search

Greylisting

Greylisting is an email spam-filtering technique used by mail servers to reduce unsolicited email.

hashtag
How it works

  1. When a mail server receives an email from an unknown sender, it temporarily rejects it (with a “try again later” message).

  2. Legitimate mail servers are configured to retry delivery after a short delay (usually minutes).

  3. Many spam servers don’t retry, so their messages are never delivered.

  4. When the sender retries successfully, the server whitelists that sender for future messages.

hashtag
Why it’s effective

  • Simple and low-cost to implement

  • Blocks a large amount of automated spam

  • No content analysis needed

hashtag
Downsides

  • Delayed delivery for first-time senders (often 5–30 minutes)

  • Can cause issues with poorly configured mail servers

  • Not ideal for time-critical emails (e.g., one-time passwords)

hashtag
Common use cases

  • Corporate mail servers

  • ISPs and hosting providers

  • As a layer alongside SPF, DKIM, DMARC, and spam scoring

hashtag
The three things that are checked

  1. Sender IP address The IP of the sending mail server.

  2. MAIL FROM address The envelope sender (not the “From:” header you see in the email).

  3. RCPT TO address The recipient’s email address on your server.

PreviousUseful Window Tools for System AdminsNextAbout DNS

Last updated