Do you validate your email addresses? You are probably using the email validator in a framework like Angular or Spring Boot? If so, than you can do way better.
Why do I need email validation?
When collecting email address through a form on a website, you probably want to send out emails to that address. Misspelled or temporary addresses won’t help you. You will just get a bounce or even worse: your first email works, but the email address is gone after that. So further contact to your customer or a potential lead won’t work.
So you need to improve your delivery rate and clean your email lists, by separating low-quality email addresses from real users.
What are the wrong ways?
Most frameworks validate emails just by using a regular expression. For Angular this is:
const EMAIL_REGEXP = /^(?=.{1,254}$)(?=.{1,64}@)[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+)*@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/;
You can test it on Regex101.com. With this regex even a@b.c
is a valid email address. Neither is c
a valid top-level domain, nor is b.c
a valid server.
What do I need to do it right?
Validating your email addresses with a regular expression as first step is not wrong. It’s a good idea to eliminate completely wrong values. This helps to minimize more time consuming validation later on.
The next step is to check if the server in the email address exists and if it has an MX-record. When you visit a website your browser requests a DNS-Server to give him the IP address of server like weyprecht.de. The A record here is domain name: weyprecht.de ip: 217.160.0.79
. If you want to open this website, then this would be enough, but if you want to write an email, you also need the MX-record, which is hostname: mx00.ionos.de ip: 212.227.15.41
. As you can see, the mail is handled by a different server than the website.If you check for those records, you know that the server part of your email address is a real server and it has an associated email server.
You could now try to connect via SMTP to that email server and ask, if that username, the first part of your email address, exists. If you can connect via SMTP to the server, this is already a very good sign. Most servers won’t allow the check for a username, because that is a security risk for them. The problem is: if you cannot connect to an SMTP server, this does not mean, that the server is bad and the email address invalid. Most servers have a block list of IPs, they don’t allow connections from, and it contains every dynamic IP you will get in home addresses. So if you can connect to a SMTP it’s just a hint that everything is good.
But we are not done here. You still have to check if your email server is a temporary mail server like 10minutemail.net. If it is, you won’t be able to generate a lead from that email address. The only way to do so, is to check the server name against a list of known temporary mail servers. This list needs to update regularly.
The same is true for public mail servers, you also need to maintain a list for that. Public servers are not a bad sign for b2c, but quite uncommon in a b2b environment.
Is there an easy way?
Yes, there is a very easy way, so you don’t need to implement all that stuff by yourself. Use an existing API. I did implement all that stuff. Why? Because I have fun doing so and I wanted to extend my API portfolio.
You just need to call a JSON API. I even provide some client libraries for easy integration at a Nexus, but RapidAPI provides a small code generator for a variety of programming languages.
For sure, I am not the only API provider for email validation, a google search provides a great variety of alternatives. But I hope you use mine, for making you aware of this possibility to improve your delivery rate and clean your email lists, by separating low-quality email addresses from real users.