English 
Русский 
简体中文 
Português do Brasil 
Français 
Español 
Türkçe 
Polski 
Tiếng Việt 
한국어 
Nederlands 
Italiano 
日本語 
Eesti 
Čeština 
മലയാളം 
Bahasa Melayu 
हिन्दी 
اردو 
Bahasa Indonesia 
Safe WebGraymail is a term used in the context of computer security to describe emails that are neither specifically malicious nor expectedly normal. These emails may contain legitimate content, such as newsletters, that can contain links to malicious websites, or spam emails that contain malicious links or attachments that can lead to the spreading of malware and other threats.
The term graymail was first used by Symantec in 1997, when the company released a white paper describing new techniques of using spam filters to block command and control traffic from malicious networks. The term is derived from the fact that emails with what appears to be legitimate content present an ambiguous security risk, forcing organizations to decide whether or not to block them.
Graymail can be difficult to detect with traditional spam filters that focus on invalid email addresses or known malicious content. Filters that employ blacklist/whitelist rules or heuristic analysis can often detect graymail messages that have unique characteristics that separate them from normal emails.
Graymail is a problem for organizations that maintain email servers, which is why it is increasingly important to have algorithms and filters in place that can detect it. Additionally, organizations should provide users with education about phishing, malicious web links, and emails with unexpected attachments, in order to reduce the risk of downloading or executing malicious content.
