methodology / Security & Infrastructure / #29
Spam / phishing blocklist presence
#29 · Required · Web Standards · functional · Security & Infrastructure · weight 2% · impl implemented · method v1.2.0
Web Standards item — Functional
This factor is part of Web Standards — the table-stakes binary layer of the score. It is graded pass/fail and gates the Web Quality score; it is not weighted into Web Quality itself.
- Pass criteria
- Strict — passes only on pass.
- Web Standards label
- Not on safe-browsing blocklist
- Why it's required
- Listed by Google Safe Browsing or a major spam DBL means visitors are being warned away by their browser. Currently scored, but not a kill-switch — connector reliability under review.
What this means for your business
Anti-virus tools, email filters, and corporate firewalls share lists of domains tied to malware or scams. If yours lands on one — even by mistake — your emails go to spam and your site gets blocked at offices and schools.
Plain title: Your domain isn't on a spam blocklist
What we measure
If your domain is on a blocklist, your emails go to spam and your site triggers warnings in Chrome and Safari. We check the major lists.
How to improve your score
Investigate why you're listed (compromised site, hosting on a bad-rep IP, etc.), fix the underlying issue, request delisting through each blocklist's appeal process.
Implementation
stale · v1 · seeded — no connector publish yet · source: freshcoat-discovery/src/connectors/dns-email-security.ts:scoreBlocklist
Detection method
Cloudflare DoH A query for <domain>.dbl.spamhaus.org. NXDOMAIN = clean. Real listings (127.0.1.[2-49]) = listed. CRITICAL: 127.255.255.[252-255] are Spamhaus POLICY codes (rate-limited, public-resolver-refused) — NOT a positive listing. Returns null on policy refusal so we don't penalise on infrastructure grounds.
Detection sources
- Spamhaus DBL via Cloudflare DoH
Scoring bands · strict ladder
| Score | Condition |
|---|---|
| 100 | NXDOMAIN — clean |
| 0 | answer in 127.0.1.[2-49] range — real blocklist hit |
| n/a | answer in 127.255.255.x — Spamhaus refused our query (open-resolver policy); we don't know |
Evidence-key dictionary
What every notes string the connector emits means.
Surfaces in the per-domain dossier evidence column.
clean- NXDOMAIN — domain is not on Spamhaus DBL.
spamhaus_dbl_listed- Real blocklist hit; A record in the actual-listing range.
dbl_query_refused- Spamhaus refused our query (we use Cloudflare DoH which is an 'open resolver' from their perspective). Returns null — we don't know.
Applicability
Required. Critical fix Apr 28: previously every site was being false-listed because the connector treated ANY 127.x.x.x response as positive. The 127.255.255.x policy codes are now correctly distinguished.
Changelog
- 2026-04-29 · seed Initial seed from MethodologyRegistry bootstrap.
Facts
Scoring
Scoring formulas are versioned with the methodology. The current method (v1.2.0) maps raw measurements to pass, warn, fail. Factor weights determine how much each contributes to the composite — see the methodology index for the full table.
Version history
| Version | Change | Date |
|---|---|---|
| v1.2.0 | Factor introduced. Status: live. Scoring impl: implemented. | 2026-04-25 |