Some other products allow users to create their own "whitelists".
Praetor requires that all whitelist entries be added by the
administrator so requests from users can be screened accordingly.
The reason for this
decision is simple ---- today's viruses propagate themselves by creating
email with the sender being an address found in the local addressbook of
an infected PC. Thus a whitelist could be extremely dangerous because
any infected machine in your users' personal network of correspondents
would pass unfiltered if the forged sender address is on their personal
whitelist. This potential danger is magnified for whitelist of domains as
users may carelessly add public email domains such as yahoo.com, aol.com,
As a result, this
whitelist feature in other products actually creates a significant loophole for infections to penetrate into
a company's email system.
THE FUTURE OF
PRAETOR'S "PERSONAL WHITELIST" IMPLEMENTATION
To safely implement a
"personal whitelist" feature in Praetor, other protection mechanisms must exist
so vulnerabilities and loopholes do not exist. CMS is
currently studying how these protection mechanisms can be added and
fully expects implementation of a Praetor "personal whitelists" feature
later this year.