experience has shown that an unknown reputation has a much higher risk of emitting spam than known-good domains, so unknown reputations begin as “poor” by default.
- Anonymity does not contribute to a good reputation.
- Domain and IP address reputations affect each other.
- If domains are used in legitimate traffic for enough time to establish a good reputation, DBL will notice that and remove the listing.
- The DBL will notice if domains are used for activities that cause poor reputations, such as spam, cybercrime or other “blackhat” pursuits.
Snowshoe spamming
- This is a technique that uses many domains and IP addresses, which change frequently.
- Legitimate bulk email builds a reputation over time on durable, long-term domains and IP addresses.
- Because of that investment in time and effort, reputable mailers don’t use nearly as many domains, and fewer IP addresses, than snowshoers.
- Domains which act like they are snowshoeing will get treated like snowshoers.
Authentication
- Having solid domain authentication is a necessary tool in today’s email ecosystem, but SPF, DKIM, and/or DMARC can all be used by spammers as well as by good senders.
- DBL listings occur for domains with and without those records.
Bulk email/Marketing email
- If a domain is being used in bulk email, be sure best practices are followed for sending only confirmed opt-in, solicited bulk mail.
- See our Marketing FAQs for more information.
- It can also help to consult industry experts or good deliverability consultants for further assistance.
Role Accounts and Feedback Loops
- These are a domain’s abuse detection system.
- If they are not set up and functional, there is a huge loss of visibility into abuse issues on a network.
- They should be used to identify problems including spam, and to stop those problems before they degrade a domain’s reputation.
Clean hosting
- Domains should be hosted on good, clean ISPs which do not allow abuse of their network.
- “Clean” includes a domain’s NS, A, MX and website DNS records.
- Hosting a domain on spam-friendly IPs or servers, or at ISPs that tolerate network abuse, including spam, has a negative effect on the reputation of all domains on that network.
- Mail server IPs should be identified with proper rDNS (PTR records) and mail servers should identify themselves with a proper HELO value (also RFC 5321 4.1.1.1).