Graymail is bulk email that does not fit the definition of spam because it is solicited, comes from a legitimate source, and has varying value to different recipients. Examples of graymail can be periodic newsletters, announcements, or advertisements targeted for a recipient’s specific interests. Graymail recipients have previously “opted in,” either knowingly or unknowingly, to receive this type of mail, although the value of the mailing may have decreased over time.
How Does Graymail Differ from Spam?
Graymail and spam email are both bulk messages sent to a group of emails. But Graymail is different than spam for three reasons — it’s solicited, legitimate, and has valuable content.
Graymail email is not considered spam since spam includes unsolicited and unwanted emails. Although only a small portion of spam emails are considered scams or phishing, the main quality of spam is that the user didn’t ask to be emailed. Whereas graymail is solicited email that the recipient opted into at one point. Sometimes the user purposely signs up for a newsletter or to be placed on an email list for product updates and coupons. That type of recipient will expect to receive regular emails from a company and often will open and engage with the emails.
Other users may have purchased an item from a website, downloaded a white paper, or taken another action with a company and unintendedly signed up for ongoing emails. A user may even receive emails from an unknown third-party affiliate related to the company they shared their email address with. These users are less likely to engage with emails and may consider them spam since they didn’t intend to sign up for them, although these emails are technically graymail.
Graymail is also legitimate email from real companies, organizations, or individuals. Unlike some spam emails, the messages are truthful and include valid information, updates, sales, or coupons. These emails are often sent and managed through email marketing software that includes links to unsubscribe or update email preferences from that organization. On the other hand, spam messages can be deceptive and usually don’t follow CAN-SPAM Act guidelines so it can be difficult to unsubscribe.
Another way to tell graymail from spam is that graymail provides valuable, relevant content to the user. Email newsletters may provide articles of interest and tips that can be of interest to the receiver. Reminder emails from utility companies or other companies that you regularly pay bills to can be useful to alert the recipient that a payment is due. And ecommerce companies often use email to provide valuable coupons, product updates, or sale information. All these examples are forms of graymail sent out to a list of email addresses. Spam can be deceptive and sometimes even malicious, but not always. Either way, the emails usually don’t provide a lot of value to the recipient because they didn’t have any interest in what the sender has to offer.
Graymail Enterprise Email Management
In enterprise organizations, graymail can be difficult to manage as some recipients want to receive such messages while others may perceive them as spam. For example, a recipient in the marketing department may elect to receive updates on industry conferences while an employee in human resources may see these mailers as spam.
Enterprises can utilize managed services for email security to provide a way for employees to allow desired graymail into their inboxes while filtering out unwanted spam emails. These enterprise email management services protect organization in a number of ways, including targeting threats, providing email security, security awareness training, and more. Email protection services send out a graymail and spam digest, sometimes daily, to allow users to select the emails they want to send through to their inbox. With the extra shield of protection, these services can prevent malicious attacks on an organization where the line between spam and graymail may otherwise have been blurred.
Email security is evolving, especially as workers shift to working from home. Get the latest Gartner Market Guide for Email Security to learn about the latest threats and what to consider to ensure maximum email security protection.
Proofpoint Solutions for Email Security
Proofpoint provides email security and protection solutions to help monitor and protect organizations from security threats. We help filter out the safe graymail and prevent malicious spam from harming your company.
What is Email Spoofing?
Email spoofing tricks users into believing an email came from someone they know. Learn about email spoofing, the definition, examples and how to protect against it.
What is Email Filtering?
Learn what email filtering is, how it works, and techniques you can apply for spam filtering according to specific criteria. Get the information you need at Proofpoint.
What is Email Account Compromise (EAC)?
Email Account Compromise (EAC) is a highly sophisticated attack in which attackers use various tactics. Read on to learn the definition, how it works, and more.
What is Business Email Compromise (BEC)?
Learn about Business Email Compromise (BEC), how it works, and different types of threats. Proofpoint shares how to identify and protect against a BEC scam.