Graymail is a type of email message that is sent by a legitimate sender to a large number of recipients. The recipients originally chose to receive the emails, often signing up the newsletters or advertisements, however they now are uninterested in receiving them. As these emails were once solicited and come from legitimate senders, they are not deemed as spam emails.
What is graylisting?
Graylisting is a way of defending email users against spam emails. It involves temporarily blocking inbound emails from senders the server does not recognize and requesting that the sender tries again later. As spammers typically have thousands of email addresses to target, it is unlikely they will attempt to resend the email. If no attempt to resend the email is made, the original email will never be delivered to the recipient.
Is graymail dangerous?
Although graymail is not typically malicious by nature (in comparison with spam emails which are more commonly used by cyber criminals), a threat actor could potentially hijack a legitimate organization and continue ongoing graymail campaigns while including malicious links in the hope that an unsuspecting recipient will click it.
How does Darktrace/Email help with graymail?
Darktrace/Email is able to intelligently manage customer mailboxes a by removing emails that have been tagged as “graymail” from user inboxes, reducing the amount of clutter and improving productivity.