Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Greylisting – Another tool in the war against spam

A client turned me on to a relatively new, and effective, anti-spam tool.

Become a Patron of Ask Leo! and go ad-free!


We all know that spam’s a huge problem. I know I certainly get more spam
than real mail, though with various spam filters on my server and rules in my
email client I’m able to weed most of it out. I do have the occasional false
positive, but for that reason I actually archive every email I get, including
the spam, on my mail server, just in case.

A client pointed me at something called “greylisting”, which I recently
implemented on his mail server. As the name implies, it’s logically somewhere
between whitelisting and blacklisting.

Whitelisting implies specifying who is allowed to send you email, and
blacklisting just the opposite. Greylisting requires the sender to prove that
they’re a relatively well-behaved mail server, in at least one respect, before
mail is accepted.

When a mail server is asked to accept a piece of email for delivery, the
mail protocol allows it to respond with the equivalent of “not now, I’m too
busy”. The sender is then supposed to wait some amount of time, and attempt to
send the mail again. Many spambots don’t bother retrying. If the mail can’t be
sent, the bot simply moves on to it’s next potential victim.

Greylisting maintains a database of who’s attempted to send mail. Typically
the To, From and IP addresses of each email are tracked. The first time a
unique combination of To, From and IP are found, the server responds with “I’m
too busy”. When the sender retries later, greylisting notices that they’re
already in the database, and allows the mail through. And the tracking is
cumulative: within limits, once a To/From/IP combination has proven itself
valid, it is no longer subject to the greylisting delay.

My client reports a 90% reduction in spam. That’s pretty significant.

My concerns with the technique were twofold: there are known valid email
agents that do not handle the “I’m too busy” status properly, and will bounce
the email back to the sender instead of retying. Those seem to be few, however.
And, as the technique grows in popularity, it seems likely that spammers will
counter with smarter spambots that behave properly.

Until then, however, greylisting seems to be an effective technique.
Remember, though, it’s not something you can use on your mail client, it’s a
mail server technique. You can find out more at

I’d love to hear from you. This is article 9461 – to leave a comment, go to, enter 9461 in the go to article number box, and add your comments to the discussion.

This is a presentation of, a free on-line technical question and answer service. Hundreds of technical questions and their answers are posted online and ready to help solve your computer problems. * New questions and answers are added daily.


Subscribe to Confident Computing! Tech problem solving & safety tips & a weekly confidence boost in your inbox every week.

I'll see you there!

10 Reasons Your Computer is Slow

Slow Computer?

Speed up with my special report: 10 Reasons Your Computer is Slow, now updated for Windows 10.

NOW: name your own price! You decide how much to pay -- and yes, that means you can get this report completely free if you so choose. Get your copy now!

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.