The Blocklist.de blocklist reports attacks to the abuse departments of the infected PCs and servers. BlockList.de does not block emails or requests. Third-party administrators configure their servers, which may reject a connection because it is listed in BlockList.de. More details on the listing criteria, deliverability impact, and information about getting listings removed is provided below.
To find the addresses of attacking hosts, its reports use information from:
- Whois (abuse-mailbox, abuse@, security@, email, remarks)
- The RIPE Abuse Finder
- The contact database from Abusix
Blocklist.de uses the allowlists from dnswl.org and Spamhaus and the blocklist from the Tor Project to reduce false-positives.
- Type of list: This is a public blocklist.
- Listings occur: At the IP level.
- Criteria for getting listed: Sending spam specifically to the fraud and abuse-specialist, whose servers are often attacked on Secure Socket Shell (SSH) (an encrypted network protocol that allows a remote login to operate securely over an unsecured network), Mail-Login, File Transfer Protocol (FTP), Webserver and other services.
- Impact on deliverability: Minimal. Legitimate senders should never see a listing on this blocklist.
- Regional impact: Global.
- Getting removed from this blocklist: Listings expire after 48 hours. If the problem is resolved prior to the 48 hours, you can submit your IP for delisting.
This is a service that is very specific to abuse attacks that do not necessarily end in spamming. It would be rare for an email marketer to be listed on this blocklist.