Do you know how to verify if an email (email address) is real or fake? The obvious solution is that you send an email essays to this address and if your message does not bounce back as undeliverable then it is safe to assume that the address is real.
Although the above method is not entirely certain as some sites may have set up a situation in which they accept all emails and do not return to the sender all emails addressed to a non-existent mailbox. But how do we know if there is an email address without sending it an email?
Let's first see how emails work. When you send an email to someone, the message goes to an SMTP server, which then looks up the MX (Mail Exchange) records of the email recipient's domain. For example, when you send an email to hello@gmail.com, the mail server will try to find the MX records for the gmail.com domain. If the records exist, the next step would be to determine whether or not that email username (hello in our example) exists.
Using a similar logic, we can verify an email address from our computer without actually sending an email. See how:
Suppose we want to verify if billgates@gmail.com exists
Step 1. Turn it on telnet in Windows or use it PuTTy tool. If you're on a Mac, open it application iTerm.
Step 2. At the command line, type the command nslookup:
nslookup –type=mx gmail.com
The nslookup command will explore the name servers for this domain. Once we have defined the formula as MX, our command will export and list the MX records of the email domain (gmail for our example). Replace gmail.com with the domain of the email address you are trying to verify.
gmail.com MX preference=20, exchanger = alt2.gmail-smtp-in.l.google.com
gmail.com MX preference=30, exchanger = alt3.gmail-smtp-in.l.google.com
gmail.com MX preference=5, exchanger = gmail-smtp-in.l.google.com
gmail.com MX preference=10, exchanger = alt1.gmail-smtp-in.l.google.com
gmail.com MX preference=40, exchanger = alt4.gmail-smtp-in.l.google.com
Step 3. As you may have noticed in the nslookup results, it is not uncommon to have multiple MX records for one domain. Choose one of the servers listed in the MX records, preferably the one with the lowest number of privileged levels (in our example, gmail-smtp-in.l.google.com) and "pretend" to send an e-mail from your computer on it.
To do this, go to the telnet window and type the following commands in the following sequence:
3a: Connecting to the mail server:
telnet gmail-smtp-in.l.google.com 25
3b: Welcome to the other server
HELO
3c: Identify yourself with a fictitious email address
mail from:info@iguru.gr
3d: Enter the email address of the recipient you are trying to verify:
rcpt to:billgates@gmail.com
The server's response to the 'rcpt to' command will give you an idea whether an email address is valid or not. If you get an “OK” then the address exists, otherwise you will get a 550 error like:
abc@gmail.com – The email account you tried to reach does not exist (The email account that you tried to reach does not exist).
support@gmail.com - The email account you tried to access is disabled (The email account you tried to reach is disabled).
That's it! If the address is valid, you can run it reverse email search to find the person behind the address.