Apache SpamAssassin PMC Policy for DNSBL Inclusion


To produce an objective policy for the inclusion of DNS-Blocklists (DNSBLs) including free, commercial and semi-commercial services that promotes the ability to include more tests in a manner that is fair to the community and the service provider.

Criteria for All DNSBL Services:

All services, including free, commercial or semi-commercial services must meet these criteria for default inclusion in Apache SpamAssassin's rules:

Criteria for Semi-Commercial aka “Free for Some” DNSBL Services:

Semi-commercial services aka "Free for Some" must meet these additional criteria for default inclusion in Apache SpamAssassin's rules:

Criteria for Commercial DNSBL Services:

Services that are completely commercial are not eligible to be enabled by default but can be included for administrator configuration on a case-by-case basis. We encourage you to consider implementing a “Free for Some” DNSBL service to support the anti-spam community.


This policy is subject to change by the Apache Software Foundation SpamAssassin Project Management Committee. We welcome community input.

DNSBLs can be removed or added for reasons not covered in this policy but this policy should: a) form the basis of any discussion on such matters; and b) be updated to account for the decision in a uniform manner.

There is no guarantee a DNSBLs accepted for default configuration rules will remain in the default configuration rules for any period of time.

Services that are administered by or on behalf of the Apache Software Foundation and its projects are exempt from this policy.

Items not Covered by this Policy:

This policy currently only covers DNSBLs. It does not cover network-based anti-spam tests such as Vipul’s Razor, Pyzor or the Distributed Checksum Clearinghouses (DCC).

All three of these tests are not suitable to have their rules enabled by default because they require administrator configuration, system registration and software installation. However, support for all three is included with Apache SpamAssassin for easier administrator configuration.

Should these or new tests have underlying technology and/or policy changes allowing them to be work in a default configuration; then this policy should be expanded to cover all network-based tests.

DnsBlocklistsInclusionPolicy (last edited 2012-01-18 23:38:38 by KevinMcGrail)