Overview

Guardian Ops & AbuseHQ

Abusix

An introduction to accessing Abusix Guardian Intel

Getting started with Abusix Guardian Intel

Guardian Intel Lookup

Using the Guardian Intel Lookup Tool

For each IP address in the Guardian Intel data set, a classification key is included in the Abusix Visualizer and the Abusix APIs. The following explains how Abusix classifies IPs within the Internet Scanner Intelligence data set.

Understanding Abusix Classifications

Understanding Abusix Dataset

Using the Abusix Guardian Intel Enterprise API

Setting Up Guardian Ops - Quick Start Guide

Create User Accounts

Enable 2FA

Answers to frequently asked questions about AbuseHQ, covering setup, functionality, integrations, and best practices for managing abuse reports efficiently.

AbuseHQ FAQ

Browser support

Email and report template variables

Inbound Processing, Event Types

Outgoing IPs

 Parrot Querry Language PQL

Resolver Reference

Subscriber Data Model

System status

Create and manage your workflows

Cases

Configure your mail settings

Helpful Configurations

Integrate Guardian Ops with other systems

Case Groups

Configure Inbound Processing

Configuring Playbooks

API Resolver Caching

Data Retention Configuration

Email Templates Configuration

Smartlinks Configuration

SMTP Services for Email Templates

Subscriber Resolving via an API and Target System (e.g., CRM or RADIUS Server)

Subscriber Resolving with Ubersmith

Subscriber resolving via X-Header

Integrate with upstream systems using Webhooks

Abusix Guardian Mail is a suite of curated DNSRBLs designed to protect inbound and outbound mail servers. Guardian Mail provides the most accurate, comprehensive, and innovative blocklists on the internet.

Guardian Mail

Delisting Overview

Most Frequently Asked Questions about Abusix Blocklists.

Blocklist FAQ

A quick-start guide for integrating Abusix DNSBLs into blocklist check tools, offering free access and setup instructions to enhance threat visibility for your users.

Integrate Abusix with Blocklist Check Providers

Usingrsync

A comprehensive reference of Abusix’s production-ready DNS blocklists and whitelists, detailing list types, usage scenarios, return codes, and integration guidelines for email security infrastructure.

Production Zones

A preview set of experimental DNS zones and threat data from Guardian Mail, offering early access to emerging anti-abuse signals for testing, feedback, and non-production scoring.

Beta Zones

Executing dig, host, and nslookup queries

A reference guide to all Guardian Mail return codes, mapping DNSBL responses to their corresponding threat lists and data types for accurate interpretation and filtering.

Return Codes

A lightweight tool to quickly and transparently compare Guardian Mail against other DNS blocklists using log-based or real-time analysis—without disrupting your mail flow.

Comparison Tool Overview

Answers to common questions about using the Guardian Mail Comparison Tool, covering setup, limitations, query behavior, compatibility, and technical details.

Comparison Tool FAQ

Step-by-step instructions for requesting, installing, and running the Guardian Mail Comparison Tool in logfile mode to evaluate DNSBL performance using your own mail logs.

Setup of the Comparison Tool

Instructions for executing the Guardian Mail Comparison Tool in logfile or real-time mode to generate DNSBL performance reports and CSV-based analysis of IP blocklist coverage.

Running the Comparison Tool

Learn about the Abuse Management dashboard.

Abuse Management

Why is forwarding your abuse data important?

Forwarding Your Abuse Data

Learn how to get abuse@ addresses to report network abuse to peers.

Abuse Reporting

 Reporting abuse on the Internet is a complex and time-consuming task.

About Abusix Global Reporting

Find out how to implement the Abusix Global Feedback Loop Reporting Service.

Getting Started With the Abusix Global Feedback Loop Reporting Service

If you have abuse to report and can provide the minimum required data for a given report type; please send your data to your API endpoint.

Getting started with the Abusix Global Reporting Service

XARF FAQ

An overview of XARF schemas as a standardized, automation-friendly format for reporting abuse and security incidents across a wide range of use cases including spam, phishing, copyright violations, and system attacks.

XARF (eXtended Abuse Reporting Format)

Abuse Contact DB Overview

Getting Started with Abuse Contact DB

Abuse Contact DB FAQ

Validate abuse@ role addresses

Blackhole MX Overview

Getting started with Blackhole MX

Portal

An overview of Abusix Data Channels, which enable organizations to send abuse reports and email telemetry to strengthen global threat intelligence and enhance workflows.

What are Data Channels?

Data Channel Use Cases

A step-by-step guide to submitting abuse reports via the Abusix API using the XARF format, including setup, payload structure, and response handling.

Submitting data via the API to Data Channels

A technical guide for configuring and sending real-time SMTP transaction data to Abusix via UDP to enhance Guardian Mail’s accuracy and intelligence.

Submitting MTA Transaction Feeds via UDP to Data Channels

A guide to configuring SMTP data channels in AbuseHQ, covering email formats, data types, and best practices for forwarding abuse reports and spam data.

Guardian Ops

AbuseHQ

Workflows

Helpful Configurations

Integrations

Guardian Ops & AbuseHQ

Getting started with Guardian Ops

AbuseHQ FAQ

Create User Accounts

Enable Multi-factor Authentication (2FA)