Abusix nod List (Newly Observed Domains)

The Abusix NOD list is an informational blocklist tracking new domains for email scoring, not a blacklist of malicious activity.

Updated on 17 Jun 2026: We updated this guide to clarify how Abusix NOD listings should be interpreted and handled.

Summarize with

Check if you are listed on Abusix nod List (Newly Observed Domains)

And 143 other blocklists.

Spamhaus

0Spam

Abusix

Barracuda Networks

Cisco

Mailspike

NoSolicitado

SURBL

UCEPROTECT

URIBL

8086 Consultancy

abuse.ro

ALPHANET

Anonmails

Ascams

BLOCKEDSERVERS

Brukalai.lt

Calivent Networks

dan.me.uk

DrMx

DroneBL

EFnet

Fabel

GBUdb

ImproWare

JIPPG Technologies

Junk Email Filter

JustSpam

Kempt.net

Mail Baby

NordSpam

nsZones

Polspam

RV-SOFT Technology

Schulte

Scientific Spam

Spam Eating Monkey

Spamikaze

SpamRATS

SPFBL

Suomispam

System 5 Hosting

Taughannock Networks

Team Cymru

Tornevall Networks

Validity

www.blocklist.de Fail2Ban-Reporting Service

ZapBL

2stepback.dk

Fayntic Services

ORB UK

RedHawk

technoirc.org

TechTheft

Spamhaus

0Spam

Abusix

Barracuda Networks

Cisco

Mailspike

NoSolicitado

SURBL

UCEPROTECT

URIBL

8086 Consultancy

abuse.ro

ALPHANET

Anonmails

Ascams

BLOCKEDSERVERS

Brukalai.lt

Calivent Networks

dan.me.uk

DrMx

DroneBL

EFnet

Fabel

GBUdb

ImproWare

JIPPG Technologies

Junk Email Filter

JustSpam

Kempt.net

Mail Baby

NordSpam

nsZones

Polspam

RV-SOFT Technology

Schulte

Scientific Spam

Spam Eating Monkey

Spamikaze

SpamRATS

SPFBL

Suomispam

System 5 Hosting

Taughannock Networks

Team Cymru

Tornevall Networks

Validity

www.blocklist.de Fail2Ban-Reporting Service

ZapBL

2stepback.dk

Fayntic Services

ORB UK

RedHawk

technoirc.org

TechTheft

Spamhaus

0Spam

Abusix

Barracuda Networks

Cisco

Mailspike

NoSolicitado

SURBL

UCEPROTECT

URIBL

8086 Consultancy

abuse.ro

ALPHANET

Anonmails

Ascams

BLOCKEDSERVERS

Brukalai.lt

Calivent Networks

dan.me.uk

DrMx

DroneBL

EFnet

Fabel

GBUdb

ImproWare

JIPPG Technologies

Junk Email Filter

JustSpam

Kempt.net

Mail Baby

NordSpam

nsZones

Polspam

RV-SOFT Technology

Schulte

Scientific Spam

Spam Eating Monkey

Spamikaze

SpamRATS

SPFBL

Suomispam

System 5 Hosting

Taughannock Networks

Team Cymru

Tornevall Networks

Validity

www.blocklist.de Fail2Ban-Reporting Service

ZapBL

2stepback.dk

Fayntic Services

ORB UK

RedHawk

technoirc.org

TechTheft

Spamhaus

0Spam

Abusix

Barracuda Networks

Cisco

Mailspike

NoSolicitado

SURBL

UCEPROTECT

URIBL

8086 Consultancy

abuse.ro

ALPHANET

Anonmails

Ascams

BLOCKEDSERVERS

Brukalai.lt

Calivent Networks

dan.me.uk

DrMx

DroneBL

EFnet

Fabel

GBUdb

ImproWare

JIPPG Technologies

Junk Email Filter

JustSpam

Kempt.net

Mail Baby

NordSpam

nsZones

Polspam

RV-SOFT Technology

Schulte

Scientific Spam

Spam Eating Monkey

Spamikaze

SpamRATS

SPFBL

Suomispam

System 5 Hosting

Taughannock Networks

Team Cymru

Tornevall Networks

Validity

www.blocklist.de Fail2Ban-Reporting Service

ZapBL

2stepback.dk

Fayntic Services

ORB UK

RedHawk

technoirc.org

TechTheft

Spamhaus

0Spam

Abusix

Barracuda Networks

Cisco

Mailspike

NoSolicitado

SURBL

UCEPROTECT

URIBL

8086 Consultancy

abuse.ro

ALPHANET

Anonmails

Ascams

BLOCKEDSERVERS

Brukalai.lt

Calivent Networks

dan.me.uk

DrMx

DroneBL

EFnet

Fabel

GBUdb

ImproWare

JIPPG Technologies

Junk Email Filter

JustSpam

Kempt.net

Mail Baby

NordSpam

nsZones

Polspam

RV-SOFT Technology

Schulte

Scientific Spam

Spam Eating Monkey

Spamikaze

SpamRATS

SPFBL

Suomispam

System 5 Hosting

Taughannock Networks

Team Cymru

Tornevall Networks

Validity

www.blocklist.de Fail2Ban-Reporting Service

ZapBL

2stepback.dk

Fayntic Services

ORB UK

RedHawk

technoirc.org

TechTheft

What is the Abusix NOD list?

The Abusix NOD (Newly Observed Domains) list is a domain-based informational blocklist (blacklist) for domains Abusix has newly seen through DNS and mail-intelligence telemetry. Entries are wildcarded, so a listed parent domain also covers its subdomains. A NOD hit does not prove abuse by itself. It tells a receiving mail system that the domain has little observed history, which can matter when evaluating spam, phishing, malware, and other risky email.

Abusix says its NOD data comes from Farsight DNS sensors on DNS servers used by its Mail Intelligence processors. Technically, the listing duration is short: 25 hours. If a domain is listed, DNS queries return 127.0.1.2. Because entries are wildcarded, a listing for 'example.com' also covers 'mail.example.com' and similar subdomains, so mail administrators do not need to check each hostname separately.

Who runs the Abusix NOD list?

The NOD list is operated by Abusix, a company that provides network abuse management, email security data, and threat intelligence. For this list, Abusix focuses on domains that have only recently appeared in its DNS and email data, then exposes that signal to receiving mail systems.

Abusix uses NOD data as an early warning signal for newly active or newly registered domains.
A NOD hit is normally best used with other evidence, such as authentication results, domain reputation, message content, and sending pattern.
New domains used for legitimate launches, migrations, and new subdomains can appear on the blacklist without abuse.

How should you interpret a NOD hit?

Treat a NOD hit as a risk signal, not a verdict. A new domain can be part of a normal launch, but new or newly active domains are also common in phishing, malware delivery, and spam campaigns because they have little reputation history.

Check the bounce message or mail log to confirm that Abusix NOD is the reason for the rejection or score increase.
Confirm that SPF, DKIM, and DMARC pass for the domain and that the visible From domain matches the authenticated sending domain.
Review sending sources before changing DNS or requesting delisting. In Suped's product, DMARC aggregate reports help identify which services are legitimately sending for the domain while the short NOD listing expires.
Keep volume conservative for new domains and subdomains until mailbox providers have enough positive history.

How do I get removed from the Abusix NOD list?

Because the list has an automatic 25-hour expiration policy, many NOD listings clear without manual action. If a listing is causing urgent delivery problems, request removal. Delisting is free, but Abusix requires an account to limit abuse of the delisting system.

To request delisting, visit the Abusix Lookup and Delisting page. Enter the domain, and if it is listed, follow the on-screen instructions to create a free account and submit the removal request. Abusix says delists are processed immediately, though it can take up to five minutes for the change to propagate to services that use the list.

What is the impact of an Abusix NOD listing?

The impact is usually medium and depends on how the receiving mail server uses the blacklist. Since Abusix does not label every NOD entry as malicious, many filters use the listing as scoring data instead of a reason to block the message outright. That can push messages toward spam or junk when other signals are also weak.

Some receivers use stricter rules and reject mail temporarily when a domain appears on the blocklist. The short 25-hour listing window limits the duration, but a sender with poor authentication, sudden high volume, suspicious URLs, or other reputation issues can still see broader delivery problems after the NOD listing expires.