Email Verification Tool: Validate Any List Before You Send
Sending to invalid emails is the fastest way to destroy your domain's sender reputation. One bad list can take a healthy domain from inbox to spam folder in 48 hours, and recovering takes weeks. An email verification tool runs every address on your list through a multi-stage validation pipeline — syntax, domain, mailbox existence, risk scoring — before you press send. This is the cheapest insurance policy in cold outreach.
What email verification actually checks
A real verification tool runs four independent checks per address. Tools that skip stages are worth less than free.
- Syntax validation — does the address conform to RFC 5322 format? (Most tools pass this stage; "weird-but-valid" addresses like `"first.last"@domain.com` are surprisingly common.)
- Domain & MX record check — does the domain exist? Does it have valid mail exchange records per RFC 5321 §5?
- Mailbox SMTP handshake — open a connection, send `MAIL FROM` and `RCPT TO`, read the server's response. The server tells us whether the mailbox exists.
- Risk scoring — flag catch-all domains, disposable email providers, role addresses (info@, support@), recently-registered domains, and known bounce-prone TLDs.
The four results you'll get
Every verified address resolves to one of four labels:
Valid — mailbox confirmed, low risk. Send confidently.
Risky — mailbox accepts but signals are mixed (catch-all domain, role address, low-reputation provider). Send to risky addresses on a separate, smaller batch first; don't mix with Valid in your main send.
Invalid — mailbox does not exist or domain has no MX records. Never send.
Unknown — temporary server issue (greylisting, rate limit) prevented a definitive answer. Re-verify in 24 hours; treat as Risky in the meantime.
Proportion across a typical scraped list: ~65% Valid, 15% Risky, 18% Invalid, 2% Unknown.
When to verify (timing matters)
Email addresses go stale. A list verified six months ago and not re-verified will have ~10–15% degraded since — people leave jobs, mailboxes get retired, domains get sold.
The safe rhythm:
- Verify within 48 hours of sending — closer is always better. - Re-verify before any large send (>500 emails). - Skip re-verification for lists you generated <7 days ago through a finder that does query-time SMTP — EmailSneak's find-emails pipeline verifies at query time, so fresh results don't need a second pass.
Catch-all domains: the verification gray zone
Some domains accept email to any address (catch-all configuration). The SMTP handshake returns success even for nonexistent mailboxes. This is why "Risky" exists as a category.
When sending to catch-all domains:
- Soft bounce rates are higher (~8% vs ~2% on non-catch-all) - Some catch-all domains route everything to a single inbox where messages are deleted unread - Reply rates can still be reasonable when the address is a logical guess (`first.last@` at a small company)
Our recommendation: send to catch-all addresses in a separate batch with a more conservative send rate, and watch reply rates closely. If they're <50% of your non-catch-all baseline, drop the segment.
How EmailSneak's verification works
Same engine that powers the find-emails pipeline. Upload a CSV (one email per row), or paste rows directly, or hit `POST /v1/verify` via the API. Results stream back in real time with the four-label output and a per-row reason code.
Pricing: 0.5 credits per verified email — half the cost of a finder lookup, because we skip the identity-resolution stage. Free tier includes ~50 verifications.
What verification cannot fix
A clean list improves deliverability but doesn't guarantee it. Three problems verification can't solve:
1. Bad sender reputation. If your domain is already flagged, no list cleaning will save the next send. See cold email deliverability for repair steps.
2. Spammy content. Subject lines like "QUICK QUESTION!!!" and links to `bit.ly` get filtered regardless of list quality.
3. Missing authentication. Without SPF, DKIM, and DMARC, even a perfectly clean list to a perfect prospect lands in spam. Set these up before any cold send.
Frequently asked questions
- How accurate is email verification?
- On non-catch-all domains: 98–99% accurate. On catch-all domains: verification can confirm the domain accepts mail but cannot confirm the specific mailbox exists, so accuracy effectively drops to whether the catch-all routes to a real human.
- Will verification trigger emails to the recipient?
- No. The SMTP handshake (`MAIL FROM` / `RCPT TO`) reads server responses without sending an actual message. The recipient sees nothing.
- Can I verify a list of millions of emails?
- Yes — bulk jobs scale to 100K rows in the UI and unlimited via the API with parallel job submission. Large jobs typically complete at 8–15K rows per minute.
- Should I verify emails from a finder that already verifies?
- Only if more than 7 days have passed since the find. EmailSneak's finder verifies at query time, so fresh results are already clean. Re-verify before any large send to catch the small percentage that have gone stale.
- What about disposable / temporary email services?
- We flag them as Risky with a `disposable_provider` reason code. Most cold outreach should skip these — the recipient signed up to a temp service for a reason.
Sources & references
Try EmailSneak free
Find the right people on the platforms they actually use, then send fewer, better emails. No credit card required.