Spamhaus to release beefed up anti-spam codes

The international anti-spam organization Spamhaus Project announced that it will soon publish two new data feeds meant to better protect computer users from spam as well as botnets and other malware.

In a recent blog, the organization said the two data sets will make Spamhaus’ Domain Block List (DBL) database more effective and give it the ability for a near-zero false positive malware detection rate. DBL is a constantly updated database of spammy domains. The DBL data feed can be incorporated into mail server software which scans messages for blacklisted domains.

Learn more about CASL – view our Canadian Anti-SPAM Legislation Workshop Webcast

The organization said it will begin pushing the new DBL return codes to its DNSBL (domain names system blockhole list) mirrors and data feeds on July 1st.

“Spamhaus engineers have been busy developing new data for the Spamhaus Domain Block List (DBL) during the past several months,” the Spamhaus blog said. “Our efforts have produced several specialized subsets of the DBL data set which will provide Spamhaus DBL users with better protection against spam as well as against other cyber threats (bots and malware) which are targeting ordinary internet users every day. This new data makes DBL more effective and versatile yet maintains DBL’s goal for near zero false positives and widespread usability in production environments.”

Spamhaus was founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford for an Internet service provider, or other firm, which spams or knowingly provides service to spammers.

The first data set will address domains related to malware. The data will be similar to maware IP addresses already found in the Spamhaus Botnet Controller List (BCL). However, the new data set will focus on domain names.

Domains in the new list are “involved in spreading malware (“droppers”) or controlling botnets (“command and control” a/k/a C&C, C2).”

Spamhaus said users contacting these domains may either get infected or may already be infected with malicious software. The organization hopes that by deploying this subset of the DBL it may be possible to prevent users from becoming infected “or to find users that are already infected.”

The second data set concerns domain hosting Web sites that have been compromised or abused by spammers. Spammers typically load files onto compromised Web servers or content management systems to redirect a visitor’s browser to the spammer’s Web site. The URLs of those redirection files are sent out in spam messages.

Once a web server or CMS is compromised, spammers place a file on that website to redirect visitor’s browsers to the spammer’s website. The URL to those redirection files is then sent out in spam.

Administrators can take advantage of this new DBL data by carefully using the return codes for each distinct data set.

For more information on how to use the DBL data, click here

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Nestor Arellano
Nestor Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.