Home
>
Spam Blocking
>
How Spammers Fool Whitelists - And How to Stop Them

How Spammers Fool Whitelists - And How to Stop Them

Effectively stopping spam over the long-term requires much more than blocking individual IP addresses and creating rules based on keywords that spammers typically use. The increasing sophistication of spam tools coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety and volume of spam. The old ways of blocking the bad guys just don't work anymore.

Examining spam and spam-blocking technology can illuminate how this evolution is taking place and what can be done to combat spam and reclaim e-mail as the efficient, effective communication tool it was intended to be.

One method used to combat spam is whitelisting. Whitelists are databases of trusted email sources. The list may contain specific email addresses, IP addresses or trusted domains. Emails received from a whitelisted source are allowed to pass through the system to the user's email box. The list is built when users and email administrators manually add trusted sources to the whitelist. Once built, the catch-rate for spam can be close to 100%, however, whitelists produce an inordinate number of false positives.

It is virtually impossible to produce an exhaustive list of all possible legitimate email senders because legitimate email can come from any number of sources. To get around this difficulty, some organizations have instituted a challenge-response methodology. When an unknown sender sends an email to a user's account, the system automatically sends a challenge back to the sender. Some challenge-response systems require the sender to read and decipher an image containing letters and numbers. The image is designed to be unreadable by a machine, but easily recognizable by a human. Spammers would not spend the time required to go through a large number of challenge-response emails, so they drop the address and move on to those users who don't use such a system.

Whitelists are only partially successful and impractical for many users. For example, problems can arise when users register for online newsletters, order products online or register for online services. If the user does not remember to add the new email source to their whitelist, or if the domain or IP address is entered incorrectly, the communication will fail. Additionally, whitelists impose barriers to legitimate email communication and are viewed by some as just plain rude.

Whitelists are not widely used by email users and administrators as a primary tool to fight spam because of the high number of false positives, and the difficulties in creating a comprehensive list of email sources. Because whitelists are not widely used, spammers typically do not develop countermeasures. As with other spam fighting techniques, whitelists are most effective when used in conjunction with other anti-spam tools.

The Solution

When used individually, each anti-spam technique has been systematically overcome by spammers. Grandiose plans to rid the world of spam, such as charging a penny for each e-mail received or forcing servers to solve mathematical problems before delivering e-mail, have been proposed with few results. These schemes are not realistic and would require a large percentage of the population to adopt the same anti-spam method in order to be effective. You can learn more about the fight against spam by visiting our website at www.ciphertrust.com and downloading our whitepapers.

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company's flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting enterprise anti spam solution today.

shuttle from O'Hare Bingham .. Lockport Chicago limo O’Hare

In The News:

Attackers use caller ID spoofing and AI voices to steal money. Tech expert Kurt “CyberGuy" Knutsson provides seven ways to protect yourself.

Tech expert Kurt “CyberGuy" Knutsson talks about the Genesis GV60 MIV, an electric rescue EV with snow tracks for extreme missions.

Tech expert Kurt “CyberGuy" Knutsson helps you ensure a smooth online experience with a reliable, secure home network setup.

Kurt “CyberGuy" Knutsson talks about Vollebak’s Shielding Suit, which blocks EM radiation, infrared and tracking for privacy.

Even Apple products are vulnerable to cybercriminals, and a new report suggests the owners of Mac products will have to be more vigilant this year.

An inflatable six-person tiny house from a firm called 2001 looks like a space station with its inflatable dome that is transportable and eco-friendly.

Scams cost Americans an estimated $159 billion every year and average about $3,500 in losses per victim. The CyberGuy has advice to protect yourself.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents

Zeekr and Waymo are joining forces for the world's first mass-produced autonomous vehicle, combining an electric vehicle with self-driving technology.

A humanoid robot training center has opened in Shanghai, a big step in China's efforts to become a global leader in robotics and artificial intelligence.

Security experts have discovered that hackers are targeting apps on the App Store to spread malware that steals information from saved screenshots.

A new luxury SUV combines military-inspired design and high-end luxury transportation and includes two military-grade gas masks to protect against chemical warfare.

80% of stalking victims are tracked using tech. GPS trackers, like AirTags, are among the most popular ways to do it. Here's how to protect yourself.

Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future.

Kurt "CyberGuy" Knutsson explains how to protect yourself against artificial intelligence-fueled romance scams, which have become the most common type of fraud in 2025.

Kurt "CyberGuy" Knutsson explains the steps to declutter text messages on a Mac or iPad. Apple offers ways to do this more efficiently.

Here's how to take control of the algorithms on Facebook, YouTube, Instagram and TikTok if your social media feeds aren't showing you content you want to see.

Beware of iCloud scams using urgent messages. Tech expert Kurt “CyberGuy" Knutsson helps you spot the red flags to protect yourself.

Travel abroad worry-free with these top translation apps for travelers. Tech expert Kurt “CyberGuy" Knutsson highlights some favorites.

The European Space Agency's Euclid space telescope was going through preliminary tests in September 2023 when it captured images of an Einstein Ring in a nearby galaxy.

Tech expert Kurt “CyberGuy" Knutsson says hackers are using Microsoft Teams for phishing, vishing and quishing via social engineering.

Red light camera tickets: Not liable to ID the driver; some are fishing expeditions. Tech expert Kurt “CyberGuy" Knutsson helps you fight back against tricky fake tickets.

The apps collecting the most data about you are among the most widely used. Kurt the CyberGuy takes a look at 20 of these apps and how you can protect personal information.

AST SpaceMobile of Texas is developing the world's first global cellular broadband network that can connect directly to your smartphone without special equipment.

Community Health Center, a Connecticut-based healthcare provider, has disclosed a recent data breach affecting over 1 million people in the U.S.

How Spammers Fool Whitelists - And How to Stop Them

Spam Blocking