The concept and policy of the Spamhaus Whitelist is radically different to that of existing whitelists. The system is based on a policy of "Know Your User" and is a true whitelist, it does not contain mail servers used by third parties or bulk senders.
Spamhaus has approached the issue of whitelisting from the perspective of the receiver by asking what a listing on a whitelist should actually mean. To recipients, it should mean the sending server is trusted to never deliver spam. Clearly, we can trust certain mail servers, such as those of a major bank or airline, but how can we be sure that the customer outbound mail servers of a major ISP will not deliver spam? We can't, since spammers can sign up with an ISP at any moment, therefore we can not whitelist them.
The only way we can trust a server is where the server owner knows all of the server's users, thus the Spamhaus Whitelist is based on "Know Your User". Spamhaus Whitelist account holders must personally know or employ each sender that uses a whitelisted resource.
This rule automatically excludes from whitelisting all Email Service Providers, all ISP customer mail relays, and all mail servers used by third-parties. Note: For these generic mail servers Spamhaus has a separate list, not yet released, called the Mail Servers Register (MSR) a list of all known legitimate mail servers.
Following the concept of "Know Your User", the Spamhaus Whitelist is designed for transactional email such as from ecommerce systems, banks, automated billing and travel booking systems, and important mail such as from medical centers, known corporations, organizations and government agencies.
Of the existing whitelists (as at 2010) some exist to certify 'good' bulk email marketers to help improve email marketing delivery rates, some list ISP customer relays and ESP outbounds from which an amount of spam will always flow, some whitelist any sender that pays a registration fee regardless of reputation, and one or two bad examples exist simply as a means to monetize removals from the whitelist owner's blacklist.
Current whitelists suffer from a catch-22 usage problem; they are used by only a very small fraction of internet mail servers meaning that the benefit to senders of being on the whitelist is extremely slim, if not non-existent. What is the point of being on a whitelist if hardly anyone uses it? Spamhaus by contrast, with its DNSBLs already installed on over three quarters of the internet's mail servers, benefits from an existing userbase that can immediately begin to use the Spamhaus Whitelist.