At the core of every email verification check is the SMTP handshake — a structured conversation between a verification server and the recipient's mail server. Understanding this process helps you interpret verification results more accurately and troubleshoot edge cases.
The SMTP Conversation Step by Step
The SMTP handshake for verification follows these steps: (1) TCP Connection — the verification server connects to the recipient's mail server on port 25. (2) EHLO/HELO — the verification server identifies itself to the mail server. (3) MAIL FROM — specifies the sender address (usually a no-reply address). (4) RCPT TO — specifies the recipient address being verified. (5) The mail server responds with a status code indicating whether it accepts the address.
The critical step is RCPT TO. If the mail server responds with a 250 (OK) code, the address exists and can receive mail. A 550 (User not found) response means the mailbox does not exist. A 452 (Insufficient storage) or 421 (Service not available) indicates a temporary issue. The verification server then sends QUIT to close the connection without actually delivering any message.
Common Response Codes and Their Meanings
250: The address is valid and the mailbox exists. 251: The user is not local but the server will forward — treat as valid. 550: The mailbox does not exist — hard invalid. 551: User not local — the server suggests a forwarding address. 552: Mailbox full — soft bounce, the address exists but cannot receive mail. 553: Malformed address — invalid.
450/451/452: Temporary failures that may resolve on retry. These could indicate greylisting (a deliberate delay to deter spam), server overload, or rate limiting. Good verification services retry these addresses after a delay before marking them as unknown.
Challenges and Limitations
Greylisting deliberately rejects the first connection attempt from unknown senders and expects legitimate senders to retry. This means a single SMTP check might incorrectly flag a valid address as invalid. Verification services handle this by retrying after the typical greylisting delay (usually 5-15 minutes).
Some mail servers implement rate limiting or connection throttling that blocks bulk verification attempts. Yahoo, for example, is known for aggressive rate limiting. Verification services must distribute their checks across multiple IP addresses and respect rate limits to maintain accuracy.
Catch-all domains, as discussed in our separate article, accept all addresses regardless of whether a specific mailbox exists. The SMTP handshake always returns 250, making it impossible to distinguish real addresses from non-existent ones through this method alone.
Key Takeaway
SMTP handshake verification is a powerful technique but not infallible. Understanding the underlying protocol helps you interpret results correctly, troubleshoot edge cases, and set appropriate expectations for verification accuracy. The best verification services combine SMTP checks with multiple other data sources to provide the most accurate results possible.
Ready to improve your email operations?
Start verifying emails for free — no credit card required.
Try SIndbox Intel Free