Internet and e-mail policy and practice
including Notes on Internet E-mail


Click the comments link on any story to see comments or add your own.

Subscribe to this blog

RSS feed

Home :: Email

27 Sep 2010

The Spamhaus Whitelist Email

For several months I have been working with the Spamhaus project on a whitelist, which we announced to the public today. While this is hardly the first mail whitelist, our goals are somewhat different from other whitelists. Think of e-mail as ranging from inky black to pearly white, like this:

Spamhaus' SBL and its other current lists identify mail from the inky black end, sources of mail so conistently unwanted that recipients can reject or discard it without even looking at it. The goal of the Spamhaus whitelist is to identify mail at the other end of the spectrum, sources of mail so consistently wanted that recipients can deliver it without looking at it. This leaves a large grey area in between of mail sources which are neither consistently wanted nor unwanted; this isn't a magic bullet, and recipients will still have have to use other techniques to filter that.

Two categories of mail qualify for the Whitelist:

  • What we call mail from staff, mail sent by individuals who have are employees of or otherwise have a relationship with the operator of the mail system beyond being customers.
  • Transactions, mail directly related to a specific action by the recipient, or reporting the status of an account set up by the recipient. Typical examples would be order acknowledgements, and bank account statements.

There's a lot of other wanted mail that doesn't qualify. Mail sent for third parties, such as mail from ISPs' customers doesn't qualify, nor does any sort of mailing list or bulk mail, no matter how wonderfully opt-in.

The reason for these limits is quite practical -- the risk of unwanted mail of these other kinds is significantly greater than for staff mail or transactions, and as anyone familiar with the e-mail business can confirm, it is impossible to tell by looking at mailing list mail whether the recipient asked for the mail, and frequently difficult to tell even with access to logs and business records. So we're sticking to the kinds of mail that are highly wanted and easy to recognize.

For now. as we ramp up, anyone can use the whitelist (details here), but listings are by invitation only.

  posted at: 15:24 :: permanent link to this entry :: 0 comments
Stable link is


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

It turns out you don’t need a license to hunt for spam.
63 days ago

A keen grasp of the obvious
Italian Apple Cake
621 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse

My Mastodon feed

© 2005-2024 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.