The Cybermagic of Whitelists
Before we start getting deep into the meat of this article it's important to
explain some standard terminology to make sure the rest of this article makes
*An IP address is a number which identifies your location on the Internet.
*A blacklist is a list of IP addresses which your anti-spam software uses to
block incoming spam.
*A whitelist is the exact opposite of a blacklist.
A whitelist is a predefined list of IP addresses that are allowed to send email
to and receive email from each other. Blacklists exclude known and suspected
spammers. Whitelists can be used to exclude everyone except known IP addresses.
Think of it like this. A whitelist is a like having a phonebook which is owned
by a small group of people who only wish to speak directly to each other. They
don't want just anybody ringing them. Not only that but the entire group need to
approve new phone numbers before they appear in this exclusive phonebook.
To send email to a whitelist you must be approved by the owner of the whitelist.
This is a lot like the double optin systems used by legimiate ezines and mailing
list owners. Whitelists are the nightclub bouncers of the virtual world - if you
ain't on the list you ain't getting in. Simple but very effective.
A real world example of a whitelist would be if two companies wanted to exchange
email only with each other. These companies could implement a whitelist that
contained the IP address for just the two email servers that want to send email
to each other. That would mean that any email coming from an IP address not on
the whitelist would be returned to sender. For companies they can ensure that
employees are only dealing with work related email and not chatting with their
The benefits of whitelists are many but proper management of the whitelists is
equally important. Misuse of whitelists will only lead to more headaches for
everyone involved with missing email, irate customers and IT departments doing
overtime just being the tip of the iceberg.