Hmmmmm, the spam list downside is a non starter for me.
It sounds like you've invented a captcha for email. If that ever took off and became widely used, it would be rather easy for the spammers to write a script to comply with the scheme. Followed of course by the usual escalation to adding an image-based captcha, and then efforts to beat the captcha, and so on.
As an aside, you could do it entirely in email as well by sending a response that requires a specific reply to join the whitelist. That is you could eliminate the webserver and the mildly-questionable-looking URL.
It sounds like you've invented a captcha for email. If that ever took off and became widely used, it would be rather easy for the spammers to write a script to comply with the scheme. Followed of course by the usual escalation to adding an image-based captcha, and then efforts to beat the captcha, and so on.
As an aside, you could do it entirely in email as well by sending a response that requires a specific reply to join the whitelist. That is you could eliminate the webserver and the mildly-questionable-looking URL.