Real-time spam intelligence platform powered by CentralMail.co.uk. Live threat map, honeypot network monitoring thousands of domains, blacklists updated every 15 minutes. Professional spam protection with instant IP/domain blocking.
* All prices include UK VAT at 20% • Cancel anytime • No setup fees • Instant activation
Central Mail Blacklist is a real-time spam threat intelligence platform operated by CentralMail.co.uk for just £1 per month. Our sophisticated honeypot network spans thousands of monitored domains, capturing and analyzing spam attempts in real-time from sources worldwide. Unlike static blacklists updated daily or weekly, our multi-vector detection system provides blacklist updates every 15 minutes, ensuring maximum protection against emerging threats. The platform includes direct honeypot monitoring across unused domains configured as spam traps, open relay detection simulating vulnerable mail servers to catch exploitation attempts, and production mail analysis from real-world email security appliances. All intelligence feeds into a live threat map showing geographic origins and attack patterns. Perfect for mail server administrators, hosting providers, security professionals, and anyone requiring cutting-edge spam protection with instant threat identification and blocking.
Blacklists update every 15 minutes for maximum protection. New spam sources are identified and blocked within minutes of first detection, not hours or days like traditional lists.
Interactive geographic visualization showing real-time spam origins worldwide. Watch attacks as they happen with country-level threat correlation and attack pattern analysis.
Thousands of monitored domains acting as spam traps. Unused domains configured to attract and catalog unsolicited communications from spammers worldwide.
Simulated open relay services capture spammers attempting to exploit mail servers for unauthorized relay. Identifies abuse attempts instantly.
Real-time feed from production email security appliances forwarding all detected spam for comprehensive analysis and immediate blacklist addition.
IP geolocation tracking identifies spam origins by country. Threat correlation shows which regions produce the most attacks and emerging patterns.
Automated threat level assessment based on spam frequency, domain patterns, attack vectors, and historical behavior. Multi-dimensional threat scoring.
Distributed in formats for seamless integration: Postfix, SpamAssassin, raw IP lists, domain lists, consolidated daily lists. Ready-to-use configurations provided.
Powered by CentralMail.co.uk spam intelligence platform
| Feature | Specification |
|---|---|
| Update Frequency | Every 15 minutes (real-time streaming + scheduled consolidation) |
| Daily Consolidated List | 132,360+ IPs updated at 0200 UTC daily |
| Real-Time Stream | 996+ IPs in honeypot stream (continuously updated) |
| Blocked Domains | 706+ malicious domains identified |
| Honeypot Network | Thousands of monitored domains worldwide |
| Detection Methods | Honeypots, open relay traps, production mail analysis |
| Geographic Tracking | IP geolocation with country-level threat correlation |
| Threat Levels | Critical, High, Medium, Low classification |
| Live Threat Map | Real-time visualization at centralmail.co.uk |
| Dashboard Refresh | Auto-refresh every 60 seconds |
| Attack Analytics | 24-hour activity analysis, peak hour tracking, trends |
| Response Time | Zero latency - threats flagged within seconds |
| Data Sources | Honeypots (682), Relay attempts (548), EFA production feed |
| AbuseIPDB Integration | Contributing data to global abuse database |
| IP List Format | Plain text, one IP per line, HTTP accessible |
| Domain List Format | Plain text, one domain per line |
| Postfix Integration | Pre-formatted postfix-centralmail.txt with hash format |
| SpamAssassin Integration | Domain list formatted for blacklist_from rules |
| Automated Updates | Cron job recommended every 15 minutes |
| IP Status Check | Web interface to verify if your IP is blacklisted |
| API Access | HTTP downloads, automated retrieval supported |
| Platform Compatibility | All mail servers supporting DNSBL/RBL integration |
| Data Retention | Historical threat data maintained |
| False Positive Rate | Extremely low - verified spam sources only |
| Support | 24/7 technical support for integration |
We operate thousands of unused domains specifically configured as spam traps. These domains receive no legitimate mail, so any attempt to send email to them is definitively spam. When spammers send to these honeypot addresses, their IPs are immediately logged, analyzed, and added to our real-time blacklist stream. This provides instant identification of new spam sources before they can harm production mail servers.
Our platform simulates open relay mail servers - a common target for spammers who search for vulnerable servers to relay their spam. When spammers attempt to exploit these "open relays," we capture their IPs, relay targets, and attack patterns. This identifies both spam sources and the domains they're trying to reach, providing comprehensive threat intelligence.
Real production email security appliances (EFA) forward all spam they detect directly to our analysis system. This provides insight into attacks against real mail infrastructure, capturing spam that targets actual users. The combination of honeypots, relay traps, and production feeds creates multi-vector detection that identifies threats from multiple angles.
Every captured spam source is geolocated to determine country of origin. Our live threat map visualizes attacks geographically in real-time, showing which countries are producing the most spam, emerging threat patterns, and attack intensity by region. This geographic intelligence helps identify coordinated campaigns and regional spam operations.
Unlike traditional blacklists updated daily, our honeypot and relay trap data streams in real-time with zero latency. New threats are flagged within seconds of detection. For operational consistency, we also consolidate all sources into master lists updated at 0200 UTC daily. You can choose between 15-minute automated updates (recommended) or daily updates depending on your needs.
Sophisticated algorithms analyze each spam source across multiple dimensions: attack frequency, number of targeted domains, historical patterns, geographic correlation, and behavioral indicators. Threats are automatically classified as Critical, High, Medium, or Low severity. This intelligent scoring helps prioritize response to the most dangerous sources.
1. Download pre-formatted list: wget http://blacklist.centralmail.co.uk/postfix-centralmail.txt -O /etc/postfix/centralmail_blacklist
2. Add to main.cf: smtpd_client_restrictions = check_client_access hash:/etc/postfix/centralmail_blacklist
3. Hash and reload: postmap /etc/postfix/centralmail_blacklist && postfix reload
1. Download domain list: wget http://blacklist.centralmail.co.uk/domains.txt
2. Add to local.cf: blacklist_from *@domain.com (for each domain)
3. Restart SpamAssassin service
Set up cron job to download lists every 15 minutes for maximum protection:
*/15 * * * * wget http://blacklist.centralmail.co.uk/ips.txt -O /etc/mail/blacklist.txt && postmap /etc/mail/blacklist.txt && postfix reload
Join the fight against spam with live threat intelligence
No contracts • Cancel anytime • Updates every 15 minutes