Skip to main content

logo email instellen nl

What is greylisting?

Greylisting is an effective way to stop spam mail. Every mail that comes in to the mail server is checked and then determined whether the sender is trustworthy or not to make a trade-off whether to mark the mail as spam or not. Often mails with a correct SPF record and many major mail providers automatically whitelist.

If your hoster uses whitelisting and blacklisting then probably greylisting will also be active. To understand this concept properly, I will explain.

A mail sent from an outgoing mail server arrives at an incoming mail server. But before this actually happens, the outgoing mail server will introduce itself to the incoming mail server, a kind of 'handshake'. Also, the outgoing mail server will introduce itself and indicate that it has an e-mail, how big that mail message is, whether there is an attachment and who the sender (e-mail address) is.

The incoming mail server processes the data and decides what to do with the mail:

  • If the incoming mail server is blacklisted, the mail will be rejected.
  • If the incoming mail server is on the whitelist, that mail server is trusted and the mail will be further checked for spam characteristics. So this is often the case for large mail providers like Microsoft, Google, Apple etc.
  • Greylisting is in between. If the outgoing mail server is not on either list, it will be seen as an unknown server. The incoming mail server will now check if the sender of the mail matches the name of the mail server. If they do not match, the mail is temporarily placed on the greylist.

After that, the incoming mail server sends a message back to the outgoing mail server that the mail could not be delivered.

A healthy (and valid) mail server that gets this message will keep it and after some time (half an hour) make another attempt to see if the mail can be delivered then. This is standard in the entire mail protocol, also because a receiving mail server may be temporarily full, have a failure, or something similar.

A server that sends spam has no time and capacity at all to store those messages and mail them again later, it only wants one thing: to deliver as much mail as possible, one after the other. Keeping track of rejected mail will otherwise end up in a queue which will then fill up quickly, and a server set up to spam does not want that.

In this way, healthy and unhealthy mail servers are separated. The healthy mail server will (fully automatically) make a second attempt and then the incoming mail server will recognise it and let the mail in after all.