Field notes ·
Queues and backoff: how retries and deferrals actually work
A deferral is not a rejection — it is the receiver asking you to come back later, and how your server answers decides whether the mail delivers or dies in the queue. What deferrals are, why receivers issue them, the backoff that earns goodwill, and when a 4xx finally becomes a bounce.
Most conversations about delivery focus on the two clean outcomes: the message arrived, or it bounced. Between them sits a third state that handles far more of your mail than people realise — the deferral. A deferral is the receiver returning a temporary failure, a 4xx code, that means "not now, try again later." The message is neither delivered nor rejected; it goes back into your sending queue to be retried on a schedule. How your server handles that schedule — how patiently it backs off, how it reads the receiver's signals, when it finally gives up — decides whether a deferred message eventually delivers or quietly dies in the queue. This is how deferrals, retries and backoff actually work, why receivers lean on them so heavily, and how to handle them so that temporary problems stay temporary.
The reason this matters is that deferrals are not edge cases. Greylisting defers nearly every first message from an unfamiliar sender by design; rate limits defer mail the moment you send a little too fast; brief receiver hiccups defer mail constantly. A healthy sending system spends a meaningful fraction of its time with mail in retry, and the difference between a system that handles that gracefully and one that does not shows up directly in delivery and in reputation. Understanding the mechanics turns a confusing "why is my mail slow" into a precise, fixable picture.
What a deferral actually is
Mechanically, a deferral is simple. Your server connects, offers the message, and the receiver answers with a 4xx reply instead of accepting it. Your server does not abandon the message; it places it back in the queue and schedules a retry for later. It tries again — possibly several times — and the message eventually either delivers, once the receiver accepts it, or bounces, once your server exhausts its retry window and gives up. That waiting state is the deferral, and it is best thought of as email purgatory: the mail is in limbo, neither lost nor home, waiting for conditions to improve. The crucial point is that a deferral is a conversation, not a verdict. The receiver is telling you something — busy, unfamiliar, slow down — and your job is to respond in a way that resolves it rather than making it worse.
Bounces, deferrals and blocks: the three states
It helps to place the deferral among its neighbours, because the three are routinely confused and each calls for a different response. A bounce is a permanent failure: a 5xx from the receiver, or your own server giving up, meaning this message is not going to be delivered and you should stop trying and suppress the address if it was undeliverable. A block is a refusal on policy or reputation grounds, often permanent, that affects more than one message — your IP or domain is being turned away, not just this email. A deferral is the temporary middle ground: the receiver could accept the message later, so your server holds it and retries. The danger is treating them alike. Retrying a bounce is pointless and harmful; suppressing on a deferral throws away mail that would have delivered; ignoring a block while retrying deferrals fixes nothing. Knowing which of the three you are looking at, from the code and the pattern, is the prerequisite to handling any of them well.
Why receivers defer
Receivers issue temporary failures for a handful of distinct reasons, and telling them apart is the first step to handling them. Rate limiting is the most common at volume: you are sending faster than the receiver wants to accept, so it throttles you with a 4xx until you slow down. Greylisting is a deliberate spam defence that defers unfamiliar senders on purpose, betting that legitimate servers will retry and spammers will not. Capacity problems — a receiver temporarily overloaded or under maintenance — produce transient failures with no fault of yours. And network or routing trouble, a dropped connection or a timeout, surfaces as a deferral too. Each of these wants a slightly different response, which is why reading the specific code matters as much here as it does with permanent rejections, a subject we cover in detail in our reference on SMTP rejection codes.
The 4xx families and what each tells you
The enhanced status code on a deferral tells you which kind of problem you are facing, and the middle digit is the key. The table groups the families you will meet in retry logs; matching a rising deferral rate to its family is how you decide whether to wait, slow down, or fix something.
| Family | Category | What it usually means |
|---|---|---|
| 4.2.x | Mailbox | Recipient mailbox issue or greylisting; often domain-specific. |
| 4.3.x | Mail system | Receiver-side processing: storage, queue or process health. |
| 4.4.x | Network and routing | Connection dropped, timeout, routing loop or remote outage. |
| 4.7.x | Policy and security | Rate limiting, reputation, authentication or content patterns. |
Enhanced status codes follow RFC 3463; the class digit on a deferral is always 4.
Exponential backoff: the standard, and why
When a message is deferred, your server does not retry immediately and endlessly; it uses exponential backoff, widening the gap between attempts as failures accumulate. The first retry might fire after a few minutes, the next after fifteen, then thirty, then an hour, then longer, up to the point where the server gives up. The logic balances two competing needs: retrying soon enough to clear a brief problem quickly, and waiting long enough not to hammer a receiver that needs time. The table shows an illustrative schedule; the exact intervals are configurable, but the shape — short at first, lengthening steadily — is near-universal because it is what well-behaved senders do and what receivers expect to see.
| Attempt | Rough delay | What it catches |
|---|---|---|
| Attempt 1 | Immediate | First delivery try; a deferral here starts the schedule |
| Attempt 2 | ~5 minutes | Clears most greylisting on the second knock |
| Attempt 3 | ~15 minutes | Short transient issues usually resolve by here |
| Attempt 4 | ~30–60 minutes | Gaps widen as failures persist |
| Later | ~2–4 hours, then longer | Patience for genuine outages, up to the retry-window limit |
| Give up | After ~1–5 days | Server generates a permanent bounce to the original sender |
Illustrative backoff; intervals and the give-up window are configurable on your MTA.
Greylisting: the deliberate delay
Greylisting deserves its own explanation because it is the deferral most senders meet most often, and it alarms people who do not understand it. A greylisting receiver temporarily rejects mail from a combination it has not seen before — the triplet of sending IP, sender address and recipient address — and accepts it on a later attempt. The trick rests on a behavioural difference: a real mail server, on receiving a temporary failure, dutifully retries, while a great deal of spam tooling fires once and moves on. So the delay filters out the lazy spammers at the cost of a few minutes for everyone else. In practice a greylisted message delivers on the second or third attempt, usually within fifteen to thirty minutes, and you need do nothing — your queue handles it. The lasting fix, where you want to skip the delay, is authentication: properly aligned SPF, DKIM and DMARC let many receivers recognise you and bypass greylisting altogether.
When a deferral becomes a bounce
A deferral is not forever. Your server retries for a configured maximum — commonly a day to several days — and if the receiver is still refusing when that window closes, the server stops trying and generates a permanent bounce of its own back to the original sender. This is how a purely temporary failure at the far end can surface, eventually, as a hard bounce in your records even though the receiver never returned a 5xx. The practical lesson is to treat persistent deferrals as a problem rather than as something that will sort itself out. A message that has been deferred for hours, climbing the backoff ladder with no acceptance, is on its way to becoming a bounce, and repeated soft failures from the same provider mean something systemic — reputation, authentication, throttling — needs attention before the retry window quietly runs out.
Patterns receivers watch
It is worth remembering that retrying is itself a behaviour the receiver observes and judges. A sender that uses standard, widening backoff looks like a legitimate, well-configured mail system and earns goodwill over time. A sender that retries aggressively — the same message slammed at the receiver every few seconds — looks broken or hostile and can earn a harder block for the trouble. The metaphor that fits is a knock at a door: a polite knock, repeated at sensible intervals, is fine; the same knock hammered continuously becomes a reason to stop answering. Worse, retrying before a stated greylist window has elapsed often just resets the receiver's clock, so impatience literally extends the delay it was meant to shorten. Respectful spacing is not only courteous; it is faster.
Throttling versus greylisting: different problems
Two of the most common deferral causes call for opposite responses, and confusing them wastes effort. Greylisting is about identity — the receiver does not recognise you yet — and the fix is to retry normally and authenticate well, after which it stops. Throttling is about rate — you are sending too fast for what your reputation with that receiver currently allows — and the fix is to slow down, pacing your sends to that destination rather than simply retrying the same flood. Tuning your retry backoff does nothing for a throttling problem, because the issue is not when you retry but how fast you send overall; conversely, pacing your send rate does nothing for greylisting, which only wants a second attempt. Diagnosing which one you face — usually from the code and from whether the deferrals scale with your volume — decides whether you reach for the backoff knob or the rate knob.
How providers signal throttling: explicit and silent
Throttling shows up in two ways, and the silent kind catches people out. The explicit kind is honest: the receiver returns a 4xx, commonly a 421, that says in so many words that you have hit a rate limit and should slow down. Your queue sees the code, backs off, and retries, and the signal is easy to read. The silent kind is subtler: instead of a clear rate-limit reply, the receiver simply accepts your connections more slowly, drags out responses, or quietly routes more of your mail to spam as you push volume. There is no obvious error to alert on, only a creeping slowdown and a softening of placement. Detecting silent throttling takes watching the right metrics — connection times stretching, acceptance rate dipping, queue depth rising without a matching spike in any one code — rather than waiting for an explicit complaint. The receivers that throttle silently are telling you to slow down just as firmly as the ones that say so; you simply have to listen harder.
Connections, concurrency and how they feed deferrals
Volume is not the only thing receivers limit; they also care how many connections you open at once and how many messages you push down each. Open too many simultaneous connections to one provider, or hold them too long, and you trip concurrency limits that surface as deferrals even when your total volume is modest. This is why two senders pushing the same daily count can see very different deferral rates: one spreads its mail across sensible, steady connections, while the other hammers the receiver with a burst of parallel sessions that looks aggressive. Tuning concurrency — how many connections per destination, how many messages per connection, how quickly you ramp parallelism — is part of pacing, and getting it wrong produces deferrals that no amount of backoff tuning will cure, because the problem is the shape of your traffic, not the timing of your retries. Receivers reward traffic that looks calm and steady over traffic that arrives in spikes.
Queue depth as a health metric
The single most useful number for spotting deferral trouble early is the depth of your retry queue. In a healthy system, messages enter retry and clear at roughly the rate they arrive, so the queue stays shallow and stable. When deferrals start outpacing successful retries, the queue grows, and a steadily rising queue — especially toward one provider — is an early, measurable warning that something systemic is wrong: you are being throttled, your reputation has slipped, your authentication is failing, or a receiver is down. Watching queue depth per provider alongside the 4xx rate turns a vague sense that mail is slow into a specific, timely signal. It is one of the metrics we put front and centre when we run managed deliverability, precisely because a growing queue caught early is a problem solved before it becomes a wave of bounces.
Tuning retries on your own MTA
Operators who run their own infrastructure have direct control over backoff, and a few principles keep that control from backfiring. Set the first retry at or above a receiver's stated greylist window, because retrying earlier just earns another temporary failure. Keep your queue-scan interval no longer than your minimum backoff, so the schedule you configured is the schedule that actually runs. Use destination pacing — controlling how fast you send to a specific receiver — for throttling symptoms, and reserve backoff changes for genuine deferrals, since they fix different problems. Avoid forcing repeated queue flushes, which reset the receiver's wait window and extend delays, and avoid very short backoff timers, which create noise and more temporary failures. These are exactly the controls a clean PowerMTA setup configures deliberately, and the kind of tuning that turns a deferral storm back into smooth delivery when we are called in to troubleshoot a delivery drop.
Deferrals during warm-up
A new IP gets deferred heavily, and that is normal rather than alarming. Receivers are cautious with unfamiliar identities, so they defer mail from a fresh sender while they decide whether to trust it, and the deferrals ease as reputation accumulates. During warm-up, those 4xx responses are feedback: a provider starting to defer you more as you raise volume is telling you to slow the ramp, and respecting that signal — holding volume, letting acceptance recover — is how a warm-up stays on track. Pushing harder against rising deferrals is how it derails. The interplay between deferrals and the ramp is close enough that we treat reading them as part of warming an IP at all, which we cover in our guide to how IP warm-up works.
Deferrals and time-sensitive mail
Some mail cannot wait, and deferrals are a particular problem for it. A password reset, a one-time code, an order confirmation — these lose much of their value if they arrive twenty minutes late because a greylisting receiver deferred the first attempt. The instinct is to retry such mail faster, but as we have seen that backfires. The better answers are structural. Send transactional mail from infrastructure with strong, established reputation and clean authentication, so it is deferred less often in the first place; segregate it from bulk and promotional traffic so a throttling problem on the marketing stream never delays a password reset; and, for the most time-critical messages, consider that email is an inherently best-effort medium and that truly instant delivery may need a second channel. Separating the streams so that urgent mail rides its own well-warmed path is one of the clearest reasons to segment sending by type rather than pushing everything through one queue.
The cost of mishandling deferrals
Deferrals handled badly are expensive in ways that compound. The immediate cost is delay: mail that should arrive in seconds sits in a queue for hours, and time-sensitive messages lose their purpose. The next cost is bounces, as deferrals that never clear age out of the retry window and become permanent failures, so a throttling problem you ignored turns into undelivered mail and a worse sender history. Then comes reputation: aggressive retrying, growing backlogs and rising soft-failure rates are themselves signals to receivers that you are not a well-run sender, which earns you still more deferrals — the loop feeding itself. And underneath all of it is the opportunity cost of flying blind: a team that does not watch its queue and deferral metrics learns about each of these only after it has already hurt delivery. None of this is dramatic in any single moment, which is exactly why it is dangerous; deferral problems erode quietly until someone notices the mail is slow and the bounces are up.
What not to do
A few habits reliably turn a manageable deferral problem into a worse one. Do not retry faster to "force" delivery; aggressive retry loops earn suspicion and can harden a soft block into a real one. Do not force repeated queue flushes hoping to push mail through, because each flush can reset the receiver's wait window and lengthen the delay. Do not set tiny backoff timers, which generate a storm of premature attempts and more temporary failures. Do not ignore a growing queue on the assumption that retries will sort it out, because a deferral that never clears becomes a bounce. And do not tune your retry timers when the real problem is rate — or pace your sends when the real problem is greylisting — because applying the wrong fix leaves the actual cause untouched. Patience and the right knob beat panic and the wrong one every time.
What a deferral log entry tells you
Every deferral leaves a line in your logs, and that line is a small diagnostic packet if you read it. A useful entry records the recipient domain, the sending IP used, the SMTP reply the receiver gave — both the three-digit code and the enhanced code and text — the time of the attempt, and when the next retry is scheduled. Reading them together answers the questions that matter: which provider is deferring, with what code, how old the message is, and whether the backoff is behaving. A greylisting deferral shows a 451 4.7.1 clearing on a later attempt; a throttling one shows a 421 that scales with your volume; a reputation slide shows deferrals widening across messages to one provider with no acceptance. Comparing the queue age, the reply code and the next-retry behaviour before changing anything is the discipline that stops you from tuning the wrong knob. A sender who reads the log entry knows whether to wait, slow down or investigate; one who reads only the aggregate "delivery is slow" is guessing.
Reading deferrals per provider
Deferrals only make sense provider by provider, because each receiver has its own limits, its own greylisting policy, and its own reputation view of you. A deferral rate that is fine for one provider may signal trouble at another, and a backoff that suits one receiver's greylist window may be wrong for another's. The senders who handle deferrals well watch them segmented by destination: this provider is greylisting first sends and clearing them on retry, that one is throttling because volume rose too fast, a third is deferring on a reputation wobble. That per-provider view, combined with the queue-depth and 4xx-rate signals, is what lets you respond specifically — pace the one that is throttling, keep retrying the one that is greylisting, investigate the one whose deferrals look like a reputation slide — instead of treating a varied set of problems as one undifferentiated "mail is slow."
In short
A deferral is a conversation, not a verdict. The receiver returns a 4xx to say "later," your server queues the message and retries on a widening backoff, and the exchange resolves into delivery if you answer well — or into a bounce if you do not, once the retry window runs out. Handle it by reading the code to learn the cause, backing off politely rather than hammering, distinguishing throttling from greylisting and reaching for the right knob, watching queue depth per provider as your early-warning signal, and authenticating cleanly so you are deferred less in the first place. Do that and deferrals stay what they are meant to be: a brief, self-resolving pause on the way to the inbox. Mishandle them and they curdle into delays, bounces and a reputation that earns you still more deferrals — the loop worth staying out of. The senders who never seem to fight their queue are not lucky; they authenticate cleanly, pace their traffic, back off politely, and read their logs — and so the deferrals they do get clear quietly, the way the system intends.
Frequently asked questions
FAQ
Common questions
What is the difference between a deferral and a bounce?
A deferral is temporary and a bounce is final. When a receiver returns a 4xx code, it is deferring: the message goes back into your sending queue and your server retries it on a schedule, because the receiver said “not now, maybe later.” A bounce is a permanent failure — either a 5xx from the receiver, or your own server giving up after the retry window expires and generating a non-delivery report. A deferral is email purgatory: the message is neither delivered nor rejected, waiting for conditions to improve. The danger is that a deferral that never clears eventually becomes a bounce, so persistent deferrals are worth investigating, not ignoring.
Why is my new IP getting deferred so much?
Because receivers are cautious with unfamiliar identities, and a new IP with no reputation is exactly that. Large providers deliberately defer mail from new or sudden senders to see whether they behave like legitimate ones — retrying politely — or like spammers who blast and disappear. Weak authentication makes it worse: without aligned SPF, DKIM and DMARC, your mail looks less trustworthy and gets delayed more. The deferrals usually ease as your reputation builds, which is part of why warm-up matters; a steady, authenticated, patient sender earns first-try delivery over time. New-IP deferrals are a phase to ramp through, not a wall.
What is greylisting and what do I do about it?
Greylisting is a spam defence that temporarily rejects mail from a sender it has not seen before, identified by the triplet of sending IP, sender address and recipient address. It works because legitimate servers retry after a temporary failure while spam tools usually do not bother. The fix is almost always nothing: your mail server queues the message and retries, and it delivers on the second or third attempt, typically within fifteen to thirty minutes. Properly authenticated senders often bypass greylisting entirely, so good SPF, DKIM and DMARC is the real long-term answer. You cannot disable a recipient’s greylisting; you can only retry well and authenticate cleanly.
How long should retries continue before giving up?
The common default is to keep retrying for somewhere between one and several days, with the gaps between attempts widening as failures accumulate, before the server gives up and generates a permanent bounce. The exact window is configurable on your MTA. Too short and you abandon mail that a brief outage would have let through; too long and you keep a dead message circulating and a recipient waiting. The aim is patience for genuine transient problems without holding a message hostage to a receiver that is never going to accept it — which is why repeated deferrals from the same provider are a signal to fix something, not just to wait longer.
Should I retry faster to deliver sooner?
No, and it usually backfires. Receivers watch retry patterns: a sender using standard, widening backoff earns goodwill, while one hammering the same server every few seconds earns suspicion and sometimes a harder block. A polite knock becomes annoying when repeated constantly. Retrying before a stated greylist window has elapsed simply produces another temporary failure and can reset the receiver’s clock, extending the total delay rather than shortening it. The faster path to delivery is not more frequent retries; it is good authentication and reputation, which reduce how often you are deferred at all.
My retry queue is growing — what does that mean?
A growing retry queue means deferrals are outpacing successful retries: mail is going in faster than it is clearing. That is one of the most useful health signals you have, because it turns a vague “delivery feels slow” into a measurable trend. A steadily rising queue, especially toward one provider, points at a systemic problem — throttling because you are sending too fast, a reputation issue, an authentication failure, or a receiver outage — rather than a few random transient blips. Watching queue depth per provider, alongside the 4xx rate, is how you catch a deferral problem while it is still building instead of after the mail has aged out into bounces.
Mail stuck in retry, or deferrals climbing?
The free 25-point audit reads your deferral patterns and queue behaviour per provider, and tells you whether it is throttling, greylisting, authentication or reputation behind the delay.