Tuesday, July 10, 2007

Some White Listing Essentials - Reputation and Accreditation

The above is simply another name for white listing; it is rapidly going to become more important though as the big web mail providers are putting their weight behind it. It simply means the email service providers and also the big ISPs will not accept an email from senders which are not on a white list. Web sites like Yahoo and Microsoft (Hotmail) are throwing their support behind these email acceptance protocols. As time goes on, if it catches on, other web sites will definitely join the band wagon.

Who Decides What Gets Seen and What Doesn’t?

Right now, every site polices itself. Some use white lists, some use block lists. For small operators it is better to band together in groups and use block lists to screen emails sent to their web sites. Some individuals believe that this arbitrary banding up is unfair (who polices the police?). But if the ESPs have their way, it will definitely get worse, and it may be compulsory to be a member of one white list or another to get your emails delivered.

According to the book New Rules for the New Economy, there is also a numbers based system based on whether the email sender shares the subscriber's email address with other parties. This was in the late nineties and not many models seem to use this method, though it has to be said here that buying a list is a bad idea and may result in a lot of spam and/or unsubscribe requests.


Most ESPs filter viruses strictly (they screen ALL emails for viruses), but are more lax on the above trust level filters. Still, most ESPs check all not-rated IP addresses for spam and skip medium and high rated IP addresses; unless it is a major ISP/ESP they also skip checking black lists for all rated IP addresses. Obviously it is a good idea to run over to and get rated. Medium and Low trust level sites will get through an ISP, but if spam is reported by the clients, the sender is expected to purge his/her list of address that did not specifically request emails.

Note this difference between a white listed sender and a sender that is simply tagged as a “spammer” by a DNSBL. A white listed sender can send spam and will just get a note from the ESP asking for the error to be corrected; an unknown sender who does not respond to authentication requests and who sends spam is flagged as a spammer. Basically the listing is all about relationships.

If it is not known whether a sender is a spammer or not, the sender is grey listed by the ESP or ISP. A request may be sent to the sender asking for some form of authentication. This may be combined with some reverse DNS look up of the sender's connecting  IP address.

Administrators who have experience with spam in emails use certain rules when processing a white listing request. They follow these rules to make sure that a spammer does not get a white list rating. If you are registered with a basic web hosting package (since all the IP does is check the IP address) you should have no problems with passing a white list query from a client to a DNSWL. Note that if your site is not black listed, then it is white listed if it has been checked before. If it has not been checked before, it appears on the list after it has been checked. A site that has not been checked before is grey listed and may receive confirmation requests from the receiving ISP administrator.

No comments: