What is greylisting?
Greylisting is a method of blocking spam at the mail server level based on the behavior of the sending mail server rather than the content of the messages.
Greylisting is based on the premise that, unlike well-behaved message transfer agents (MTAs), most spam agents will not attempt retries if they receive temporary failure codes for delivery attempts. A greylisting implementation will reject (i.e., block) delivery of email sent from a sender it's never dealt with before, and reply to that sender with a temporary failure code. This block stays active for a specified amount of time and then expires, and any email from the same agent sent before the expiration is also blocked. After the block expires, if the sending mail agent retries within a specified amount of time, the message is accepted for delivery. Those agents that don't retry within the allotted time can be labeled as spammers (i.e., blacklisted).
Greylisting is most effective as an enhancement to user-level spam blocking, such as the Spamhaus Block List (SBL), and content-based blocking, such as Indiana University's spam quarantine service.
For a detailed explanation of greylisting, see the white paper, The Next Step in the Spam Control War: Greylisting by Evan Harris.
This document is based on information gleaned from the above white paper and PureMagic Software's greylisting page.
Last modified on June 25, 2009.
