Man monitoring servers

DROP and eDROP

The Spamhaus Do not Route Or Peer (DROP) advisory list includes IP address ranges that are known to have been hijacked by professional spammers and cyber criminals, or have been directly allocated to criminal organizations by a regional internet registry (RIR).

These networks are completely controlled by criminal organizations and send zero legitimate traffic. They are solely used for spamming; hosting malware-infected sites; distributing phishing emails; hosting botnet command and control servers; and launching DDoS attacks against other networks.

The extended DROP list (eDROP) is a list of IP ranges that cyber criminals have leased from ISPs for the same purposes.

Any traffic from your network to a DROP/eDROP listed IP address is likely to be a user responding to a phishing email, or a device infected with botnet malware.

Both DROP and eDROP can be loaded into your router, BGP gateway, IDS, or firewall and used to block malicious email and internet traffic at your network edge.

By simply blocking connections from any IP address from a listed range, you can avoid wasting bandwidth and protect your users from being exposed to phishing links and malware embedded in spam emails.

Spamhaus updates the DROP and eDROP lists every few minutes. However, these lists generally remain stable because criminals tend to control IP address blocks for an extended period.

All networks that are listed in DROP and eDROP are also listed in the Spamhaus SBL. From 1st June 2016, in addition to returning the standard return code 127.0.0.2 for an SBL listing, all three zones: sbl.spamhaus.org; sbl-xbl.spamhaus.org; zen.spamhaus org, have also returned the new code 127.0.0.9, to denote that an IP address is listed in DROP/eDROP as well as the SBL.

Click for your free 30 day trial

Keep ahead of the threat - for free

DROP & eDROP are the most powerful ways to protect you from the 'worst of the worst' on the internet so we have made these Zones available as a no-cost public service to direct users of the data as part of our Response Policy Zone service.

See the positive impact real-time threat intelligence from Spamhaus can have - protecting you, your networks and your users.

Sign up

Discover why we're the most trusted Mailfilter and Security solution with a 30 day free trial

Our customers

Many of the world’s largest internet service providers rely on Spamhaus threat intelligence to block harmful email traffic and protect their customers.

AOL Logo
Microsoft Logo
AT&T Logo
Comcast Logo
COX Logo
1∧1 Logo
Century Link Logo
 Mail RU Logo
Time Warner Cable Logo
Sonic Net Logo

With over 12 years experience, we are trusted experts

Get in touch


Latest News

Join us at World Hosting Days, Germany

Spamhaus Technology and partner MXTools will be showing how to beat the scourge of the hosting industry at World Hosting Days, Germany March 28-30th.

Read more

Hailstorm spam…how to fight back.

Spammers constantly adapt their attacks but with improved speed of service from Spamhaus, there’s now the means to thwart this malicious technique..…Read more

Read more

Connect with Spamhaus Technology

Keep up to date with the latest news at Spamhaus Technology.