AHBL Shutdown Causes Spam False Positives and Email Delivery Problems

Some of you may have come across some email delivery or internet access issues since ringing in the new year. What you may not be aware of is that the publisher of the Abusive Hosts Block List (AHBL) DNS block list announced that would be shutting down their lists back in April 2014. The publisher gave a warning stating that DNS block list will return positive as of 01 January 2015. Yep.. thats a few days ago.

So what does that mean? Every domain on the Internet will return positive for abuse by this DNS block list. Seriously – look!

DNS Block List: gmail.com

DNS Block List: gmail.com

DNS Block List: gmail.com

DNS Block List: gmail.com

If your email users send a message to another organization that is using AHBL it will be rejected with a non-delivery report (NDR) similar to this:

Diagnostic information for administrators:

Generating server: SIXPR06MB400.apcprd06.prod.outlook.com
Remote Server returned '550 blacklisted at dnsbl.ahbl.org'

So what do you need to do?

A lot of the platforms that use these lists have already removed the lists as part of their product updates.

If you are like me and a bit paranoid of these things, you should double-check your security filtering platforms that may be utilizing DNS block lists – including firewalls, proxy servers, message hygiene appliances. Below are the affected DNS block lists that should be removed ASAP.

  • rhsbl.ahbl.org
  • dnsbl.ahbl.org
  • ircbl.ahbl.org

More information can be found here: