The Spamhaus Project
BETA

FAQs

  • No, you do not need to create an account to make a submission. You can submit malicious activity as a guest, but you will need to provide an email address for the submission to be successful.

    Please note, that if you would like to track your submission, you will be need to create an account.

  • To create an account, click ‘Log in’ at the top right of the homepage or scroll down and select ‘Create an Account’.

    To register, sign in using one of the following for authentication:

    • LinkedIn
    • Github
    • Google

    Click the ‘confirm email’ button in the verification email to complete your registration.

  • If you would like to make multiple submissions, then please use the API, which can be found here once you’ve authenticated.

  • For any questions or feedback relating to the Threat Intel Community Portal, please complete this contact form.

  • Yes, you can. We have included the ability to update/change your email address via the account page. Please note that you will be required to verify a new email address.

  • To register for a Threat Intel Community account, you will need to use one of the following applications for authentication:

    • LinkedIn
    • Github
    • Google
  • In addition to our website terms and conditions, the following apply to those making submissions.

    Do send us

    Domains/FQDNs/URLs/email source data

    Submissions need to be:

    • Based on personal observations of your own network or resources
    • Observed from open sources.
    • Data that’s justified, necessary, and proportionate for the purpose (See Data Minimization)
    • Made in good faith to make the internet safer in accordance with our Mission Statement (see below)

    Any domain, URL, IP etc submitted is not automatically listed in Spamhaus data sets.

    Submissions are run through our own heuristics to see if they meet the criteria for listing. This is necessary as we have to stand by our data and make valid remediation for any listing.

    By making a submission you confirm that you have the authorization to possess and share that data.

    We never reveal the sources of our data in our data sets.

    Do not send us

    • Data that has been obtained or exfiltrated illegally
    • Data containing proprietary information you wish to keep confidential
    • Information received from other people which cannot be substantiated or speculation about actors’ activities
    • Information that you are not authorized to disclose
    • Illegal content – Do not make any submission which might relate to child abuse or sexual exploitation of any sort. Contact law enforcement in your own country to handle the issue.

    Sensitive Personal Information – If you are concerned that your submission contains Sensitive Personal Information (SPI) then don’t send it. (See Definitions below)

    If we detect that submissions don’t meet Community Standards then we reserve the right to deny access to the platform.

    Use of the Community Portal is for contributors acting in good faith to make the internet safer.

    If Spamhaus detects malicious or abusive use of the portal in any way, we reserve the right to revoke a contributor’s access to the API and block any other submissions immediately.

    Submissions that we believe have been made in bad faith to discredit individuals, organizations or disrupt lawful activities will be blocked and access to the platform will be denied.

    Sending data to Spamhaus confers no right to use the Spamhaus name by the submitter as a partner of Spamhaus, authorized by Spamhaus or any other association, unless agreed prior in writing.

    There is no monetary reward or equivalent for any submission

    Definitions

    Mission Statement

    The mission of this community portal is to provide a platform for the sharing of threat information for the security and stability of the Internet, based on observation and publicly available information.

    OSINT

    Open-Source Intelligence (OSINT) is information sourced from ether observed or available to all members of the public, that has been collected, verified, and evaluated for a specific requirement. Such sources include information available to the general public, including by purchase, without requiring special legal status.

    Sensitive Personal Information

    • Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs
    • Trade-union membership
    • Genetic data, biometric data processed solely to identify a human being
    • Health-related data
    • Data concerning a person’s sex life or sexual orientation
    • Criminal record information that does not have to be legally disclosed such as ‘spent’ convictions.

    Data Minimization

    Information should only be collected and processed if it is;

    1. Justified for an articulable purpose
    2. Necessary for achieving that purpose
    3. Proportional to the ability to achieve that purpose
  • There are a couple of reasons we include an email in addition to the three methods of authentication:

    1. So you can easily change the email address associated with your (Spamhaus) account. But please note that you’ll need to verify the updated email address before making submissions.
    2. Not all of the authentication platforms provide us with confirmation that your email address is verified. Where this is the case, we require you to verify your email address in addition to the authentication method.