What is a DNSBL?

Domain Name System Blacklists, also known as DNSBL’s or DNS Blacklists, are spam blocking lists. They allow a website administrator to block messages from specific systems that have a history of sending spam.

These lists are based on the Internet’s Domain Name System, or DNS. It converts numerical IP addresses such as 140.239.191.10 into domain names like example.net. This makes the lists much easier to read, use, and search. If whoever maintains a DNS Blacklist has received spam from a specific domain name in the past, that server would be “blacklisted.” All messages sent from it would be either flagged or rejected from all sites that use that specific list.

The History of the DNSBL

DNS Blacklists have a rather long history in web terms. The first one was created in 1997. Called the RBL, its purpose was to block spam email and to educate Internet service providers and other websites about spam and its related problems. It had three basic components: A domain name to host it, a server to host that domain, and a list of addresses to publish.

Modern DNS Blacklists are rarely used as educational tools. However, their function as a blocker and filter still serves its original purpose. Almost all email servers today support at least one DNSBL in order to reduce the junk mail clients receive. The three basic components of a DNS Blacklist also haven’t changed since RBL was created.

The basic components of every DNSBL are:

A domain name to host the list
A server to host the domain
A list of addresses to publish the blacklist

Many services today offer DNSBLs and each one has its own standards for what is considered spam. Some are stricter than others, making it relatively difficult to be removed from the blacklist once you’re on it.

Some common DNSBL services include:

The Passive Spam Block List (psbl.surriel.com)
The Spamhaus Project
The Spamcop Blacklist
The Spam and Open Relay Blocking System (SORBS)
MegaRBL Blacklist
Blackholes.five-ten-sg.com Blacklist
Emailbasura Blacklist

You can see a full list of DNSBLs on our Blacklist Checker tool webpage.

DNS Blacklists Today

There are now dozens of different DNSBLs available for use. Each one has its own list, populated based on their own standards for what is or isn’t spam. Because of this, DNS Blacklists can vary greatly. Some only list sites for a certain amount of time since the last spam was received. Some are maintained manually. And some don’t just block IP addresses, but entire Internet Service Providers known to harbor spammers. This means some lists works better than others because they are maintained to different standards.

Website admins can use these differences to decide which DNSBL works best for their security needs. Less strict lists might let more spam through, but might not block non-spam messages that have been misidentified by stricter lists. DNSBLs that are intended for public use usually have a published policy detailing their criteria. This way, they not only attain confidence in their services, but sustain it.

How DNSBLs Work: Preventing Blacklisting

When you open your email client, type a message, and hit “send” it seems so easy. You don’t think about all the processes taking place in the background or security checks being run on your outgoing mail. Most of the time, you don’t even wonder if your message will make it to the recipient, or if it will be marked as spam.

Email has come a long way since its early days. Today, many tools exist to help verify that a sent email comes from a legitimate IP address or domain name. But this verification is still a difficult process for email service providers. If you have your own mail server and send out messages from your domain, you don’t want your emails getting blacklisted as spam — especially if you run a business that focuses on email marketing.

In this guide to DNSBLs, (Domain Name System Blacklists), you’ll learn how DNSBLs work, what to do if your domain gets blacklisted, and how to avoid getting blacklisted in the first place.

How DNSBLs prevent spam emails

All DNSBLs operate on the same premise: adding spammers to the blacklist. But the policies of each DNSBL differ. How long a domain stays on the blacklist, what must be done to be removed from it, and other details vary depending on the DNSBL service you use.

You can tell DNSBL policies apart by looking at three factors:

Goals: Goals measure what the DNSBL aims to blacklist. It could be all open-relay mail servers, open proxies, IP addresses known to send spam, or even IP addresses belonging to Internet Service Providers (ISPs) that are known to allow spammers to operate.
Nomination: Nomination refers to how addresses get added to the blacklist. The DNSBL could rely on addresses submitted by its users or set spam traps like honeypots.

Listing lifetime: Listing lifetime is how long an address stays on the blacklist once it’s added. Some services automatically expire addresses after a certain time and others require manual removal. It also refers to the policies the DNSBL has in place to allow listed hosts to get their addresses removed.

The reasons DNSBLs list domains and IP addresses

Each DNSBL uses different listing criteria. Something that gets flagged with one service may not be flagged with another. For the most part, DNSBLs use the following reasons to blacklist addresses.

Technical: Listings for technical reasons are due to mail server configuration issues. These might include missing or incorrect reverse DNS records, missing or incorrect banner greetings, or a mail server operating with an IP address that an ISP has said not to operate in.
Policy based: Some addresses get listed because an operator doesn’t want to receive email from certain countries, ISPs, or addresses with a history of not complying with unsubscribe rules.
Evidence based: If an operator has received direct or indirect evidence that an IP address is involved in sending unsolicited emails, it can land that address on the blacklist as well.

How to know if your domain name gets blacklisted

If you run a mail server or manage one with multiple accounts, you need to ensure that your server doesn’t get blacklisted. You can look up your IP address or domain with our Blacklist Check tool. We also have a Blacklist Help forum you can visit for questions about listing and removing IP addresses on blacklists.

How to get removed from a blacklist

If you suspect your IP address or domain name has been blacklisted by a DNSBL service, the first thing you need to do is figure out which service is blocking you. You can do that by using Blacklist Check tool mentioned above.

Once you know which DNSBL has flagged you, you can check their website for resources or articles on how to get delisted. Most services have instructions you can follow for getting your address removed from the blacklist. You may also learn why you’ve been listed in the first place.

After learning the reason behind being put on a blacklist, your next step is to remedy the action that put you there. Some steps you may have to take include:

Correcting forward and reverse DNS records
Correcting SMTP banners
Scanning all the computers on your network for viruses
Look for and install updates to your operating system
Make your routers more secure
Create and start using stronger passwords

Some DNSBLs have a self-service removal feature that lets you take your address off the list yourself. Most blacklists, however, have a time-based removal. These processes automatically remove low-level offenders within one or two weeks. If you’re still blocked and you need a quick workaround while you fix the root cause, you can also learn how to change IP address free using a few simple, legitimate methods.

Contacting a blacklist operator

When you reach out to a blacklist service about getting your address removed, it’s important to be professional and follow their instructions. If you truly haven’t done anything wrong, let them know and they should be more than willing to help you get your address removed.

When your interact with the DNSBL, keep the following in mind:

Their goal is not preventing you from sending emails, it’s reducing email spam for their customers.
DNSBLs don’t add addresses to their lists for no reason. They’re trying to identify and prevent real problems, so be flexible and willing to take action to rectify the situation.
Blacklists are legal in most countries because they are designed to prevent fraud. You most likely won’t be able to take legal action against a DNSBL service.
If you ended up on the blacklist because of an error you made, don’t commit that error again. DNSBLs are significantly less lenient for second or multiple offenders.

How to avoid being listed on a DNSBL

The best way to deal with getting blacklisted is not to get blacklisted in the first place. You can do several things to prevent being considered spam or ending up on a blacklist.

Don’t send spam from your network: Make sure no senders on your network are sending out spam, intentionally or unintentionally. You will need to check the mail logs to do this.
Use mail sending best practices: These best practices include setting a DNS pointer, matching your MX domain name to the pointer, checking that your mail transfer agent (MTA) uses proper EHLO/HELLO, and only allowing mail attachments of 50MB maximum.
Check your logs and queues: You should check your mail logs and queues daily for potential problems.
Set up DNSBL monitoring alerts: You can subscribe to a service that will monitor potential blacklistings for you if you don’t want to have to run the check yourself all the time.
Always respond to complaints: Keep your admin email contacts updated so if users have abuse complaints you receive them right away. Always respond to these complaints professionally.
Publish SPF records: Sender Policy Framework (SPF) is a process to validate email messages that have been sent. Setting up and publishing SPF records is a must for avoiding spam.
Create an email with DKIM: DomainKeys Identified Mail (DKIM) is an authentication process that allows an organization to claim responsibility for a message.
Never allow open relays: Never allow your email server to be open-relay. You should only let authenticated users send emails from your server.
Set up a firewall for outbound mail: Set up a firewall that all your outgoing messages pass through to check for viruses, malware, or spyware.

Can you get whitelisted?

At this point, you may wonder if it’s possible to have your address whitelisted by a DNSBL service. In other words, no messages from your server or address ever get flagged because you’re marked as “safe.”

As a general rule, DNSBL services like Spamcop, Spamhaus, and others do not allow whitelisting. If they did, it would compromise the security they’re promising to their email clients. You know that your emails are safe, but the DNSBL or users don’t. Furthermore, at some point after you’ve been “whitelisted” a spam email could mistakenly come from your address and if you are considered “safe” this email would get through to its recipient.

The best thing you can do is work to avoid getting blacklisted and to cooperate with DNSBL services to get removed if you ever do end up on a blacklist.

Don’t get blacklisted

Finding out your domain or IP address has been blacklisted isn’t cause for panic, but you should take the matter seriously. If you follow some of the tips in this guide, hopefully, you can avoid being blacklisted entirely.