Do Safe Sender Lists Help?


You have probably noticed that bulk mail senders often include instructions to add their message to your Safe Senders List in order to bypass future checks. Is this a good idea? Well no, unfortunately..

First of all, for a mail sender to do this, they obviously do not trust their own ability to craft an email so that it will be clearly differentiated as non-spam by most if not all mail servers.

Second, it has a number of problems. For example, if a spammer masquerades with this sending address, (and there is nothing to stop them in the emailing protocol because such spoofing is allowed), the resulting spam will just sail through all your checks, depositing its toxic contents in your inbox. This led Microsoft to remove the possibility of adding a whole domain to the Safe Senders List in Exchange 2010, restricting it to individual addresses only.

Even if a spammer does not spoof the address, you are basically saying to the mail sender that you will trust everything they send in future. No mail sender can guarantee the sanctity of all future email and it is all too common that a toxic link gets unwittingly included in an otherwise genuine bulk mail from a genuine sender.

SendForensics never uses Safe Sender techniques. Instead, every email is subjected to full forensic analysis to mirror the current state of the rapidly changing internet threat landscape. That way deliverability remains a controllable objective measurement rather than an uncontrollable leap of faith.