Man monitoring servers

The Spamhaus Policy Block List (PBL) includes IP address ranges for end-user devices, such as home routers and smart TVs, from which email should never be sent.

PBL helps organizations and ISPs to combat the onslaught from botnet spam, which often contains embedded malware or links to malware-infected websites.1

If you configure your mail servers to use the PBL you can block large volumes of spam from entering your network, with almost zero false positives.

The PBL is maintained by Spamhaus researchers and contains approximately a quarter of IPv4 IP address ranges, numbering around 1 billion IP addresses.

While some individual IP addresses are included, most PBL listings are in classless inter domain routing (CIDR) format and are at least /24 in size.

If you are a mail server administrator working for an ISP or large enterprise, you can sign up for an account and manage PBL listings for your own CIDR IP ranges.

By managing your own IP address range on the PBL, your organization can protect other networks from receiving spam from infected devices on your network. This helps to protect email recipients from malware, preserves the reputation of your company and avoids your domain being added to a DNSBL, which would result in your organization’s outgoing emails being blocked.

You can configure your mail server to handle connections from IP address ranges listed in Spamhaus PBL in any of the following ways:

  • Refuse connection and reject delivery (recommended for most mail servers)
  • Accept email but silently drop it, or save it into a system spam folder
  • Accept the connection and mark it as probable *SPAM* before delivery to recipient
  • Tarpit emails from PBL-listed IP address ranges

Please note that when configuring your server to use PBL, you must ensure that you exempt your own IP ranges, in order to prevent your mail servers from blocking email from your own users.

If you are operating an environment where outright rejection of email is not practical, you can use PBL in conjunction with anti-spam filters that operate a scoring technique, such as SpamAssassin.

You should only use PBL to check IP addresses that directly connect to your mail servers. If you check IP addresses from other Received headers, you will block email sent by end users through designated IP mail severs or a legitimate third party relay. This will result in significant amounts of legitimate emails being blocked, while catching very little extra spam.

Spamhaus researchers manually check to verify that legitimate SMTP servers have not been included within the PBL. In case a legitimate server is inadvertently included, PBL also has a self-removal facility. This is monitored to prevent the delisting facility being abused by spammers.

PBL makes up part of the Spamhaus ZEN composite blocklist, comprising SBL, XBL and PBL.

1 BBC: “Fridge sends spam emails as attack hits smart gadgets,” 17th January 2014

Click for your free 30 day trial

Discover why we’re the most trusted Mailfilter and Security solution with a 30 day free trial

Our customers

Many of the world’s largest internet service providers rely on Spamhaus threat intelligence to block harmful email traffic and protect their customers.

AOL Logo
Microsoft Logo
AT&T Logo
Comcast Logo
COX Logo
1∧1 Logo
Century Link Logo
 Mail RU Logo
Time Warner Cable Logo
Sonic Net Logo

With over 12 years experience, we are trusted experts

Get in touch

Latest News

Brian Krebs | Bitcanal - "Hijack Factory" Shunned from Web

Brian Krebs covers the Bitcanal "Hijack Factory" story which hit the news this week. In the article Krebs highlights that virtually all of Bitcanal's IP address ranges had been listed by Spamhaus.

Read more

Doug Madory | Shutting down the BGP Hijack Factory - Bitcanal

This week sees Spamhaus featuring in the news again. Bitcanal, a notorious bad actor, who has continually hijacked Border Gateway Protocol (BGP) routes, has effectively been kicked off the internet. Doug Madory, Director of Internet Analysis at Oracle Dyn, takes an in-depth look at the story: Shutting down the BGP Hijack Factory.

Read more

Connect with Spamhaus Technology

Keep up to date with the latest news at Spamhaus Technology.