Whitelist

A whitelist is a list or register of entities that, for one reason or another, are being provided a particular privilege, service, mobility, access or recognition. Only entities on the list will be accepted, approved, and/or recognized. Whitelisting is the converse of blacklisting, the practice of identifying entities that are denied, unrecognised, or ostracised, and the term "whitelist[ing]" was formed by back-formation from "blacklist[ing]".

1 Email whitelists
- 1.1 Non-commercial whitelists
- 1.2 Commercial whitelists
2 LAN whitelists
3 Program whitelists
4 Application whitelists
5 See also
6 References
7 External links

Email whitelists

An email whitelist is a list of contacts that the user deems are acceptable to receive email from and should not be sent to the trash folder.

Spam filters that come with email clients have both whitelists and blacklists of senders and keywords to look for in emails. If a spam filter keeps a whitelist, mail from the listed email addresses, domains, and/or IP address will always be allowed.

Some internet service providers have whitelists that they use to filter email to be delivered to their customers.

If a whitelist is exclusive, only email from those on the whitelist will get through. If it is not exclusive, it prevents email from being deleted or sent to the junk mail folder by the spam filter. Usually, only end-users would set a spam filter to delete all emails from sources not on the whitelist, not internet service providers or email services.

Using whitelists and blacklists can assist in blocking unwanted messages and allowing wanted messages to get through, but they are not perfect. Email whitelists are used to reduce the incidence of false positives, often based on the assumption that most legitimate mail will be from a relatively small and fixed set of senders. To block a high percentage of spam, email filters have to be continuously updated as email spam senders create new email addresses to email from or new keywords to use in their email which allows the email to slip through.

Non-commercial whitelists

Non-commercial whitelists are operated by various non-profit organisations, ISPs and other entities interested in blocking spam. Rather than paying fees the sender must pass a series of tests; for example, his email server must not be an open relay and have a Static IP address. The operator of the whitelist may remove a server from the list if complaints are received.

Commercial whitelists

Commercial whitelists are a system by which an internet service provider allows someone to bypass spam filters when sending email messages to its subscribers, in return for a pre-paid fee, either an annual or a per-message fee. A sender can then be more confident that his messages have reached their recipients without being blocked, or having links or images stripped out of them, by spam filters. The purpose of commercial whitelists is to allow companies to reliably reach their customers by email.

Commercial providers include GoodMailSystems's Certified Email, Return Path Certification,^[1] eco's Certified Senders Alliance, and the Spamhaus Whitelist.^[2]

LAN whitelists

Another use for whitelists is local area network (LAN) security. Many network admins set up MAC address whitelists, or a MAC address filter, to control who is allowed on their networks. This is used when encryption is not a practical solution or in tandem with encryption. However, it's sometimes ineffective because a MAC address can be faked.

Some firewalls can be configured to only allow data-traffic from/ to certain (ranges of) IP-addresses.

Program whitelists

If an organization keeps a whitelist of software, only titles on the list will be accepted for use. The benefits of whitelisting in this instance are that the organization can ensure itself that users will not be able to download and/or use programs that have not been deemed appropriate for use.

Application whitelists

An emerging approach in combating viruses and malware is to whitelist software which is considered safe to run, blocking all others.^[3] The approach was first implemented in a modern operating system by Dr. John Harrison, an American computer scientist.^[4] Some deem this superior to the standard signature-based, anti-virus approach of blocking/removing known harmful software (essentially blacklisting), as the standard approach generally means that exploits are already in the wild.^[5]^[6]

These products may provide administrative control over program whitelists in addition to preventing introduction of new malware.^[7]

Among Unix Operating system variants, HP-UX has introduced a feature called "HP-UX Whitelisting" on 11iv3 version. HP-UX Whitelisting (WLI) offers file and system resource protection based on RSA encryption technology. WLI is complementary to the traditional UNIX discretionary access controls (DAC) based on user, group, and file permissions. The more granular DAC access control list (ACL) permissions available on VxFS and HFS file systems are likewise not affected.

References

^ returnpath.net
^ spamhauswhitelist.com
^ sans.org
^ John Harrison, Enhancing Network Security By Preventing User-Initiated Malware Execution, Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II - Volume 02; pages 597-602; IEEE Computer Society Washington, DC, USA 2005.
^ darkreading.com
^ eweek.com
^ Vamosi, Robert (2008-07-21). "Will you be ditching your antivirus app anytime soon?". CNET. Retrieved 2010-03-22.

Contents