How does greylisting work?

When a message arrives the provider checks the sending IP the envelope from and the recipient address. If it has not seen this exact combination before it issues a temporary 4xx deferral such as a 451 Try again later according to RFC 5321.

Legitimate MTAs retry as required by SMTP standards. When the retry arrives the provider accepts it. Many simple spam engines never retry which makes greylisting an effective lightweight filter.

It is a simple but powerful way to confirm that the sender is a real vessel and not a one time spam engine.