Anti-Spam, Whitelisting
Leave a Comment

Whitelisting and False Positives

Mark Webb-Johnson, my colleague at our Hong Kong headquarters, edits a monthly Network Box publication called “In the Boxing Ring.” In this month’s issue, he reports on problems that can arise from unintended anti-spam whitelisting. I would like to share a few of his findings/reflections, which you may find very interesting.

Mark indicated that administrators may often whitelist their own or popular domains – done to hopefully avoid mails being blocked as spam. Spammers, however, may often use your own domain as the sender address. Whitelisting your own or popular domains isn’t effective in avoiding false positives – it can actually cause more problems.
To quote Mark, “This causes the Network Box to incorrectly ‘learn’ that spam as ham (resulting in other similar spam being treated as ham as well).”

Our Anti-Spam system does have the ability to perform sender white and black listing. If a sender is blacklisted, for example, that tells the Network Box that the sender only sends spam and all messages from that sender are to be treated as spam. Likewise, notes Mark, a whitelisted sender instructs the Network Box that the sender only sends ‘ham’ and all messages from that sender are to be treated as ham.

My recommendation, in agreement with Mark, is to never whitelist your own domain. It is true that you do not send out spam, but it is also true that spoofed domains are an everyday issue with spam.

If you’re experiencing any whitelisting/false positive issues, send me an email (pierluigi.stella@networkboxusa.com) or pick up the phone (832/242-5757) and let’s discuss!

This entry was posted in: Anti-Spam, Whitelisting

by

Our mission is to produce, configure and maintain effective, affordable, computer security systems to protect the computer systems of enterprises of all sizes. We believe that all companies, regardless of size, should be afforded the same level of protection.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s