Man monitoring servers

Threat intelligence updated every 60 seconds

If users click on malicious links within phishing emails and inadvertently download malware or ransomware, this can lead to cybercriminals gaining a foothold in the corporate network, allowing them to copy intellectual property; steal, alter or encrypt data for financial gain; install spyware; or add computers to botnets.

In the worst case scenario, a user clicking on a phishing link could lead to complete compromise of the corporate network.

Security professionals can mitigate this risk by using Response Policy Zones (RPZs) to block access to malicious sites by preventing the DNS from resolving to malicious domains and IP addresses. This protects users from visiting newly-registered malware dropper sites and bad IP addresses that pose a significant risk.

Spamhaus Technology Response Policy Zones use domain and IP reputation data from Spamhaus’ real-time threat intelligence data to protect users' computers from connecting to harmful sites as soon as the domains are registered and before they can compromise users’ computers and harm your network.

Developed in collaboration with Deteque and ISC, Spamhaus Technology RPZ helps to prevent data loss by disrupting communications between C&C servers and infected botnet nodes on your network.

Use RPZs for phishing awareness

Rather than simply returning NX Domain, organizations can also use RPZs to improve security awareness by redirecting employees to a page warning of the dangers of visiting particular websites or clicking on links in phishing emails.

This approach can be used to identify users who would benefit from training in how to spot and avoid clicking on phishing links and reinforces your organization’s technological defences with user education.

Spamhaus RPZs updated every few seconds

Spamhaus RPZs are updated up to every sixty seconds and only changes to the lists are broadcast, so that updates can be propagated to all domain name servers worldwide in a matter of seconds. This provides network administrators, security professionals and service providers with the most current threat intelligence to protect their networks from being compromised by people clicking on phishing links, or browsing untrustworthy sites. As soon as the new RPZs are propagated, your network users are unable to connect to listed domains and IP addresses: mitigating the threat from new malicious domains.

When users attempt to access websites, a five step process takes place:

  • The user clicks on a link, or enters the URL of the site they want to reach into their browser
  • The user’s machine queries the local DNS server for an A record
  • The DNS server finds a matching IP address.
  • The DNS server returns the IP address to the user’s machine
  • The user's web browser now contacts the website using its IP address.

Discover why we’re the most trusted Mailfilter and Security solution with a 30 day free trial

Our customers

Many of the world’s largest internet service providers rely on Spamhaus threat intelligence to block harmful email traffic and protect their customers.

AOL Logo
Microsoft Logo
AT&T Logo
Comcast Logo
COX Logo
1∧1 Logo
Century Link Logo
Facebook Logo
 Mail RU Logo
Time Warner Cable Logo
Yahoo Logo
Sonic Net Logo

With over 12 years experience, we are trusted experts

Get in touch


Latest News

Choking the botnets - RPZ protecting a client's users across the USA.

Email security providers are reducing the risks from recently registered Domains thanks to the new 'Zero Reputation Domain' data list from Spamhaus

Read more

Recently registered Domains - how to avoid the risks

Email security providers are reducing the risks from recently registered Domains thanks to the new 'Zero Reputation Domain' data list from Spamhaus

Read more

Spamhaus Technology adds DGA domains to RPZ

Last Thursday Spamhaus Technology added DGA domains to the Spamhaus Technology Botnet Control and Command RPZ (Response Policy Zones). This resulted in the RPZ increasing in size from around 500 entries to 1.2 million.

Read more

Connect with Spamhaus Technology

Keep up to date with the latest news at Spamhaus Technology.