Spamhaus DBL

Over the last few months I’ve gotten an increasing number of questions about the Spamhaus DBL. So it’s probably time to do a blog post about it.

Last year I wrote about the DBL:

DBL is the Domain Block List. It lists domains and not IP addresses. I’ll be honest, I don’t have as much experience with the DBL as with other lists, but I have had a few clients on the DBL.

• DBL is tied into the CSS.
• You can get on the DBL without the sending IP being on CSS.
• DBL makes no judgement on the source of the mail, only the content of the mail

With more clients being on the list, I have a little more information about it.

DBL listings are generated both by automated tools and by manual entries from the Spamhaus folks. Automated listings are the ones most closely tied to CSS listings.

From my perspective, the goal of the DBL is to block domains found in spam being sent from many IP addresses in a way that makes it difficult to address with standard IP based blocks. I believe that the automated DBL listings are generated based on domains found in the content of the email rather than domains found in the headers. However, most of the DBL users match against any domain in the message including those in the headers.

The automated DBL listings are usually the root domain, but it is possible some of the manual listings are more specific and list subdomains.

There is an automated delisting process, but there are limits to the number of times you can delist. Too many delistings and you need to send email and be manually delisted. This can take quite more than 24 hours, in some cases. If you are listed on both the CSS and the DBL you need to ask for delisting for both.

If your domain is on the DBL but your IPs are not on the CSS then then I suggest looking at the possibility that someone is putting your links in spam. It could be web server compromise hosting phishing. Or, if you’re an ESP, maybe a customer  grabbed a tracking link and is using it in mail sent through another provider.

As with all listings, identifying the underlying reason for the listing and fixing the problem is crucial to staying off the list. If you’ve not fixed the problem, the listing will come back. And, eventually, you won’t be able to delist automatically.