Spamhaus DNS Firewall

  • Home
  • Spamhaus DNS Firewall

Spamhaus DNS Firewall

Turn your DNS Caching Resolver into a tool to help protect your network from malware, ransomware, phishing, and more.   

A highly-effective, critical choke point against ongoing attacks.  Any user, protocol or application on the internet will use DNS.  DNS firewall applies Spamhaus’ leading threat intelligence feeds at the DNS Resolver level.  DNS Firewall, or ‘Response Policy Zone (RPZ)’, stops your connections to known bad domains on the internet.  

Protect your system and users with Spamhaus DNS Firewall:

  • Accurate, comprehensive data: Spamhaus researchers assess 3 millions domains and 1.5 million IPs daily to identified millions of malicious domains, phishing sites and malware files. 
  • Real-time updates: New listings are automatically added to coverage as soon as they are detected. 
  • Flexible coverage: Pick from 14 different feeds to best fit your organization’s needs.
Product Overview

Spamhaus DNS Firewall

DNS Firewall, or ‘Response Policy Zone (RPZ)’, adds protection to your system’s DNS requests by filtering dns request, and re-directing connections to known malicious sites.  The DNS Resolver will query the Spamhaus Servers to identify malicious domains.  If the domain queried if is listed on the RPZ feed, the DNS Resolver will ‘re-direct’ or block the request.  This layer of protection stops the user from connecting with known malicious site.

Customers are able to select from set of 14 different feeds that can be implemented in their DNS Firewall.  Flexible feed options allow customers to customize their level of protection for their risk tolerance. 

Key Features & Benefits

Customizable Coverage: Pick which of the 14 available feeds best fit your organization’s risk tolerance. 

Real-time Updates: DNS RPZ feeds are updated as soon as researchers observe a threat. New listings are added every 1-2 minutes.. 

Expertly Researched Data: Spamhaus has 23+ years of experience researching threat intelligence. Over 13.4 Billion global SMTP connections, 1.5 million IPs, 3 million domains analyzed daily.

Accurate, near-zero false positives: Proven and reliable solution. Spamhaus data feeds have 0.02% false positive rates, ensuring only malicious IPs / domains are being blocked.

Simple Integration: Available as a data feed in industry standard format. Integrate with open source DNS servers and DNS Appliances.

Affordable Option: Low cost solution that works with current hardware

Available as a Managed Service: In addition to an on-premise offering. Customers who don’t manage their DNS infrastructure, can used this managed service from Spamhaus.

Set and Forget” Product: No maintenance required after initial set up.  

Minimize Risk: Save on associated remediation costs and potential loss of reputation due to security incidents. Using a DNS Firewall can also help lower your cyber risk insurance premiums.



Spamhaus currently produces 14 granular zones. These zones / threat feeds provide more insight as to the type of abuse. Choose which feeds to include in their DNS Firewall to best fit your risk profile.

Standard Feeds
Highest Coverage Option

Edited Feeds
Subsets of standard feeds that contain only the worst reputation domains
Hacked Feeds
Essential Coverage Option

Bad Reputation Hosts

BotnetCC Hosts

Botnet Hosts

BotnetCC IPs

Phishing Hosts

Malware Hosts

Adware Hosts

Bad Nameserver IPs

Bad Nameserver Hosts


Domain Generated Algorithm


Tor Exit Nodes*

Porn Host*

DROP (“Don’t Route or Peer”)

*Free of charge* and included
in commercial service

Zero Reputation Domains

Premium feed available
for additional charge

* Coinblocker, Tor Exit Nodes, and Porn Host Feeds are researched and compiled by external datafeed partners.  These feeds can be accessed for free and are included in the Spamhaus DNS Firewall subscription. 

Start your free trial.

Design the best set of data feeds to meet your needs!

Experience improved cybersecurity and stop phishing emails, ransomware, malware, and other cyber threats. Sign up for your free consultation and receive an in-depth technical deep dive and a 30-day free trial.