The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers.

The Spamhaus Project is responsible for compiling several widely used anti-spam lists. Many internet service providers and email servers use the lists to reduce the amount of spam that reaches their users. In 2006, the Spamhaus services protected 650 million email users, including the European Parliament, US Army, the White House and Microsoft, from billions of spam emails a day.

Spamhaus distributes the lists in the form of DNS-based blocklists (DNSBLs). The lists are offered as a free public service to low-volume mail server operators on the internet. Commercial spam filtering services and other sites performing large scale usage must instead sign up for a commercial account through Spamhaus Technology its partner for distribution. Spamhaus outlines the way its DNSBL technology works in a document called "Understanding DNSBL Filtering."

The Spamhaus Blocklist (SBL) targets "verified spam sources (including spammers, spam gangs and spam support services)." Its goal is to list IP addresses belonging to, known spammers, spam operations, and spam-support services. The SBL's listings are partially based on the ROKSO index of known spammers.

The Exploits Blocklist (XBL) targets "illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, virus-infected PCs & servers and other types of trojan-horse exploits." That is to say it is a list of known open proxies and exploited computers being used to send spam and viruses. The XBL includes information gathered by Spamhaus as well as by other contributing DNSBL operations such as the Composite Blocking List (CBL).

The Policy Blocklist (PBL) is similar to a Dialup Users List. It lists not only dynamic IP addresses but also static addresses that should not be sending email directly to third-party servers. Examples of such are an ISP's core routers, corporate users required by policy to send their email via company servers, and unassigned IP addresses. Much of the data is provided to Spamhaus by the organizations that control the IP address space, typically ISPs.

The Domain Blocklist (DBL) was released in March 2010 and is a list of domain names, which is both a domain URI blocklist and RHSBL. It lists spam domains including spam payload URLs, spam sources and senders ("right-hand side"), known spammers and spam gangs, and phish, virus and malware-related sites. It later added a zone of "abused URL shorteners", a common way spammers insert links into spam emails.

The Combined Spam Sources (CSS) is an automatically produced dataset of IP addresses that are involved in sending low-reputation email. Listings can be based on HELO greetings without an A record, generic looking rDNS or use of fake domains, which could indicate spambots or server misconfiguration. CSS is part of SBL.