Validating that emails addresses are legit or not
Hello everybody.
I am currently building by startup, SpamLabs, and I am figuring out ways to validate that an user is spammy or not just by looking at their email addresses.
For domain analysis, I think I got pretty far, with things like
- DNS analysis: if they have the domain set up for receiving/sending email, and the owners of various components of their email infrastructure
- the companies involved in hosting their email provider (eg. GSuite is considered an instant positive validation because they require a business to set it up or if the IP of their email servers are owned by Cisco, because they deal mostly with corporate)
- maintaining lists for whitelisted and blacklisted domains (from known disposable email providers)
- monitoring popular disposable email providers and having dedicated probing algorithms for them
Actual address validation:
- I plan to add connecting to their imap servers and probing for sending an email without actually sending, only for their server to validate their email address actually exists
Where the difficulty comes in is with the free email providers such as @gmail, @yahoo, @live, etc. I don't really know how to figure them out, and currently just return them as inconclusive.
Any ideas on how could I check if an email hosted at a free email provider is legit?
Trending on Indie Hackers
Hi @vladcalin,
I hope i am late to the party!
I have built a real time email verification api which covers your use case.
We daily update our database with new disposal email domains which get created everyday to identify if the e-mail address is disposable one or not.
Please let me know you're still looking for a good solution.
https://rapidapi.com/nitinksaas/api/real-time-email-verification-api1
I am currently working on a product that addresses this, we help you validate email and check for several things like the email type, server responsiveness, existence of MX records on it, and checking for the mail if it has any extension errors, do you mind me sending you a link to beta test for us when we launch
Sure, drop me a link, I'd like to take a look
Will you check only for spams or do you have a filtering mechanism in mind for unwanted outreach and cold mails?
Momentarily I plan only for spam / temporary emails / suspicious emails.
I also plan to expand the API to be able to submit content generated by that user, and determine based on it how spammy that user is. That might be more accurate, to also include user behavior in the algorithm.
I'd pay for a product that filters unwanted cold outreaches.
what do you mean when you say "legit" ? i could have a millions emails and they are all "legit". :)
If there is a real person behind it, then it is legit, in my opinion. If it is a temporary email / has invalid configuration / is a known malicious domain / etc then it is marked as spammy. At least that's the theory. I plan to expand the API to also be able to get "content" generated by that email/user, and determine how spammy the user is based on their comments/posts as well. I am currently investigating this approach. The email only validation doesn't seem to be powerful enough to be appealing on its own.
A "real person" could have many emails. So a spammer. And then there are attack bots. :)
Why do you want to check it? The best way is to send them a confirmation email. If they confirm, they are good to go.
Le* temp emails: yeah!
I am planning on expanding the API to also get be able to accept some user generated content as well, and use that to determine how spammy the user is. If all it does is drop links to various blog posts in unrelated threads, than it is certainly spam (I know IndieHackers has these cases)