50 shades of spam: Why you need to know about email greylisting
With the unrelenting efforts of spammers, ISPs and anti-spam organizations must be constantly on high-alert, adapting to the latest spammy methods and ready to catch them out.
But these valiant spam police are not perfect.
Even when legit senders send out tip-top content to consenting subscribers, valid emails can still sometimes get caught by spam filters. Email greylisting was created to help counteract this (while still keeping out nasty spammers).
So, if your email bounces and you see it has been greylisted, don't panic! You do not need to do anything, however, understanding why this happens and when can help you with overall deliverability.
In this article, we’ll share what greylisting is and how it works so you can be fully informed about the health of your sendings.
What is greylisting?
We’ve shared how you can avoid and get removed from blocklists. We’ve also talked about how to get whitelisted. You’ll be happy to know that greylisting doesn’t require any lengthy process to get delisted. It’s actually a pretty simple concept that works really well to protect subscribers from spam while also counteracting the problem of legitimate emails being blocked.
Greylisting is when a greylist server automatically filters out suspicious emails from unknown senders. When it does this, it sends back a message to the sending server to say that the message has been temporarily rejected and they can retry sending the email again in a specified timeframe.
This helps to filter out spammers because legitimate mail servers will receive and analyze this message and follow the instructions to attempt the delivery again. When they do so, their message will be delivered. On the other hand, spam servers won’t do this so their message will simply never be delivered.
What’s also cool about this is, once your email has been delivered and removed from the greylist, it will also be whitelisted. This means that any future emails will also be delivered straight away, as you’ll be recognized as a known sender.
How greylisting works
Now we have a general idea of email greylisting, let’s take a look at the more technical details of how it works.
1. The first step involves the sending of the email. The user sends their message to the sending mail server via a Mail Transfer Agent or MTA (think Apple Mail, Gmail or Microsoft Outlook).
2. The sending mail server then forwards the sender address “MAIL FROM”, the recipient address “RCPT TO”, and the sending server’s IP address to the receiving server. This information is known as “envelope data” and is delivered to the receiving server before the email message is.
3. The envelope data is analyzed and, if it is a first-time sender, it will be added to the greylist. In response, the sending server will receive an SMTP error code and instructions to try sending the email again within a certain timeframe.
4. If the sender is sending their message from a legitimate and RFC compliant server, it will follow the instructions of the error message and attempt to deliver the email again. This time, when the receiving mail server gets the incoming email, the envelope data will be checked against the greylist— where it will be found—and then delivered to the recipient. Woohoo!
In most cases, spam servers will not follow the instructions from the error message, so the email will simply never be delivered. And this is how greylisting works to protect subscribers from spam emails!
Why emails get greylisted
Sometimes the error messages sent back from the receiving server will contain information about its requirements. If you have access to these logs, you may be able to find out why your emails are being greylisted.
In most cases, however, emails are greylisted because of a low sender reputation or an incorrectly set up IP address.
Your sender reputation indicates whether your sending record is good or bad—factors such as low open rates and increased spam complaints can negatively affect it. The lower your sender reputation, the more likely Internet Service Providers (ISPs) are to rate-limit your IP, greylist you or block you.
An incorrectly configured sending IP address will be detected by ISPs and greylisted—if you’re unlucky, it could also be blocked entirely. To avoid this, you need to ensure that your sending IP address has a Fully Qualified Domain Name (FQDN) that resolves to it, along with a correctly configured reverse DNS record.
Do you need to check if your email has been greylisted?
The short answer is no! Greylisting works in a way that resolves itself—that’s what makes it so effective. If you are a legitimate sender, your server will already be configured to comply with the recipient server’s request to resend the message again. If not, well then the greylist is doing its job. 😉
It’s more important to ensure that your sending server is correctly configured and that you’re following sending best practices to improve and maintain your sender reputation. This way, you’ll lower the chances of being greylisted and improve your overall deliverability.
Greylisting vs. blocklisting
Sending IPs are only greylisted temporarily. If you’re a legitimate sender, and follow the error message instructions, your message will be delivered and you’ll then be removed from the greylist.
On the other hand, blocklists are more or less permanent. Once you’ve been placed on a blocklist, it doesn’t matter how many attempts you make to re-deliver the message, it won’t be allowed through. The only course of action is to take steps to be removed from the blocklist. This requires you to resolve the issues that landed you there in the first place and then apply to be removed (in some cases, this is done automatically when the issues are resolved).
If you'd like to know more about this, check out our guide on email blocklist removal.
Check if you’re on an email blocklist
Use MailerCheck’s email insights feature to check your blocklist status and get additional insights about your email content and spam score.
What is anti-greylisting?
Now we’re up to speed on greylisting, let’s talk about anti-greylisting. Each greylisting server is configured to hold the sender on the greylist for a specific amount of time, usually 1-30 minutes (15 minutes is the default).
In order to minimize the number of rejections, some sending email servers use anti-greylisting technology. This increases the period of time between sending attempts, signaling to the receiving mail server that the sending server is well configured and a legitimate sender.
This results in greylisting delays but will reduce the number of error messages received, and makes your sending more efficient.
Greylisting is good!
Servers that use greylists do a great job of stopping spam in its tracks while making it easy for legitimate senders to get their emails delivered. Although email greylists work automatically, understanding how they work is essential for optimally maintaining your sending ecosystem. Just be sure to continuously work on improving and preserving your email deliverability and sender reputation!
Do you have any experience with email greylisting? Share your insights in the comments below!