Status:  Production
IPv4, IPv6

Cloud DNS:  <key>
Rsync File
:  lists/

Return Codes:
Test Points
:,, ::FFFF:7F00:2, ::FFFF:7F00:4

Listing duration:  Approximately 5.2 days from when traffic was last seen 


This list is built by observing the behaviour of hosts connecting to our traps and partners mail services.

It contains any IP address we observe that behaves in certain ways that a genuine SMTP client never would, so any IPs found on this list will either be compromised, botnet/virus infected, proxies, VPNs, TOR exit nodes or IPs that are NAT'ing for these hosts.

This list can also be safely used to check each "Received" header hop found within a message.

Example query:

$ host<key><key> has address

Did this answer your question?