When the mail server accepts a connection from a mail transfer agent (MTA) the server takes note of the mail server's:
These three items are refered to as a triple. If the server has seen this triple before (more than 5 minutes ago in our case) it accepts the mail. If the server has no record of a successful delivery of this triple or it has been less that 5 minutes since it has seen it, the server sends the sending MTA a TEMPFAIL (temporary failure try again later).Graylisting why it works.
Spammers (senders of bulk unsolicited email) operate by sending large quantities of email, and generally have a large quantity of bogus addresses. A result of this is that the spammers cannot afford to implement all of the delivery assurance methods legitimate mailers can (resending on a temporary failure).
Part of the beauty of how graylisting works is that to counter it the spammers will have to take on additional overhead processing mail and remove bogus addresses from their mailling lists.
The downside of graylisting.
Graylisting causes a small delay on sending/receiving mail that it hasn't seen before. This delay is dependent on the resend settings of the senders MTA and is a minimum of 5 minutes. Also some senders use email transfer agents that don't cooperate well with TEMPFAIL conditions. As these mailers are found we add them to a list of exempt mailers.User options
Users may choose to opt out of graylisting by completing a help request form at http://www.nscee.edu/QandA/form.html or may use the same form to report a problem receiving mail from a site.