Even the best anti-spam solutions accidentally block legitimate email your customers want to receive in their inbox. Use the certification program DNS server just like a blacklist server to eliminate false positives. This method is simple to implement and does not require any additional hardware or software. The certification whitelists work with all common email gateways (MTA’s) and anti-spam solutions.

Certification support is native within the code of many branded receiving and filtering mail applications.  If not, the DNS lists are easy to implement because they use the same DNS query syntax as other DNSBL and DNSWL.  The only thing to remember is the DNSBL is a block instruction; and the DNSWL is the inverse, a pass instruction.

Both are whitelists, but because they have different origins and different pedigree, senders on one list are not necessarily on the other.  Query both for inbox placement as both are whitelists for only legitimate permission based senders. 

Regarding special rules, look at businesses on the Safe list as legitimate business enterprises that follow best practices and use well configured, authenticated servers.  Use the Certified list as a way to provide special treatment for the senders that measure up to the very best standards, and provide these senders with the privilege of turning gif’s and images on.

A receiver’s application simply performs an “a” record lookup (DNS Query) on the IP address in question and using rules based logic, then passes the message(s) “upstream” with an instruction to either whitelist and deliver the message to the inbox, or blacklist instructing the message to be blocked by either bouncing the message or placing it in the bulk folder.

Both the Safe list and the Certified list may be queried openly across public DNS.