I'm not sure if there's a white list of servers, but I found this list of compromised servers
here.
As long as you're careful, and don't download an update from anywhere but Electrum.org you'll be okay. The servers can't force an update on you, they only send a message telling you to download an update, and direct you to a download site other than Electrum.org.
Compromised servers:
[
'gregoire12.mldlab-works.space:50002:s',
'readonly.23734430190.pro:50002:s',
'wireless12.bitquantum.space:50002:s',
'superuser.23734430190.pro:50002:s',
'pacslinkip12.krypto-familar.fun:50002:s',
'topicres.imaginarycoin.info:50002:s',
'wlseuser12.bitcoinplug.website:50002:s',
'operatns.imaginarycoin.info:50002:s',
'superman.cryptoplayer.fun:50002:s',
'lucent01.23734430190.pro:50002:s',
'qtmhhttp12.mldlab-works.space:50002:s',
'plmimservice.bitcoinplug.website:50002:s',
'username.cryptoplayer.fun:50002:s',
'qlpinstall.krypto-familar.fun:50002:s',
'adminstat.imaginarycoin.info:50002:s',
'lessonuser2.cryptoplayer.fun:50002:s',
'utilities12.pebwindkraft.space:50002:s',
'openspirit.cryptoplayer.fun:50002:s',
'qautprof12.coinucopiaspace.xyz:50002:s',
'prodcics12.imaginarycoin.info:50002:s',
'vcoadmin.23734430190.pro:50002:s',
'siteminder.23734430190.pro:50002:s',
'videouser.bitcoinplug.website:50002:s',
'anonymous.bitcoinplug.website:50002:s',
'oraprobe.23734430190.pro:50002:s'
]