Man monitoring servers

Domain-based protection updated every 60 seconds

According to the latest Verizon Data Breach Investigation Report, which analysed 100,000 incidents, almost 10% of phishing attacks resulted in a data security breach.1

On average, the first phishing email link was clicked within 3 minutes and 45 seconds. Almost a third of phishing emails were opened and, of that proportion, 12% of people took the bait by opening attachments and clicking on links. Using this technique, 80% of cybercriminals compromise systems within minutes and start exfiltrating data within days.2

To help mitigate the risks created by users visiting bad domains and clicking on links in phishing emails, Spamhaus developed its Domain Block List (DBL) to provide near real-time protection for your network assets.

Criminals register thousands of domains and only use them for short periods, to try to evade detection. The Spamhaus security researchers use automated systems to constantly monitor newly-registered domains and identify links to cybercriminal activity, allowing us to rapidly list suspect domains.3

Spamhaus Technology DBL is provided as a Response Policy Zone that can be added to your BIND server to selectively block DNS resolution to malicious domains, before users can click on links and do any harm to your network.4

Parts of the DBL are managed as zero false positive listings and use senders’ domains, contained within SMTP headers, to safely reject harmful emails at SMTP connection time.

The whole Spamhaus DBL protects mailservers and networks by performing message body URI checks to enable administrators to block email containing links to listed domains. As an administrator, you can use the DBL return code to simply block emails, or use it as part of a spam scoring system, according to your organisation’s policies, risk profile and tolerance for false positives.

Spamhaus Technology DBL contains tens of thousands of bad domains and is updated every sixty seconds. Domains are removed from the list once they cease to pose a risk. Therefore, the DBL is maintained as a relatively small list, with only changes to the list being shared. This facilitates frequent updates: offering near real-time protection against the latest domain-based threats to your network.

A much larger version of the DBL dataset, which retains domains for a longer period, is also available from Spamhaus Technology.

1 Spamhaus Domain Blocklist http://www.spamhaus.org/dbl

2 Source: Verizon Data Breach Investigation Report 2016 http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/

3 Source: Financial Times “10% of phishing scams lead to data breach,” 26th April 2016 http://www.ft.com/cms/s/0/9ef7aebc-0b1a-11e6-9456-444ab5211a2f.html

4 eDBL DNS Response Policy Zones https://dnsrpz.info/

Click for your free 30 day trial

Discover why we’re the most trusted Mailfilter and Security solution with a 30 day free trial

Our customers

Many of the world’s largest internet service providers rely on Spamhaus threat intelligence to block harmful email traffic and protect their customers.

AOL Logo
Microsoft Logo
AT&T Logo
Comcast Logo
COX Logo
1∧1 Logo
Century Link Logo
Facebook Logo
 Mail RU Logo
Time Warner Cable Logo
Yahoo Logo
Sonic Net Logo

With over 12 years experience, we are trusted experts

Get in touch


Latest News

Choking the botnets - RPZ protecting a client's users across the USA.

Email security providers are reducing the risks from recently registered Domains thanks to the new 'Zero Reputation Domain' data list from Spamhaus

Read more

Recently registered Domains - how to avoid the risks

Email security providers are reducing the risks from recently registered Domains thanks to the new 'Zero Reputation Domain' data list from Spamhaus

Read more

Spamhaus Technology adds DGA domains to RPZ

Last Thursday Spamhaus Technology added DGA domains to the Spamhaus Technology Botnet Control and Command RPZ (Response Policy Zones). This resulted in the RPZ increasing in size from around 500 entries to 1.2 million.

Read more

Connect with Spamhaus Technology

Keep up to date with the latest news at Spamhaus Technology.