How to Use

The Spamhaus whitelists are realtime DNS zones designed primarily for use by internet mail systems. The whitelists are published by spamhaus.org as two separate and distinct zones, the SWL and the DWL, designed for use at different points in your email filtering.

See the Whitelist Technical FAQs for additional information on setups.

The Spamhaus White List (SWL) comprises two datasets in a single zone: an IPv4 whitelist and an IPv6 whitelist (therefore the SWL responds to queries in either IPv4 or IPv6 format). Mail servers query the SWL in the same way as Spamhaus’s DNSBLs are queried, a standard SWL DNS query looks like this:

2.0.0.127.swl.spamhaus.org

The answer in this case would be:
2.0.0.127.swl.spamhaus.org. 3600 IN A 127.0.2.2
2.0.0.127.swl.spamhaus.org. 3600 IN TXT “https://www.spamhauswhitelist.com/query/127.0.0.2”

Recommended Setup

Spamhaus recommends that mail servers apply the SWL IP Whitelist in front of and therefore before any blocklist or other spam filter checks. As a whitelisted IP or domain can not concurrently be in both the whitelist and in a Spamhaus Project blocklist, and senders vetted to the Spamhaus Whitelist are extremely unlikely to transmit spam, there is no reason to put any type of spam filter either in front of or after the whitelist, in fact doing so undermines the purpose and usefulness of the whitelist.

The Domain White List (DWL) contains domains (such as ebay.com, expedia.com, etc.) and is a vouch-by-reference (VBR) domain whitelist designed to automate DKIM certification. See: http://en.wikipedia.org/wiki/Vouch_by_Reference and in particular RFC 5518 for implementation. A mail system sending mail with DKIM signatures in the DWL should include a VBR-Info: header line to encourage recipients to check the DWL, such as

VBR-Info: md=<domain>; mv=dwl.spamhaus.org; mc=transaction; (for transactional mail)
VBR-Info: md=<domain>; mv=dwl.spamhaus.org; mc=all;       (for individual mail)

The DWL is queried in this format:

<domain>._vouch.dwl.spamhaus.org

Where “<domain>” is the domain you want to look up. For example, the query:
dwltest.com._vouch.dwl.spamhaus.org

Returns the answer:
dwltest.com._vouch.dwl.spamhaus.org. 1H IN A 127.0.2.12
dwltest.com._vouch.dwl.spamhaus.org. 1H IN TXT “all”

Recommended Setup

The Domain White List (DWL) is designed to be used in conjunction with DKIM checking on the receiving server. After the receiving server checks the messages’s DKIM signature, it should then check the DKIM signing domain against the DWL.

A positive return from the DWL should cause all spam filters and content filters to be bypassed. If there is no return from the DWL, the message should proceed as normal through the spam filters and content filters.

Whitelist Usage Terms

The Spamhaus Whitelist DNS zones are published by the Spamhaus Project and are subject to the Spamhaus Project’s standard Usage Terms for use of the Spamhaus DNSBLs/DNSWLs.

Use of the Spamhaus Whitelists is free of charge for users who qualify for free use of the Spamhaus Project’s public servers (See: Spamhaus Usage Terms). Large, high-traffic or commercial users are required to obtain a Spamhaus Datafeed contract (if you are an existing Spamhaus Datafeed customer you automatically have access to the Spamhaus Whitelists in your Datafeed at no extra cost. Log in to your Datafeed Account Area for more information).