The Cybermagic of Whitelists
Before we start getting deep into the meat of this article it''s important to explain some standard terminology to make sure the rest of this article makes sense.Before we start getting deep into the meat of this article it''s important to explain some standard terminology to make sure the rest of this article makes sense.
*An IP address is a number which identifies your location on the Internet.
*A blacklist is a list of IP addresses which your antispam software uses to block incoming spam.
*A whitelist is the exact opposite of a blacklist.
A whitelist is a predefined list of IP addresses that are allowed to send email to and receive email from each other. Blacklists exclude known and suspected spammers. Whitelists can be used to exclude everyone except known IP addresses. Think of it like this. A whitelist is a like having a phonebook which is owned by a small group of people who only wish to speak directly to each other. They don''t want just anybody ringing them. Not only that but the entire group need to approve new phone numbers before they appear in this exclusive phonebook.
To send email to a whitelist you must be approved by the owner of the whitelist. This is a lot like the double opting systems used by legitimate ezines and mailing list owners. Whitelists are the nightclub bouncers of the virtual world - if you aren''t on the list you aren''t getting in. Simple but very effective.
A real world example of a whitelist would be if two companies wanted to exchange email only with each other. These companies could implement a whitelist that contained the IP address for just the two email servers that want to send email to each other. That would mean that any email coming from an IP address not on the whitelist would be returned to sender. For companies they can ensure that employees are only dealing with work related email and not chatting with their friends.
The benefits of whitelists are many but proper management of the whitelists is equally important. Misuse of whitelists will only lead to more headaches for everyone involved with missing email, irate customers and IT departments doing overtime just being the tip of the iceberg.