Email verification using telnet fear of marked as spam

Question

Problem Background: I have a 35K+ user members and growing fast. I am planning to migrate to Amazon SES service. Amazon SES has a criteria to reduce the quota or even terminate service based on bounce-back emails.

I send promotional emails to my members. But the fear is that there are email address which are no longer exists so a fair possibility that Amazon SES notice me and take action to reduce or terminate my service. I need to make sure I have valid email address which do not disturb SES.

Possible Solution: To cope this problem I am planning to do the following procedure for each email address;

Step1. Collect the MX record for the email domain.

Step2. telnet to that MX domain

Step3. Verify email address with the following pattern

EHLO my_domain_name
MAIL FROM:<my_valid_email@my_domain_name>
RCPT TO:<email_to_verify@my_user_email_domain>

I will verify the response after each command trigger such as email is valid if I receive 250 status after RCPT command

Now what are the possible precautions I should care about to be not marked as SPAM or rejected by the remote server???

Answer 1

You may get very different answers from what you expect. Many (most?) e-mail systems set up to prevent spam won't give away user information just like that. My own server, for example, will say 250 OK for every address on my domains, even if those addresses are in fact non-existing.

What you should do is have a system which reads those bounce e-mails and remove unused addresses after a number of bounces. A good way of doing that is having different sender addresses for each message (or at least for each recipient), making it easy to connect bounce messages with their intended recipients. This technique is sometimes called Variable envelope return path.

Answer 2

I guess you have seen this question here: How to check if an email address exists without sending an email? ? That talks a bit about the disadvantages.

I am no expert but I suspect that it is going to be pretty hard to guarantee that someone won't blacklist you at some point or that you get 100% accurate results from this, or any other method for that matter.

For your scenario though, maybe that does not matter too much - just try to do the check infrequently so that you reduce the number of guaranteed bounce backs and if you send only a few that get bounced back it won't matter too much. On top of that you can have your own system that handles a bounce back and makes sure you do not re-send to that email again.

Doing all of that may be just "good enough" to work.