Skip to main content
What is Greylisting

A greylisting is simply another way of protecting email users against potential spam attacks.

 

Here’s how it works. A mail transfer agent (MTA) will use a greylisting (or graylisting) to temporarily reject any email from a sender that it does not recognize. Think of it as a personal doorman. It does not let anyone get into your inbox that isn’t supposed too. To get past the doorman the sender has to take additional action. These actions can vary, from submitting a security code to trying again in 10 minutes – but If the email turns out to be from a real sender, and the content is legitimate, the server will then process the message again. Then, after a short delay, the message will finally be accepted. On the other hand, if the email is being sent by a potential spammer they will most likely not try to send again due to the overload of email addresses they have to process and the time it takes to deal with individual authentication requests.

In short a greylisting requires the sender to take an extra step to verify they aren’t a spammer. Think of it like an Autoresponder to prove that the sender is a real person.

 

The Process

When a message is sent from an unknown user, it will be held-up by greylisting and the server will report three important pieces of data called the “Triplet” for each held incoming message. The Triplet contains the Sender Server’s IP Address, the Message Envelope Sender, and the Message’s Envelope Recipient. At that point, the server will put in place a temporary block on the sender and implement the greylisting protocol. The sender will receive what seems like a bounce or an autoresponder with instructions on how to proceed. It is important to mention that the goal is to engage the sender to provide some sort of information validating they are a real human being instead of a spammer or email robot.

When the delay period is over and the message is sent again, the “Triplet” and the message is sent through the last few filters. All items in the cache have a 24 hour lifetime, which means that the senders who don’t send often may experience a delay more often.

What’s the Purpose of Greylisting?

Greylisting is very effective because most spammers won’t bother resending after a seemingly failed delivery, so in the end the spam message will never be delivered.

Greylisting is so effective due to the number of mass email tools used by spammers that most likely will not retry to send another email after the first delivery failure message. So the spam message never gets delivered to the inbox.

If the spammer does try to deliver the message again and waits to send after the expiration date, this will help any automated spam trap have a good chance of identifying the source of the spam and submitting it to a particular message in their database. With all of these attempts happening they are more likely to be detected as spam from others than they were before the greylisting delay process.

What to do if this happens to you?

Be sure to rely on Webbula’s cloudHygiene solution that offers the industry-leading approach of verification and multi-method email hygiene to safeguard your brand reputation and email resources. In order to protect yourself against a greylisting, it’s important to use a verification check, but it is even more important to recognize and identify the dangerous threats that could be hiding in your data. Webbula cloudHygiene is the solution you need to protect you against all email threats from bounces, typos, greylistings to spam traps, bots, moles and more.

To Learn more visit our Webbula cloudHygiene page

 

Be sure to check out these other informative Intelligent Reports:

Understanding Hard and Soft Bounces

What’s Hiding in Your Email?

• How to Prevent Web Form Fraud