Home / Blogs

Is Spamhaus Still Relevant?

Recently the relevancy of Spamhaus and whether it is still necessary has been raised in various discussions and in particular among marketers. I think this is an interesting question for a lot of reasons. One is because there’s such a broad range of opinions about Spamhaus and almost none of them are ambivalent. Another is because so many people don’t really know what Spamhaus does, other than publish the SBL and ROKSO.

Spamhaus is relevant for a couple of reasons. The biggest is that many receivers actually pay attention to what they say. There are some pretty major ISPs in the US and around the world that use one or more of the Spamhaus provided lists. Their lists are also built into some appliances and filters. Major network providers will act on SBL listings and outright disconnect customers who are on ROKSO.

They are also one of the oldest blocklists around; only the MAPS / Trend Micro lists have been around for longer. Spamhaus has a very large footprint, in terms of organizations that use Spamhaus lists, they probably have the biggest footprint in the world. In the US some of their lists are used by at least one major webmail provider, and there are a number of mid-range ISPs and corporations that use the SBL specifically. At least one commercial filter uses Spamhaus data and many of the others provide interfaces so customers can use the Spamhaus lists.

There is another side to Spamhaus, one that many people don’t know or think about. They work extensively with international law enforcement in the realm of spam, botnet and organized crime gangs. Sadly I can’t speak to many specifics as much of my knowledge of this comes from MAAWG and “What happens at MAAWG stays at MAAWG.” But Agent Grasso was very clear that one of the reasons the DNS Changer working group happened was the intelligence that Spamhaus (among others) collected about Rove Digital and presented to the FBI.

Many marketers and senders have had frustrating interactions with Spamhaus in the past. Marketers don’t always like Spamhaus’ perspective on permission and the responsibility a sender has to verify the recipient wants mail. By the same token, Spamhaus reps have had frustrating interactions with marketers and senders in the past. Spamhaus doesn’t always like marketers’ perspective on using inboxes as an advertising venue.

These interactions have translated into a contentious relationship that goes a little beyond the specifics of a particular SBL listing. During negotiations for what needs to happen each side expects the other side to cave, and neither side wants to give in at all. There have been cases where Spamhaus has given some marketer the benefit of the doubt and delisted. In at least a few of those cases, they then had to go back and re-list because the marketer didn’t do what they agreed to do. Every marketer that fails to follow through on their end of the agreement reinforces the distrust.

There’s also a bit of a language gap. Spamhaus has been willing to work with marketers, but not always in a way that made marketers feel like they were being accommodated or understood. Marketers have been willing to work with Spamhaus, but not always in a way that made Spamhaus feel like they were being accommodated and understood.

Given some of the marketers that have blatantly lied to them in the past, Spamhaus’ perspective is understandable. With that being said, though, they are becoming more willing to work with marketers and ESPs. A number of us in the delivery space have talked, educated, and discussed issues with Spamhaus volunteers to effect this change. I have seen changes how some of the SRs are willing to work with marketers, particularly in the last couple years. I have seen how they are more willing to work with me, and some ESP representatives, as partners in removing abusive mail from the email ecosystem.

There is a lot of work Spamhaus does outside the public sphere. Spamhaus has a good reputation with ISPs, with law enforcement and with a lot of technology companies. And that’s not just for the SBL and ROKSO listings, but some of their other lists. Their most widely used list is the PBL, which targets end user machines that shouldn’t be sending mail directly per the policies of the broadband ISPs. The XBL lists machines that appear to be infected with viruses and may be part of botnets. Many ISPs take the XBL reports, either directly or through third parties, and use them to contact users and fix their machines. The DBL lists URLs currently abused by spammers and phishers or that are being used in the transmission of viruses.

I believe Spamhaus is relevant, but what I think is not terribly meaningful. What is meaningful is that many people in the receiver community find Spamhaus relevant enough to use their data and listen to their opinions. It is the receiver support which makes Spamhaus an important consideration for senders. Without the receiver support, Spamhaus would be just another one in thousands of rarely used blocklists.

By Laura Atkins, Founding partner of anti-spam consultancy & software firm Word to the Wise

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byDNIB.com


Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API