Impressionwise Email Verification and Spam Trap Removal

Threat Intelligence Center

Blacklist Profiles\SURBL URI Reputation Data

SURBLs contain web sites that appear in unsolicited messages. They can be used with programs that can check message body web sites against SURBLs, such as SpamAssassin 3 and others mentioned on the links page.

Here's an overview of the lists and their data sources.

  • ABUSE - spam and abuse sites ? jwSpamSpy + Prolocation sites
  • sa-blacklist web sites
  • SpamCop web sites
  • AbuseButler web sites
  • PH - Phishing sites
  • MW - Malware sites
  • CR - Cracked sites
  • - Combined SURBL list

      Blacklist Zone(s)

      Blacklist type

      URIBL: A URI dnsbl is simply an anti-spam “black list” delivered via DNS which consists of domain names and IP addresses which are found in the body of the message. Specifically, there are the domains and IP addresses which spammers use to host their web sites.

      RBL: A RBL dnsbl is simply an anti-spam “black list” delivered via DNS which consists of IP addresses which are found in the body of the message. Specifically, there are the domains and IP addresses which spammers use to host their web sites.

      Threat level/ delivery impact

      Brand/ Network Resource/ Deliverability Harm - If your firm is impacted by threats shown below, you need to take immediate action as a laundry list of negative outcomes have potentially already begun ranging from significant deliverability issues to service termination from your ESP or ISP. If ignored, your brand reputation could be permanently tarnished and easily become associated in some circles with known spam organizations such as SpamHaus’s ROKSO or other similar blacklists.

      Network Resource/ Deliverability Impact - Below are threats that could cause some significant delivery and reputational issues. At worst, you will experience continued delivery impacts and may be forced to purchase new sending domain and IP resources in order to achieve optimal deliverability.

      Impacted Delivery - The following threats will result in temporal delivery issues, diminishing your campaign's outreach and effectiveness. Prolonged sending of these threats may result in longer lasting temporary blocks leading to eventual permanent blocking of your emails. There is minimal overall brand and sending resource reputational harm from these items


      Automatic (upon receipt of a spam to a spamtrap mailbox), with extensive whitelists and filtering to prevent false positives.

      Listing lifetime

      Typically Permanent. Very hard to get removed.


      ABUSE - spam and other abuse sites.

      This list contains mainly general spam sites (pills, dating, etc). It combines data from the formerly separate JP, WS, SC and AB lists.

      jwSpamSpy + Prolocation sites

      Joe Wein's jwSpamSpy program along with systems operated by Raymond Dijkxhoorn and his colleagues at Prolocation provide JP data. The resulting list has a very good detection rate and a very low false positive rate.

      sa-blacklist web sites

      WS started off with records from Bill Stearns' SpamAssassin ruleset sa-blacklist but nowadays holds data from many different data sources.

      SpamCop web sites.

      SC contains message-body web sites processed from SpamCop URI reports, also known as ""spamvertised"" web sites. The reports are not used directly, but are subject to extensive processing. Entries in SC expire automatically several days after the SpamCop reports decrease.

      Note that this list is not the same as, which is a list of mail sender IP addresses.

      AbuseButler web sites.

      AbuseButler is kindly providing its Spamvertised Sites which have been most often reported over the past 7 days. The philosophy and data processing methods are similar to the SC data, and the results are similar, but not identical. Data sources for AbuseButler include SpamCop and native AbuseButler reporting.

      PH - Phishing sites.

      Phishing data from multiple sources is included in the PH Phishing data source. Phishing data was first provided by MailSecurity, later joined by PhishTank data, OITC phishing data, PhishLabs data and several other sources.

      MW - Malware sites.

      This list contains data from multiple sources that cover sites hosting malware. This includes OITC, The DNS blackhole malicious site data from and Malware Domain List. Some cracked hosts are also included in MW since many cracked sites also have malware. Note that the above is only a sampling of many different malware data sources in MW.

      CR - Cracked sites.

      This list contains data from multiple sources that cover cracked sites. Criminals steal credentials or abuse vulnerabilities in CMS such as Wordpress or Joomla to break into websites and add malicious content. Often cracked pages will redirect to spam sites or to other cracked sites. Cracked sites usually still contain the original legitimate content and may still be mentioned in legitimate emails, besides the malicious pages referenced in spam.

      Delisting guidance

      To request removal from a SURBL list, please start with the the SURBL Lookup page ( and follow the instructions on the removal form.

      About Impressionwise

      Impressionwise is a firm that provides professional real-time email verification, validation, and list cleaning services. Our core belief is that in order to have a successful email campaign, a company must send only a clean, well maintained email list. Our cleansing methodology is focused on the health of your sending network resources. The cleaner the domain and IP the better the delivery. Specifically helping email marketers validate and remove threat based email elements such as spam traps to ensure you are maximizing your lists' potential resulting in a higher level of engagement with your recipients. Our services allow you eliminate hard bounces and thus avoid being banned by your email service provider. Having been around for the past decade, Impressionwise’s longevity and industry experience have allowed us to amass the industry’s largest set of email list cleaning resources with the most flexible service options resulting in the highest level of actionable insight.

The recognized authority in email verification
and list cleaning services

Impressionwise makes it easy for potential clients to evaluate our list cleaning services by offering a complimentary scan and report for a sample set of your data to illustrate the benefits of our services.

Try it Now

Experience the difference for yourself. Try our free list analysis!
Your online reputation should not be a game of risk versus reward. Give me a chance to help set you apart from the competition...
Get protected against a wide range of email-based threats. Let me explain to you how...
Experience unparalleled insight into your data. Click on chat so we can guide you through our industry leading report...
On the go? So are we. With Impressionwise, you always have instant access to your data at your fingertips. Let’ chat so I can showcase...
Whether you are interested in real time or batch cleansing, our flexible service will suit your needs. Questions, I can help...
Still not convinced? Let’s discuss or opt for a free trial and see why we are the leading email hygiene company in the industry.
Don’t put your resources at risk. Let Impressionwise protect your reputation and enhance your campaign outreaches. Click chat to continue this discussion...
Getting started is as easy as 1,2,3. Create your account today and see why so many others trust Impressionwise. Still not convinced, let’s chat...