Generic need for whitelisting
This section is written like a personal reflection, personal essay, or argumentative essay that states a Wikipedia editor's personal feelings or presents an original argument about a topic. (September 2018) (Learn how and when to remove this template message)
Natural language understanding is not a mature field. Common computer processes used for spam filtering apply heuristics to avoid presenting too many useless messages to email recipients. This has the severe impact of reducing SMTP reliability[note 1] by creating false positives; i.e., silently dropping legitimate messages. Whitelists tackle the task of vouching for a sender, which implies identifying an accountable party that the sender belongs to.
DNS whitelisting can also be applied to web traffic when doing incident response or network forensics, since it helps the analyst to tell malicious domains apart from "normal" web surfing. It is, however, not recommended to actively block web traffic not on the whitelist, since this would cause even legit web surfing to be blocked.
For IPv6, blacklisting is not a realistic option, because of the greatly increased addresses. So whitelisting can be used to reduce a huge address space to a set of manageable size: first build a global whitelist of IPv6 registered senders, and second blacklist within that. By accepting all authentic sender registration request, it is at least possible to eliminate spambots.
- "DNS whitelisting in NetworkMiner, NETRESEC Network Security Blog". Netresec.com. 2013-10-02. Retrieved 2013-10-03.
- Paul Vixie (7 June 2011). "Two Stage Filtering for IPv6 Electronic Mail". CircleID. Retrieved 17 June 2011.