Version 14 of NoSpamProxy brought a lot of changes: The cloud-based reputation system 32Guards, the NoSpamProxy Web App with more powerful message tracking or the support of S/MIME 4 are just a few examples of how the development team at Net at Work is continuously working on improving NoSpamProxy.
At NoSpamProxy, we are driven above all by the desire to offer our customers a pleasant user experience and to incorporate the latest technical developments and capabilities into our products. Change is the keyword and guiding principle here: Especially in the area of IT security, you quickly fall behind if you don’t change and adapt technologies to the current conditions.
Unfortunately, change in the development of software is sometimes not triggered by the striving for ever better technologies, but by tragic events that at first glance have nothing to do with software. In such cases, it is only through these tragic events that it becomes clear that views previously taken for granted need to be questioned and changes made.
Racism is a virus too
The death of George Floyd by police violence in 2020 brought the Black Lives Matter (BLM) movement, founded in 2013, to the attention of the whole world. However, BLM had already been extremely active before and had repeatedly organised significant protests and demonstrations. The corresponding hashtag was omnipresent in social media.
Nevertheless, the George Floyd case changed something: BLM now exerted increased pressure – among others also on the technology companies of the so-called Silicon Valley. Instead of only addressing the extreme excesses of racism in the form of violence, structural or generally everyday racism, BLM made many people aware for the first time that racism can hide everywhere. And it was precisely this virus of racism that was now to be tackled.
Can an algorithm become racist?
As the film Coded Bias makes clear, an algorithm and the artificial intelligence (AI) based on it can very quickly become racist if biased data sets are used to train it. And this is exactly what happens in the vast majority of cases.
If the AI is fed almost exclusively with image files of white faces, the algorithm will not recognise a black face later. But if the coloured protagonist of the film slides a white plastic mask over her face, the software works very well. Just one example, but one with serious significance: image recognition software is now used worldwide. So what impact does it have if the software used only recognises white people as human beings?
Master and slave are also problematic
But racism can start even before that, for example in the naming of software functions – companies such as Apple, Google and GitHub, to name just a few, also recognised this. Sensitised by BLM’s influence and pressured by increased attention from the general public, initiatives to remove discriminatory terms from internal, development-related language proliferated. The best-known examples of this are the names “master” and “slave” for the main and subsidiary branches of repositories, and “blacklist” and “whitelist”.
Alternatives to blacklist and whitelist are easy to find
The blacklist represents sites that are considered dangerous and should be blocked. So why not use the term blocklist instead of blacklist? Because – some people argue – this is splitting hairs and the colour black is not in itself assessable. Perhaps the term comes from the fact that the night is black and all kinds of illegal things can be done in the dark.
However, it is not quite that simple, as linguist Susan Arndt explains: “In order to build a system of enslavement, you needed a narrative about why it was okay. At that moment, you invented different races and adopted Christian colour symbolism to distinguish between good and evil.”
It is terms like blacklist and whitelist that are critical here, as they are not only used by developers, but also by users of the software. They are even frequently used in common language: “Code is primarily only accessible to the programmer and therefore only affects the programmer’s reality at first. However, there are many commonly used terms […] that should be particularly avoided, as they are frequently used, at least within the industry.”
A small effort, a big effect
For us at NoSpamProxy, it was a manageable effort to rename the Blacklist to Blocklist and the Whitelist to Allowlist. A small but important step to enable non-discriminatory speech in NoSpamProxy. We have also renamed the Domain Whitelist and the NoSpamProxy Whitelist: These are now called Domain Allow List and Curated list of allowed domains respectively. On the provider side, the CSA whitelist has been renamed to CSA Certified IP List, so we have also adapted the name here.
Blocklists and Allowlists in NoSpamProxy
In NoSpamProxy, there are different types of blocklists and allowlists that help you protect yourself from unwanted emails and threats:
Realtime blocklists
The Realtime blocklists are a filter that you can configure within a rule. This filter checks whether a certain address entry is present in one of the realtime block lists, whereby you can select several different block lists. Since even the best lists can have false positives, you should always use several lists here.
Spam URI Realtime Blocklists
Spam URI Realtime Blocklists manage lists of suspicious spam URLs. Via the Internet, it is possible to check whether or not a URL is present in this list. The Spam URI Realtime Blocklists filter analyses links in emails and PDF documents and checks whether a corresponding entry is present in these lists.
CSA Certified IP List
The CSA Certified IP List is a list in which a supervisory body monitors the legality of the newsletters sent out. This means that newsletters from senders who are on the CSA Certified IP List can be delivered safely.
If the sender of a received email is on the CSA Certified IP List, the CSA Certified IP List assigns negative SCL points (Spam Confidence Level).
Manually created blocklists
Under certain circumstances, it is best to block certain senders temporarily or even permanently. Especially if you have received contaminated emails from one of your partners, we recommend blocking the affected email addresses. You can find out how to reject emails from unwanted senders with the help of a blocklist in our documentation.
Manually created allowlists
Creating an allowlist can be useful if you want to ensure that emails from certain senders are delivered. One conceivable scenario is false positives from one of your partners, i.e. emails that were wrongly assessed as dangerous and are now blocked.
Not yet using NoSpamProxy?
With NoSpamProxy you can reliably protect your company from cyber attacks. Request your free trial version now!