Spam has become a significant drain on time and resources, especially the fact that old measures keep getting out-witted by spammers, continually requiring spam measures to be re-thought

Greylisting is a very exciting solution, in that it is extremely effective right now, and as spammers move to allow for it, it will still be very effective.

Greylisting is a technique where incoming emails from unknown sources are delayed for a short period before it's passed on to the recipient. As external servers request an email to be delivered, the greylisting server says "not right now, please try in a short while". When the external server tries again after a set period of time, the email is allowed through.

The reason that this works to fight spam is that spam software doesn't try to resend the emails that are delayed, it simply drops them, but ALL proper mail servers MUST retry to send emails that are delayed. It's part of the protocol, the vast majority of all servers support it.

Now, spammers will wise up and try to re-send spam after a set amount of time to circumvent greylisting. But by the time that the greylist delay has expired, the IP numbers of their servers will have been black listed by external blacklists!

This means that greylisting has the potential of becoming a permanent solution to spam.

Greylisting is very lightweight and doesn't slow down the mail process.

Greylisting has the added advantage that it saves bandwidth, because the server never receives spam that it rejects, wheras most other solutions download the spam to verify if it's spam or not.

Some email servers may not be properly configured to resend emails properly, in such situations, emails may be lost. This is very rare though. Specifically, the following (outdated) SMTP servers have been reported to have issues; Novell Groupwise 6.0, InterMail 4.0, ISMail.

You can read more about greylisting here: http://projects.puremagic.com/greylisting/whitepaper.html.