Skip to main content

Blacklist

In computing, a blacklist or block list is a basic access control mechanism that allows through all elements (email addresses, users, URLs, etc.), except those explicitly mentioned. Those items on the list are denied access. The opposite is a whitelist, which means only items on the list are let through whatever gate is being used. A greylist contains items that are temporarily blocked (or temporarily allowed) until an additional step is performed.

For example, a company might prevent a list of software from running on its network or a school might prevent a list of web sites from being accesses on its computers.

Information systems

The opposite of whitelisting, blacklisting allows everything to run unless it is on a predetermined "blacklist." A blacklist includes certain types of software that are not allowed to run in the company environment. For example, a company might blacklist peer to peer file sharing on its systems. In addition to software, people, devices and Web sites can also be blacklisted. 

Email

Most email providers have a anti-spam feature that essentially blacklists certain email addresses if they are deemed unwanted. How this happens is when a successful phishing attack (from an address that is forged from reliable accounts to try to recover personal information) is executed, then the email device deems the address to be spam, and proceeds to blacklist the address.

In addition to private email blacklists, there are lists that are kept for public use, examples are

  • China Anti-Spam Alliance 
  • Fabel Spamsources 
  • Spam and Open Relay Blocking System
  • The DrMX Project

Examples

  • Companies like Google, Symantec and Sucuri keep internal blacklists of sites known to have malware and they display a warning before allowing the user to click them.
  • Content-control software such as DansGuardian and SquidGuard may work with a blacklist in order to block URLs of sites deemed inappropriate for a work or educational environment.
  • An e-mail spam filter may keep a blacklist of addresses, any mail from which would be prevented from reaching its intended destination. A popular technique for implementing blacklists is DNS blacklisting (DNSBL).
  • A firewall or IDS may also use a blacklist to block known hostile IP addresses and/or networks. An example for such a list would be the OpenBL project.
  • Many copy protection schemes include software blacklisting.
  • Members of online auction sites may add other members to a personal blacklist. This means that they cannot bid on or ask questions about your auctions, nor can they use a "buy it now" function on your items.
  • Yet another form of list is the yellow list which is a list of email server IP addresses that send mostly good email but do send some spam. Examples include Yahoo, Hotmail, and Gmail. A yellow listed server is a server that should never be accidentally blacklisted. The yellow list is checked first and if listed then black list tests are ignored.
  • In Linux modprobe, the blacklist modulename entry in a modprobe configuration file indicates that all of the particular module's internal aliases are to be ignored. There are cases where two or more modules both support the same devices, or a module invalidly claims to support a device.
  • Many web browsers have the ability to consult anti-phishing blacklists in order to warn users who unwittingly aim to visit a fraudulent website.
  • Many peer-to-peer file sharing programs support blacklists that block access from sites known to be owned by companies enforcing copyright. An example is the Bluetack blocklist set.

Source: Wikipedia