List Description

This is a list of IP Addresses that have been detected as being the source of a trojan/bot attack specifically used to try and guess passwords, or similar technique by attempting to just 'authenticate' without really sending email. We suggest that it be used to protect your servers from these types of attacks, which can also contribute to large loads. However, this can occasionally happen even from normal email servers, if the server is compromised or seriously misconfigured, or shares an IP gateway with infected machines. Historically, these attacks typically have been seen from older windows installations.

List Specifications

Intended for more general attacks, rather than spam sources, these IP(s) are also often on the other SpamRats! lists as well.

Download / Install

You should not need to 'install' anything. Just ensure that your RBL Lookup tool is set to point to ''.


Feel free to remove any IP address from this list. Removal is done automatically.

Enter the IP Address you wish to remove:

Enter the characters you see in the image below: