All geek questions in one place

Email address verification services - how do they commercialize an unspecified service?

Nowadays, there are many paid services that claim to provide a โ€œfullโ€ email check (check MX records, check with an SMTP server, etc.), for example this , this and this .

From various past streams on SO, itโ€™s obvious that reliable verification of email addresses is not possible -

Any such service may encounter the following problems:

  • Most mail servers will not correctly respond to the VRFY command for reasons related to anti-spam, so it is impossible to use it.
  • Services will have their IP addresses blacklisted if they try to access mail servers via SMTP too many times that they need to provide such a service

My question is, is there any other way this can be done? How do these services require reliable verification in light of the above? I know that they are not going to disclose their methodologies, but can anyone from SO shed some light?

+6
source share
2 answers

We recently published a publicly available email verification service based on our EmailVerify.NET , an award-winning and renowned email authentication module for the .NET platform; while I cannot answer for every other service you mentioned, I certainly can do this for ours:

  • EmailVerify.NET does not use the VRFY command at all, as this can lead to potential bans on external mail exchangers;
  • a blacklist is always possible, and Netiquette should always be followed when performing a verification task (although there are no written rules here): our component allows you to bind yourself to any available IP address and cyclically start outgoing IP addresses during the verification process, thereby increasing the number checks that can be performed at the same time, while reducing the likelihood of a ban.

My experience also shows that most email authentication services out there do not offer the quality you would expect for even syntax checking (there are at least 7 different RFCs, a simple regular expression is not the right choice here); before choosing one, I suggest you ask for a demo with your own data examples (EmailVerify.NET has an online demo page that you can play with if you want). Most, for example, do not support quoted words or non-ASCII domains or mailboxes, which are currently becoming quite common or do not filter out one-time (temporary) email addresses.

+1
source

Paid email service providers usually check the points below to verify their email address.

  • Email syntax checking
  • Validating Domain / MX Records
  • Role Based Account Discovery
  • Disposable Email Address (DEA) Discovery
  • Honeypot / Spam Trap Detection
  • Check DNSBLs and DNSBL URIs for Blacklist

Although they all do not check all of the above, itโ€™s best to choose a supplier who checks all of the above. You can check the service and results of some of the best suppliers here .

0
source

Source: https://habr.com/ru/post/897030/

More articles:


All Articles