Simon wrote,
| Perhaps there should be a list of terms in the FAQ somewhere! I'd never
| heard of a whitelist before or in fact any other colour besides black.
Part of the problem is that the term "whitelist" means different things from
different people.
We all agree on what a blacklist is: mail from any address on the blacklist
is automatically undesired:
address on the blacklist means spam, regardless of content.
But how does one negate that to define "whitelist"? There are two ways, and
they're very different.
1. address not on the whitelist means spam, regardless of content
2. address on the whitelist means not spam, regardless of content
address not on the whitelist might mean spam, depending on content
"Content" could be suspicious routing as well as suspicious text in the body.
I use the term "whitelist" for #1 and am very much against the practice. It
means that if a sender is not on the whitelist, the message is assumed to be
spam no matter what is an it. Usually it works like this: you post a ques-
tion to some public forum, someone tries to help you, that person isn't on
your whitelist, and your whitelisting routines delete the message unread, or
they send back a threatening "you dirty spammer" autoresponse, or they send
an autoresponse of the "prove you love me" type, which most people delete
with a quiet "go screw yourself." Or you write to someone, asking for a
response; but you forget to put that person onto your whitelist, so his/her
reply to you goes into the bitbucket or gets a rude autoreply from you. Or
you join a mailing list, forget to put a recipe for its messages ahead of
your whitelist recipe, and your system starts sending out "you dirty spammer"
or "prove you love me" to everyone who posts or posting such things to the
list every time you get mail through that list; or your whitelisting deletes
mail from the list and you ask the listowner why you're not getting mail, but
your whitelisting routine also deletes the listowner's answers, so you send
increasingly angry messages to the listowner for ignoring you.
I've heard of people in deep trouble at work for failing to whitelist their
bosses and sending back a "you dirty spammer" or "prove you love me" message,
and one fellow reported having to spend nights on the couch because he set up
a whitelist and forgot to put his wife on it!
The autoreplies that whitelisters use, whether they're "you dirty spammer" or
"prove you love me" types, generally have the wrong effect in all cases. A
person who sends legitimate mail is insulted, while a spammer who uses a
real return address gets validation of the whitelister's address, and a
spammer who victimizes someone else by using that person's return address
gets one more piece of mail bombarding the victim.
I use the term "greenlisting" for #2 and have no objection to it. If the
sender is not on the greenlist, the rcfile examines the message and tries
to make a decision based on what is actually in it.
A greenlist setup allows you to receive mail that isn't really spam after
all, and it doesn't send insults to people who sent you mail you asked for.
A whitelist trashes legitimate mail along with spam and, if it includes
autoreplies that assume a non-whitelisted sender must be a spammer, insults
people who are trying to help you or to carry on their own discussions that
you asked to read while guaranteeing to spammers that your address works.
But the next person you read on the subject could be someone who feels ex-
actly as I do but uses "whitelist" for what I call a "greenlist," and thus
might seem to disagree with my position completely.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail