Greylisting relies on the inherent reliability built into the SMTP protocol - basically, you can temporarily reject a message and be reasonably confident that the sending MTA will hold on to it and retry later. The idea is that the software spammers use isn't smart enough to deal with temporary rejects - bulk throughput is better than technical correctness in their case. Such software will never reattempt delivery, however real MTAs will.
Incoming mail is identified by a triplet of data:
The first time your MTA receives an email from a specific triplet, it sends a temporary reject notification to the sending MTA. Any real MTA will obey this temporary reject, and resend the email after a delay period.
There are some other modifications to the above description, such as: