Greylisting: a High-Level Overview

Greylisting is a method used by a receiving mail server to prevent spam from entering its network. It does this by rejecting incoming messages on their first attempt. Since the typical email systems employed by spammers are not programmed or set up to try again later, their messages never get delivered. Normal internet mail servers, however, are configured to “try again later”, many times if necessary. And when they do try again later, the recipient’s mail server lets them through on the second try. So basically, the recipient’s mail server makes the assumption that if the sending mail server makes a second attempt on any previously failed message, it is less likely to be spam.

Now that is just a very high level definition. What really happens is a little more technical. I will explore this in more detail in following posts and also describe the logic in Hurricane Server that is used to manage greylistings and optimize delivery of messages to domains that greylist.