• Looks at triplets of IP delivering the message, sender and recipient address.
• If the triplet is not recognized then report a temporary delivery failure.
• If they try again at a later time then allow the delivery.

The thesis of greylisting is spam bots are designed to "fire and forget," which means they will never attempt a second delivery. Legitimate mail systems will do so. Although if a spammer hijacks an unsecured relay then this technique won't help (though the relay can be banned.)

Issues

• Badly built SMTP relays might not try to re-send messages.
• Some large mail senders may have multiple senders and so will attempt delivery from different IP addresses; if this causes too many failures the mail will simply bounce.