While the email addresses in the message envelope must match exactly, the IP address of the SMTP client is a less specific match: any IP address on the /24 network will match.

For example, if an email server at 192.168.1.99 is known to the greylist scanner, its greylist entry contains the IP address 192.168.1.0 where 0 indicates that any value will match the last octet, and that any IP address starting with 192.168.1 will match that entry.

This greylist IP address matching mechanism restricts the number of IP addresses which can match the greylist entry while also minimizing potential issues with email server farms. Some large organizations use many email servers with IP addresses in the same class C subnet. If the first attempt to deliver email receives a temporary failure response, the second attempt may come from an email server with a different IP address. If an exact match were required, the greylist scanner would treat the second delivery attempt as a new delivery attempt unrelated to the first. Depending on the configuration of the email servers, the email message might never be delivered properly. Approximate IP address matching often prevents this problem.

For very large email server farms that require greater than a /24 subnet, you can manually create greylist exemptions. For more information, see “Manual greylist entries”.