diff --git a/data/modules.example.conf b/data/modules.example.conf
index 3bc144424..9c7d9f70a 100644
--- a/data/modules.example.conf
+++ b/data/modules.example.conf
@@ -175,7 +175,7 @@ module { name = "help" }
 	}
 
 	/* Exempt localhost from DNSBL checks */
-	exempt { ip = "127.0.0.1" }
+	exempt { ip = "127.0.0.0/8" }
 }
 
 /*
diff --git a/modules/m_dnsbl.cpp b/modules/m_dnsbl.cpp
index 6f315430d..900756694 100644
--- a/modules/m_dnsbl.cpp
+++ b/modules/m_dnsbl.cpp
@@ -99,7 +99,7 @@ class DNSBLResolver : public Request
 class ModuleDNSBL : public Module
 {
 	std::vector<Blacklist> blacklists;
-	std::set<Anope::string> exempts;
+	std::set<cidr> exempts;
 	bool check_on_connect;
 	bool check_on_netburst;
 	bool add_to_akill;
@@ -146,7 +146,10 @@ class ModuleDNSBL : public Module
 
 		this->exempts.clear();
 		for (int i = 0; i < block->CountBlock("exempt"); ++i)
-			this->exempts.insert(block->Get<Anope::string>("ip"));
+		{
+			Configuration::Block *bl = block->GetBlock("exempt", i);
+			this->exempts.insert(bl->Get<Anope::string>("ip"));
+		}
 	}
 
 	void OnUserConnect(User *user, bool &exempt) anope_override
@@ -162,9 +165,15 @@ class ModuleDNSBL : public Module
 			/* User doesn't have a valid IPv4 IP (ipv6/spoof/etc) */
 			return;
 
-		if (this->exempts.count(user->ip.addr()))
+		if (this->blacklists.empty())
 			return;
 
+		if (this->exempts.count(user->ip.addr()))
+		{
+			Log(LOG_DEBUG) << "User " << user->nick << " is exempt from dnsbl check - ip: " << user->ip.addr();
+			return;
+		}
+
 		const unsigned long &ip = user->ip.sa4.sin_addr.s_addr;
 		unsigned long reverse_ip = (ip << 24) | ((ip & 0xFF00) << 8) | ((ip & 0xFF0000) >> 8) | (ip >> 24);