Often administrators white-list their own domain in an attempt to
prevent their own messages from getting stuck as junk. Additionally,
some administrators white-list common domain names like Yahoo.com,
Verizon.net, Hotmail.com and others. Although you can easily white-list a domain to allow certain emails get through the spam filter, we highly recommend you do not white list an entire domain.
Sender forgery in emails is very common. Therefore, when you white-list a domain you will inadvertently allow every spam message that has its sender forged. This article discusses a better approach to tackle this problem.
Rather than white-listing a domain, check if that domain publishes their SPF record. For argument sake, we take verizon.net as an example.
Step 1: Check if verizon.net publishes their SPF record. This is done by submitting the following command from a console window (DOS prompt) on Windows. Similar command can be submitted from a Terminal window in Linux.
nslookup -querytype=txt verizon.net
The following screen shot shows the result.
Step 2: Since verizon.net publishes their SPF record, you can add it as a trusted domain. Trusted domains are only applied if the SPF test passes where as white-listing a domain does not care about SPF records.
Following steps show how to add verizon.net as a trusted domain.
Log in as admin
Select Sender Policy Framework under Filter Management.
Click the link for Manage Trusted Domains
Add verizon.net as a domain
What if an SPF record is not available?
If the domain in question belongs to you, we strongly recommend adding an SPF record in your DNS server and then use a mechanism specified above to add that domain as trusted.
We only recommend white-listing a domain if you do not expect some spammer to forge their domain name.
Add a comment to this document
Do you have a helpful tip related to this document that you'd like to share
with other users? Please add it below. Your name and tip will appear at the
end of the document text.