FraudBL status

FraudBL is currently up and running and while we are typing this post, we are collecting spam from “phishing sites”. As we are counting, approximately 1200 hosts are flagged “phishing” in our database. In short, this database will get a zone update so we can start using it. What we are actually waiting for is and the last migration steps.

To be continued…

What FraudBL is

Den här sidan finns även översatt på svenska.

FraudBL is an open source DNS Blacklist server, a part of the more common DNS Blacklist. FraudBL stands for Fraud Blacklist. This site itself is a landing page for Tornevall Networks blacklisting services and the real site, where most of our information resides can be reached via Tornevall Networks portal (which is currently under construction). FraudBL is, what is: While blocks regular spam, proxies and webabuse, FraudBL explicitly blocks servers known of sending spam based on phishing or anything else that would cause any economic loss for the receiver.

The purpose of FraudBL is about stopping fraudalent/phishinglike e-mail sent from different servers, that looks like they are sent from banks and others. FraudBL uses a separate spamresolver with the suffix However, we are also using and hosts that is considered phishy/fraudalent are marked up with an extra TXT-entry.

To report fraudalent e-mail to us, send the mail content (important: with full header) to To extract a message header, you may see a few examples at how to do this (covers gmail, outlook/hotmail/thunderbird/etc). The goal with this, is to block the server sources of the sent mail, not the sender itself, so it’s actually the “Receved”-headers we are looking for primarilly.

Examples on where spoofed e-mail may come from:

  • Paypal
  • Skatteverket (Sweden)
  • Swedbank (Sweden)
  • Apple/itunes
  • Telia Sonera
  • Nordea (Sweden)
  • Bank of America
  • And many many more…

The site FraudBL is located in Sweden.