SpamAssassin works very well at detecting spam, but there is always a risk of false positives or false negatives. By using a list of email addresses that are known spam producers (a blacklist), email from spammers who use consistently use the same email addresses or domains can be filtered out. With a list of email addresses that are legitimate email senders (a whitelist), emails from regular or important correspondents are guaranteed to be filtered as ham. This prevents the delay or non-delivery of important emails that may otherwise be marked as spam.
Blacklists that list individual emails have limited use—spammers normally use different or random email addresses for each spam run. However, some spammers use the same domain for multiple runs. As SpamAssassin allows wildcards in its blacklisting, entire domains can be blacklisted. This is more useful for filtering out spam.
SpamAssassin uses a manual blacklist and whitelist, and also manages an automatic whitelist...