Generic need for whitelisting
Natural language understanding is not a mature field. Common computer processes used for spam filtering apply heuristics to avoid presenting too many useless messages to email recipients. This has the severe impact of reducing SMTP reliability by creating false positives; i.e., silently dropping legitimate messages. Whitelists tackle the task of vouching for a sender, which implies identifying an accountable party that the sender belongs to.
DNS whitelisting can also be applied to web traffic when doing incident response or network forensics, since it helps the analyst to tell malicious domains apart from "normal" web surfing. It is, however, not recommended to actively block web traffic not on the whitelist, since this would cause even legit web surfing to be blocked.
For IPv6, blacklisting is not a realistic option, because of the greatly increased addresses. So whitelisting can be used to reduce a huge address space to a set of manageable size: first build a global whitelist of IPv6 registered senders, and second blacklist within that. By accepting all authentic sender registration request, it is at least possible to eliminate spambots.
DNSWL.org lists IP addresses, but also holds domain names, category, and email contact addresses. Each IP address is given a "trustworthiness" level; applications (e.g., SpamAssassin) typically decrease the "spamminess" score of a message by a value proportional to that level.
- Matthias Leisi (27 January 2009). "50'000!". Retrieved 16 July 2009.
- See Bounce message for a discussion about delivery errors, and backscatter (e-mail) for why they cannot always be noticed to the sender.
- "DNS whitelisting in NetworkMiner, NETRESEC Network Security Blog". Netresec.com. 2013-10-02. Retrieved 2013-10-03.
- Paul Vixie (7 June 2011). "Two Stage Filtering for IPv6 Electronic Mail". CircleID. Retrieved 17 June 2011.
- Matthias Leisi (1 November 2008). "Happy Birthday, dnswl.org". Retrieved 16 July 2009.
- DNSWL's thanks page doesn't list its sponsors extensively. Robtex's page and whois data at PIR.org are more up to date.