What is the blacklist?

The blacklist reports attacks to the abuse departments of the infected PCs and servers. does not block emails or requests. Third-party administrators configure their servers, which may reject a connection because it is listed in More details on the listing criteria, deliverability impact, and information about getting listings removed is provided below. 

To find the addresses of attacking hosts, its reports use information from: uses the whitelists from and Spamhaus and the blacklist from the Tor Project to reduce false-positives.

Key details

  • Type of list: This is a public blacklist. 
  • Listings occur: At the IP level.
  • Criteria for getting listed: Sending spam specifically to the fraud and abuse-specialist, whose servers are often attacked on Secure Socket Shell (SSH) (an encrypted network protocol that allows a remote login to operate securely over an unsecured network), Mail-Login, File Transfer Protocol (FTP), Webserver and other services. 
  • Impact on deliverability: Minimal. Legitimate senders should never see a listing on this blacklist.
  • Regional impact: Global.
  • Getting removed from this blacklist: Listings expire after 48 hours. If the problem is resolved prior to the 48 hours, you can submit your IP for delisting.

Common issues
This is a service that is very specific to abuse attacks that do not necessarily end in spamming. It would be rare for an email marketer to be listed on this blacklist.

Products affected

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request