A couple of weeks ago, Spamhaus announced that they are introducing two new sets of return codes for its DBL that took effect on July 1st, 2014. The first set of codes is to list all legitimate domains/senders that have been compromised, and the second set is going to be used to list malware domains and botnet C&C domains. Spamhaus said that this new information will help maintain DBL’s goal of almost zero false positives, and will also give users of the DBL the ability to identify and remediate compromised users and websites.
The key takeaway in all of this is that this data will be able to provide valuable insight as to whether Spamhaus thinks a domain is legit, but being abused to send spam, or if it indeed is just sending spam. Below you will find a chart from Spamhaus, which introduces the new codes and the replacements of the old ones.
You can read all about the Spamhaus announcement here or learn more about DBL here.