Skip to content

UCE Protect


Status: Active
Terms: Free
Zones: 3

Background is a DNS blacklisting service that is comprised of three distinct zones:,, and Each zone has different listing criteria, all of which are extremely important to understand before using any zone within the service. While DNS blacklists by nature can be controversial, is perhaps one of the most controversial of them all. works with over 50 other partners to help them gather information on servers that have been seen sending spam. Every tactic is used to locate which servers are sending spam, from spamtraps to third party reports, each of the 50 partners untimely communicates their findings back to From there, will determine which of their three zones the IP address should be listed in. is unforgiving with their listing policy, with a core belief that “people learn by consequence”. As a result of’s unforgiving listing polices, there is significant misinformation about their service written at other sources. does not charge for delisting, delisting happens automatically as soon as spam has ceased, and no special treatment is given to partners or anyone in particular with regard to listing or delisting. does have an expedited delisting service in which there is a fee, though it is only applicable to certain levels of listings.

Listing criteria

Listing in is somewhat unique compared to other DNS blacklists, due to the three distinct listing zones that are made available. Zones range from level one to level thee. Level one contains individual IP addressees, level two listings are escalations to containing subnets surrounding level one addresses, and level three, contains even larger subnets surrounding level two listings. This listing criteria essentially covers the broadest range of IP addresses possible.

If a set of IP addresses is seen spamming, it will start with a listing in the level one list. If within seven days, that spam has not stopped, the listing will escalate to contain much broader ranges of IP addresses. Essentially a level one listing may contain up to 255 IP addresses; if that is escalated to a level two listing, the number of IP addresses may be as high as tens of thousands. Finally, if still no action is taken against the spammers, a level three listing can potentially block IP ranges that contain entire service providers, which could mean hundreds of thousands of listed IP addresses.

In all cases, it only takes spam to stop for a total of seven days, in which case the listing will be removed. Though, with such large ranges being blocked, it can often be near impossible to stop all spam from hundreds of thousands of hosts for a period of seven days. Even if such a feat were possible, as soon as another spam was detected, the listing process would start all over again.


This is’s primary first level zone. If you find yourself in this blacklist, it generally means your server has inadvertently been sending spam. Track down the source of the spam, prevent it from happening again, and your IP will be delisted in seven days.

This is’s secondary level zone. Allocations less than /26 will be automatically be removed if no additional abuse is detected. Allocations of /25 will be allowed to expire only if there are less than two IP addresses listed in the level one blacklist.

A /24 range will expire if four or less IP addresses remain in Level one. uses a formula for all further delisting calculations within the level two zone:

(Netmask – 1) = Abuser IP’s + (Abuser IP’s at Netzmask + 1)

For example, a /23 network range will be removed when nine or less IP addresses remain, a /22 network range will be removed if fourteen or less IP addresses remain, and a /21 network range will be removed if twenty-four or less IP addresses remain.

Furthermore, in order for a network range to be removed from a level two listing, that IP address must have already been removed from a level one listing.

Level two listings can usually only be removed at the request of your upstream service provider.

This is’s third level zone. If after all the above listings in level two and level one have been worked out, and a level three listing still remains, the best you can do is complain to the ASN for which spam continues to come from, or take your business elsewhere. There is nothing an end server administrator can do to influence’s level three blacklist zone.

Removal Process

As an end user administrator of an email server, you can become delisted out of the level one DNS blacklist by simply correcting the spam that was seen to come from your server, and waiting seven days. If seven days is too long of a wait, for a fee of 50 Euros per IP address, you can have your addresses immediately removed.

Naturally delisting in seven days, or even paid delisting, can only happen for IP space in which you are in control of. If your IP address is a leased or shared IP address, and part of a larger network, the network owner will have to work with for delisting.’s policy is that it is not your responsibility to do the work of your upstream provider; the upstream must be the one to correct the problem.

A level two delisting will usually require significant work, as well as policy change on how spam is dealt with on behalf of the upstream that is providing leased or shared IP services. A level three delisting will be much like a level two delisting, however, the most challenging of all. As level three listings are comprised of large ISP’s, it may be impossible to have them make the needed changes to meet’s delisting criteria. In those cases, you can search out a new provider, or chose to no longer support this particular DNS blacklist.

Related Articles

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
Image of a man standing next to a huge brain

Here’s How to Choose a VPN: Don’t Overthink It and It’ll Be Fine

We're not all IT (internet technology) types, but don't tell that to VPN review sites! They make...

[Read More]

Email Scams 101: How To De-Code Sketchy Emails

Why are they dangerous? Because most, if not all, of our accounts, are tied to our email….

[Read More]
Scammers are Everywhere! Who You Gonna Call?

SCAM PREVENTION: Call a Good Friend BEFORE You Get Scammed!

Make someone in the family the point-person to stop a scam in progress. Scam prevention tactics are…

[Read More]

How a Scam Works: It’s All in the Formula and You’re an Ingredient.

A scam works (for the con artist) when all the elements come together just right.

[Read More]
Scam Savy

Avoid a Scam and Stay Safe With these 8 Simple Tricks

Scammers have a bag of tricks to try to separate you from your money. However, you can...

[Read More]
Cyber Crime

The Top Scams Aren’t Going Away Anytime Soon

Some aren't only victims of scams, there also victims of circumstance. They may lose their job and...

[Read More]