What Is a DNSBL (Email Blacklist)?

A DNSBL (DNS-based Blocklist, formerly DNS Blackhole List) is a database of IP addresses known or suspected to send spam, host malware, or engage in other abusive behavior. Mail servers query these lists in real time via DNS to decide whether to accept, reject, or flag incoming email based on the sender's IP address. Check whether your IP is currently listed with our IP blacklist checker.

Major DNSBLs and What They Track

DNSBL	Operator	What It Blocks	Query Domain
Spamhaus SBL	Spamhaus Project	Known spam sources and spam operations	sbl.spamhaus.org
Spamhaus XBL	Spamhaus Project	Hijacked and infected hosts sending spam	xbl.spamhaus.org
Spamhaus PBL	Spamhaus Project	IP ranges that should not send direct-to-MX email (residential/dynamic)	pbl.spamhaus.org
Spamhaus ZEN	Spamhaus Project	Combined SBL + XBL + PBL	zen.spamhaus.org
SORBS	Proofpoint	Open relays, spam, proxies, dial-up ranges	dnsbl.sorbs.net
Barracuda BRBL	Barracuda Networks	IP addresses with poor email reputation	b.barracudacentral.org
UCEPROTECT	Community	Spam sources; L1 (single IP), L2 (ASN), L3 (provider)	dnsbl-1.uceprotect.net

How a DNSBL Query Works

When a mail server receives a connection from 198.51.100.5, it reverses the octets to get 5.100.51.198 and appends the DNSBL zone: 5.100.51.198.zen.spamhaus.org. If this hostname resolves (returns an A record), the IP is listed and the mail server can reject the connection. If it does not resolve, the IP is not listed and mail is accepted normally.

Why You Might End Up on a Blacklist

• Your IP was previously used by a spammer (common with dynamic and shared hosting IPs).
• A device on your network was infected with malware and sent spam without your knowledge.
• Your mail server is misconfigured as an open relay, allowing anyone to use it to send email.
• You are on a residential or dynamic IP range, which is listed preventively on policy-based lists like the PBL.
• You sent a high volume of email that triggered spam reports from recipients.