Spamhaus Exploits Block List (XBL)


The Spamhaus Exploits Block List (XBL) is a list of known open proxies and illegal third-party exploits that are used to send spam and viruses. It includes information gathered by Spamhaus and contributing Domain Name System blacklist (DNSBL) operators such as the Composite Blocking List (CBL).

  • Listings occur at the IP level.
  • The impact on deliverability is high.

Reasons for getting listed

The XBL includes IPs of hijacked PCs and servers infected by:

  • Illegal third-party exploits, including open proxies (HTTP, SOCKS, AnalogX, Wingate, and others)
  • Worms and viruses with built-in spam engines
  • Other types of Trojan horse exploits

How to get off this blacklist

If your system was compromised by a virus through mail, web, or other downloads, then in order to fix it, you need to find and close any open SOCKS, Wingate, or HTTP-type proxies.

If the contributing issue has been resolved, the listing will be removed automatically. Spamhaus accepts manual delisting requests, but only after issues have been fixed.

Tips for staying off this list

  • Conduct a regular security scan of systems.
  • Monitor for increased spam reports from a mail server.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request