👋 How can we help you?

Forwarding your abuse reports

The most important step to starting AbuseHQ

Last updated on Invalid Date


The most important step to start with AbuseHQ is forwarding your network's or MTA's abuse data. You will need your mail administrator (if this is not you) to help you with this step. Please forward (alias) the abuse@, postmaster@ traffic, and any other role address that receives abuse reports to abuse@EXAMPLE.abusehq.net (where 'example' is replaced by the AbuseHQ hostname you requested).

Manual forwarding using an email client does not work!

If you're using Gmail or other services that require a forwarding verification opt-in, the verification emails will be delivered to your AbuseHQ mailbox.


Make sure to click the link in those emails to start forwarding abuse reports to AbuseHQ.


Inbound Processing Automation

AbuseHQ includes 500+ parsers that consume thousands of different types of threat reports, extracting relevant metadata.

An example of this is, when you forward reports from shadowserver.org, AbuseHQ automatically downloads the related Shadowserver CSV file creating a single event for each line in the report.


Better Visibility

With threat analysis automation, the more abuse reports you send to AbuseHQ, the better your visibility of network security issues will be.

Meanwhile, your work effort will decrease since Abusix will start doing all the hard work for you.

The following two are several must-have data sources for many network operators


Once you have started forwarding traffic to AbuseHQ, the "Top Reporter" widget in AbuseHQ Statistics will give you useful insights about each of the reporters AbuseHQ catches!


If you have any questions please feel free to contact us.


Learn more

To learn more about Abuse Reports, we recommend the following articles:

Did this answer your question?