Whitelisting/Blacklisting

One important aspect of a comprehensive spam-fighting apparatus is the blacklist/whitelist. But what exactly is a blacklist?

Blacklists and Whitelists

A blacklist rule won’t be able to stop spammers from sending an email to you in the first place. It will, however, prevent that email from reaching your inbox immediately.

Suspected spam emails are sent to quarantine. Quarantine is the system’s way to let you know what the filter caught, and to give you an opportunity to receive the email if it looks legitimate. But beyond this, it also gives you an opportunity to create a blacklist rule (or a whitelist rule) to treat future messages, either for the sender only or for their entire domain.

A blacklisted sender’s email will never be allowed through to your mailbox even if it’s a genuine email. A whitelisted sender’s email will always be allowed through. Pretty simple, right?

If you change your mind about a blacklist, you can always whitelist them. In this case, the blacklist rule stays but is overridden. A whitelist rule always takes priority when a blacklist rule exists for the same email address.

Only users with Admin portal access can adjust rules other people have created for their own mailboxes, or delete any existing rules.

A user should only create a whitelist rule if believe the sender has sufficient cyber security in place. If it does have to get created, it should be applied to an individual senders only.

Finally, never whitelist your own domain. This rule is one of the most important and perhaps most ignored rule in email security. When someone whitelists their own domain, they are unknowingly allowing spoofers to bypass layers of their email security service, giving them not only access to the user’s inbox but trusted access, since it appears to be an internal message. This can lead to users falling for phishing emails, compromising sensitive information, costing organizations major financial losses, or infecting corporate systems. Organizations that whitelist their own domain are leaving themselves open to attacks and infiltration.

Of course, if you blacklist an address or a domain, but still received an email from them, please get in touch and we will find out what happened.