Blacklist Checker
Check if a domain or IP address appears on major email blacklists and DNSBL databases.
About Email Blacklist Checking
Email blacklists (also called DNSBL — DNS-based Blackhole Lists) are databases of IP addresses known to send spam, host malware, or engage in other abusive behaviour. Receiving mail servers query these lists during message acceptance. If the sending IP is listed, the message may be rejected, quarantined, or scored higher as spam.
How DNSBL lookup works
To check whether IP 1.2.3.4 is listed on a DNSBL like zen.spamhaus.org, the reversed IP is prepended to the DNSBL hostname: 4.3.2.1.zen.spamhaus.org. If this DNS query returns an A record, the IP is listed. The specific address returned encodes the reason for listing.
Major blacklists and what they cover
- Spamhaus ZEN — Combines SBL (known spam sources), XBL (exploited/hijacked machines), and PBL (end-user IP ranges not supposed to send email directly). Widely used and highly trusted.
- Barracuda — Operated by Barracuda Networks; used by their email gateway products.
- SORBS — Large database with multiple zones including spam, exploited hosts, and dynamic IPs.
- SpamCop — Based on spam reports submitted by users.
What to do if listed
- Identify why: check the DNSBL's lookup page for the specific listing reason
- Resolve the underlying cause: eliminate compromised accounts, fix open relays, or contact the hosting provider
- Request delisting: most major DNSBLs have a self-service delisting process once the problem is resolved
- Consider a dedicated sending IP if the shared IP was compromised by another sender on the same server
Frequently asked questions
What is a DNSBL?
A DNSBL (DNS Blacklist, also called RBL — Realtime Blackhole List) is a database of IP addresses known for sending spam. Email servers query these lists to decide whether to accept or reject incoming mail.
I am listed — what do I do?
Each DNSBL has its own removal process. Visit the blacklist website to find their removal policy. Common steps: fix the issue causing the listing (open relay, malware, spam), then request delisting.