Graymail is a type of email message that is sent by a legitimate sender to a large number of recipients. The recipients originally chose to receive the emails, often signing up the newsletters or advertisements, however they now are uninterested in receiving them. As these emails were once solicited and come from legitimate senders, they are not deemed as spam emails.

Graylisting is a way of defending email users against spam emails. It involves temporarily blocking inbound emails from senders the server does not recognize and requesting that the sender tries again later. As spammers typically have thousands of email addresses to target, it is unlikely they will attempt to resend the email. If no attempt to resend the email is made, the original email will never be delivered to the recipient.

Although graymail is not typically malicious by nature (in comparison with spam emails which are more commonly used by cyber criminals), a threat actor could potentially hijack a legitimate organization and continue ongoing graymail campaigns while including malicious links in the hope that an unsuspecting recipient will click it.

Darktrace / EMAIL is able to intelligently manage customer mailboxes a by removing emails that have been tagged as “graymail” from user inboxes, reducing the amount of clutter and improving productivity.

Download: Darktrace / EMAIL Solution Brief

Discover the most advanced cloud-native AI email security solution to protect your domain and brand while preventing phishing, novel social engineering, business email compromise, account takeover, and data loss.

• Gain up to 13 days of earlier threat detection and maximize ROI on your current email security
• Experience 20-25% more threat blocking power with Darktrace / EMAIL
• Stop the 58% of threats bypassing traditional email security

‍

‍