Spammer listings within the last 7 days:
Level 1: 766174 IP's, Level 2: 9999 Allocations, Level 3: 305 ASN's. Last Updated: 28.07.2014 07:51 CEST
Realtime Outbreakmonitor
The Project
Blacklist Policy
Help for ISPs
Marketing Tips
How to use
Removal Policy
Contact us
Please donate
Query Database
Our Products


Q1 : How do spammers get my email address?

A1: They run modified search engines, so called “harvesters” on the web, which index everything before and after the @ sign.

Q2: What can I do to protect my email address?

A2: First, your email address should never be listed on any website, otherwise harvesters will find it and spammers will abuse it.

If you want to receive emails from visitors to your website, you should always use a contact form for this.

There is no logical reason why people unknown to you should have knowledge of your real email address. The only people contacting you via your website should be potential clients wanting to purchase your product or service.

If you are posting to newsgroups, you should consider not using your official email address, but using free web mail services (e.g. YAHOO) for this instead.

Most of these free web mail services have advanced spam filters, and are very good at sorting spam into a “junk” folder. Should your free web mail address become unusable due to high volumes of spam, you can simply close it and open a new one.

Q3: What can I do against harvesters?

A3: If you are a true BOFH :-) you may like to feed them with spam traps in order to poison spammer’s databases.

Spam traps are real but invalid addresses under your domain or at nirvana.admins.ws.

Please do NOT construct spam trap email addresses on domains that you think may not exist, things change quickly and an innocent person could suffer from it. Spam trapping only makes sense if you have the technique to register attempts of sending email to your spam traps for automatically blacklisting the sender’s IP address.

The commercial UCEPROTECT® products can do this and many other cool things for you.

Q4: I only have a website but no server what can I do?

A4: You can hide our spam traps in [e.g. the header] your web pages. This is invisible to your visitors, but will be found by the spambots / email harvesters :-) Another cool thing to hide our spamtraps on your website is to use white letters on a white background or link invisibly to them by hiding a link under a graphic element, which a reasonable human would never click on .... :-)

Q5: Ok sounds nice, so what are the traps at admins.ws ?

A5: If we tell you here, the spammers would simply exclude them from their databases and then they would no longer be effective. To give you a hint: Use a combination of numbers, letters and underscores, and use @nirvana.admins.ws as the domain so your spam trap might look like this: 1-a_2b3blablaba@nirvana.admins.ws . On our system EVERY INVALID ADDRESS IS A SPAMTRAP, so be creative :-)

Q6: May I forward spam to you or your traps ?

A6: NEVER forward spam here! Your IP address will become blacklisted that way.

Q7: I own a domain that I am actually not using so can I do anything to help the project?

A7: Yes and you are very welcome to do so.

We hope it will take a while before the last spammer realises that addresses at admins.ws are mostly traps and therefore they will not send email to any address @admins.ws, but we are sure that day will come ... :-( Therefore it is necessary that many domains join our barbecue :-) and help trap spammers too.

If you have a domain which actually shows an "UNDER CONSTRUCTION" then there is an easy way for you to get it excluded from spammers today for the future ....

Simply ask your ISP to change your MX-Record to: nirvana.admins.ws in the DNS.
Please note: All other existing MX-Records must be removed. If you ignore this warning, you might blacklist your own server!!!
As soon as nirvana.admins.ws is the only existing MX-record, insert SPAMTRAPS (email addresses @ your domain that you are sure you never will use) in your "UNDER CONSTRUCTION" web page, and enjoy :-) All email sent to your domain will then be routed to nirvana.admins.ws, which blacklists (if conditions from our policy match) every IP address sending mail to it :-)

There is one thing you have to know about this: As long as your MX-Record points to nirvana.admins.ws, you cannot receive any email for your domain!!! As soon as you need to use your domain, simply change your MX-Record back to your email server / ISP smart host. If your domain was a spamtrap for a reasonable length of time, spammers may figure out that your domain is trapping them and put it on their exclude-list, so you have an excellent chance not to get spammed in the future :-)

Q8: I run a mail server on Linux, FreeBSD, NetBSD or OpenBSD, what can I do?

A8: The best thing you can do is to buy the UCEPROTECT® software , because it enables you to set very complex rule sets, automatically trap spammers, automatically whitelist your friends and customers and much more .... Even if you don’t buy the UCEPROTECT® software you can at least use our global BLACKLIST, free of charge. It requires that you run a Postfix or Sendmail or any other software capable to use blacklists on your server. Since our list is automatically updated as soon as a loser sends his spam to our system, you should check for updates at least 4 times per day.

Q9: Why do you no longer offer your blacklists as Postfix / Sendmail access tables ?

A9: UCEPROTECT blocklists reached sizes where it takes minutes to load them as access tables even on newest hardware.
Therfore the access format became obsolete and will no longer be offered after 01.01.2010.
Please use our lists DNS based or use RBLDNSD and RSYNC.

Q10: Why do you no longer offer download via HTTP (WGET)?
A10: Because it is a great waste of bandwith and traffic.
Please use our lists DNS based or use RBLDNSD and RSYNC.

Q11: Why do you no longer offer the QMAIL Format?
A11: Because almost noone is using QMAIL any longer and the traffic to spread it to all our mirrors is meanwhile in no relation to the the traffic used by those rare users that still download the QMAIL format.
Please use our lists DNS based or use RBLDNSD and RSYNC.

Q12: Can I also use UCEPROTECT-Blacklists DNS-based or with RBLDNSD?

A12: Yes, if you really can’t use the RSYNC method for technical reasons, your system can do querys against our public DNSBL-zones.

Actually there are 4 zones available:

dnsbl-1.uceprotect.net (UCEPROTECT-Level 1)
dnsbl-2.uceprotect.net (UCEPROTECT-Level 2)
dnsbl-3.uceprotect.net (UCEPROTECT-Level 3)
ips.backscatterer.org (Blacklist contents Backscatterer and sender callout abusers)

For details how to implement the DNS-Queries to your software see your vendor’s manual.

If you are a large organisation or an internet service provider, we recommend you download the DNSBL-Zones with RSYNC in RBLDNSD format and this way run our DNSBL-zones in your datacenter for better performance.

Q13: How will I be informed on changes?

A13: Visit this website at least once per month and you will always be up to date. We also post interesting news to NANAB [usenet, news.admin.net-abuse.blocklisting]

Q14: Why should I also donate to the project?

A14: Please read this it is self-explanatory.

Q15: Who is UCEPROTECT-Orga?

A15: An anonymous circle of well-known people, companies and authorities that are committed to stop all spam on this planet.

Q16: How can one join the UCEPROTECT-Orga?

A16: One can not. The Orga elects potential new members and invites them to join.

Q17: Why don’t you say who you are?

A17: Spammers are criminal gangs. In 2004 and since, many other blacklists stopped after they were threatened or attacked.
We also got a package from Ukraine with a dead rat inside and a message: "You are next!"
For security reasons we moved to a new location and have chosen to continue our war against spammers.
Art 34 Abs 5 BayMeldeG (Bavarian Law) grants that only national authorities can find out about us.

Q18: What am i allowed to do with your blocklists?

A18: Whatever you want, as long as you don't violate the license.

For Details of the License see here.

We recommend that if by participation of the UCEPROTECT lists a rejection of mail takes place, it would be a good idea that either the original error message (DNS TXT-RECORD) or alternatively a link on a web page is displayed, which points the sender of a blocked mail to http://www.uceprotect.net/rblcheck.php?ipr=X where X is a placeholder for the IP of the rejected system.
If your product uses multiple blacklists, and the rejection of an email was caused by several lists, feel free to link to our multi blacklist lookup tool instead, which can be found at: http://www.blacklistalert.org/?q=Y (Where Y can be a Domain or IP)

Doing so will help listees to figure out what's the problem and how to fix it.

Q19: Why does express de-listing cost money?

A19: The short answer: Because employees do not work for free.
The detailed answer is:
The 7-day de-listing service is automatic whereas we have to manually “express” de-list.
Since you did not offer to work 24/7 free of charge for us, we had to employ external operators for the expedited expressdelistings.
The manual process involves such an extra employee being notified by SMS as soon as someone makes a payment. This person then connects via VPN to the Admin interface and removes the corresponding record from the blacklist.
This service is available 24/7.
Most people also have no idea what it costs to run a global project as UCEPROTECT-Network.
You need *BIG* bandwith and *LOTS* of servers and *LOTS* of traffic and *MANY* highly motivated and qualified people.
We could also change to a subscription model as others did, but it seems illogical to charge our users for abusive actions of listees.
So it is more than fair that listees should make a contribution when they need to be express de-listed since our costs will have increased.
In reality, we should be charging 6 or 7 times the express de-list fee in order to completely cover out costs.

© Copyright 2001-2014 by UCEPROTECT-Orga - All Rights reserved ! DISCLAIMER