Blacklist Check
Check if an IP address or domain is listed on major DNS blacklists. All queries run in your browser via DNS over HTTPS.
What are DNS Blacklists?
DNS-based Blackhole Lists (DNSBLs), also known as Real-time Blackhole Lists (RBLs), are databases of IP addresses known to be sources of spam, malware, or other abusive email behavior. Mail servers query these lists during the SMTP connection to decide whether to accept, reject, or flag incoming messages.
Being listed on a blacklist can severely impact email deliverability. Messages from listed IPs may be rejected outright or routed to spam folders. Regular monitoring helps detect listings early so they can be resolved before causing widespread delivery failures.
How DNSBL Works
The DNSBL protocol works by reversing an IP address and appending the blacklist's zone. For example, to check IP 1.2.3.4 against zen.spamhaus.org, the receiving server queries 4.3.2.1.zen.spamhaus.org for an A record. If an A record exists (typically 127.0.0.x), the IP is listed. If the query returns NXDOMAIN (no record), the IP is clean.
Common Blacklist Providers
| Provider | Focus | Description |
|---|---|---|
| Spamhaus ZEN | Comprehensive | Combined list (SBL + XBL + PBL). Most widely used by mail servers worldwide. |
| SpamCop | Spam traps | User-reported spam sources with automated listing and expiration. |
| Barracuda | Spam sources | Maintained by Barracuda Networks from their email security appliance data. |
| SORBS | Multi-purpose | Multiple lists covering spam, open relays, and dynamic IP ranges. |
| CBL | Botnet IPs | Composite Blocking List focused on IPs sending spam via botnets or malware. |
| UCEPROTECT | Tiered blocking | Three levels: individual IPs (L1), allocations (L2), and ASNs (L3). |
Get the full picture with DMARCguard
Continuous monitoring, aggregate report parsing, and actionable insights for all your email authentication protocols.
Start Free