You Should Use Your Own DNS Server With Spamhaus

If you’re running your own small mail server it’s quite possible that you’ll want to make use of Spamhaus’ free DNSBL to reduce spam email. However, if you are using your web host’s DNS servers (which is the default) it’s likely that Spamhaus will not work because the DNS will have exceeded the free usage limit. Find out how to use your own DNS server and start using Spamhaus.


Spamhaus is a great organisation providing free DNSBL to small mail servers. Understandably, a usage limit applies to the free service. I discovered that configuring my mail server to use Spamhaus’ free DNSBL didn’t work because all of the other users on my web host’s DNS service had exhausted its free lookups.

False Positives

It took me while to figure out the reason why the DNSBL wasn’t working and I was still receiving spam from IPs listed at Spamhaus.

Checking the generic examples of and from the command line returned the expected responses:

dig +short

But checking a real IP that I knew to be listed on Spamhaus did not return a response:

dig +short
// No response

Turn Your DNS On

So I installed BIND:

sudo apt-get install bind9

and specified the local DNS server for the query:

dig +short @

Lo and behold I got the response that I was expecting. Therefore you must use your own DNS server rather than your web host’s.

Setting Up Your DNS Service

Assuming you have an Ububtu or Debian-based flavour of Linux:

  1. Ensure that DNS software such as BIND is running
  2. Edit /etc/resolve.conf and add nameserver at the top, leaving your existing entries below as fallbacks
  3. Restart the network service: sudo /etc/init.d/networking restart
  4. Now test again on a known listed IP address
dig +short

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *