It's generally better (i.e. faster, simpler and safer) to whitelist. If you've got forum.example.com, sitefiles.example.com, and the occasional visitor typing in plain example.com without leading www, then just redirect the ones whose original request is exactly equal to
rather than putting the computer through the extra loop of "not www.example.com BUT ALSO NOT sitefiles.example.com AND ALSO NOT forum.example.com".
And, of course, make sure all your internal links are in the desired form in the first place.