procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

uses of whitelisting

1997-09-30 10:06:29
from [David W. Tamkin] [Permanent Link] 
In response to my posts against whitelisting policies, 
wotan(_at_)netcom(_dot_)com
gave us a summary of his .procmailrc's logic flow:

| whitelist
| mailing lists
| Basic de-spamming (freinds, X-mailers, bad addresses, etc.)
| procmail list
| Serious despamming (a lot of procmail list matches these)
| Score whats left.  Scores over million, deleted.  Rest to gzipped 
|   to junk-box.
| Dump rest (without an acknowledgement or vacation message) into inbox.

The first line, which Wotan calls his whitelist, looks more like what I, for
lack of a known word, called a goldlist.  I admit to using one myself.  It's
a list of characteristics that give mail special treatment -- exemption from
spam tests, high-priority folders, whatever.  In a way, each mailing list to
which I subscribe is goldlisted.  [The amount of spam passed on this list
(which seems to have subsided recently) is a good argument against goldlist-
ing it, though.  Wotan, understandably, puts it through some testing.]

The difference between a goldlist and a whitelist is this: if mail fails to
match a goldlist, the recipient's mind is still open about it, and it is ei-
ther accepted at lower priority or examined further.  But if mail fails to
match a whitelist, it is deemed undesirable for that reason alone and treated
the same as if it had matched a blacklist.

If Wotan receives mail whose spammishness is not determined, it lands in a
junk-box or in his inbox.  It isn't trashed and it isn't answered with a "you
have prove that it isn't spam without my reading it" nastygram.

But what he is avoiding is exactly what whitelisters do: if mail doesn't
match the whitelist, then they treat it the same as they treat spam.  They
are cocksure that the whitelist is all-inclusive.  If, without even glancing
at the text, you trash all unwhitelisted mail (or if you autoreply to it with
"I'm not going to read your message to see if it's spam; you have to do extra
work to prove that you're worthy of writing to me"), I think that that is
wrong.

Whether unrecognized mail is spam should be determined by INFORMATION (it
actually matches a blacklist or the recipient actually glanced at the text)
rather than LACK OF INFORMATION (such as absence from a whitelist).

Goldlisting certain mail as not needing to be tested for spam is fine; black-
listing certain mail as spam is understandable; but whitelisting certain mail
and then deeming that all the remainder is spam or should be treated as such
is awful in my book.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Auto-bouncing mail from the unknown, William J. Evans; mail protected by spamgard{tm}
Next by Date:  Re: .forward problem, Rob Vandeweyer
Previous by Thread:  Re: Whitelisting, Jack Lyons
Next by Thread:  Re: uses of whitelisting, Jack Lyons
Indexes:  [Date] [Thread] [Top] [All Lists]