SMTP verification should be a commodity — the code is open source, it costs virtually nothing and it works over a standardized protocol.
Yet cold email marketers always verify their lists with multiple email verification services, increasing their verification project several fold. At first this doesn’t make sense — like buying multiple thermometers to measure a fever instead of just buying one that works.
So what drives this behavior?
It’s that experience email marketers have noticed over time that different services get different results when verifying the same email, and that they seem to be “right” on different occasions. By using multiple email verifiers, marketers try to benefit from the “wisdom of the crowds” and get more accurate results.
In this article, we will cover:
- Why different email verifiers may return different results for the same email
- Why “triple verification” of emails isn’t beneficial when using SMTP services that control for these variables.
What Causes Different Results?
Blacklisted IPs
Verifying an email is less likely to get an IP address blacklisted (since there is not email body being parsed and scanned for SPAM), but it doesn’t prevent it entirely.
Most email servers will have some form of log monitoring (eg: Fail2ban) that monitors for suspicious activity, including 1) sending too much volume or 2) sending too many invalid email requests in a given time frame.
This means that SMTP verifiers need to either:
- run large fleets of email servers and IPs to send fewer requests per server (expensive) OR
- send multiple requests from different servers to verify that their first result was correct (expensive and takes longer) OR
- be able to monitor and detect when they’ve been caught out by the servers they are trying to verify (expensive, takes longer and maybe impossible) OR
- just send you a result knowing you’re going to check it from another provider anyway (cheap and easy)
To show this is not theoretical, we can look at one of the largest and cheapest SMTP verification providers in the market, MillionVerifier.
The sample request above already suggests that one of our hypotheses is true, which is that they are running a large fleet of servers — the DNS of s1972.hubucoapp.com suggests thousands.
Taking one of these IPs and looking it up in a SPAM database shows us that one of the highlighted IPs has been flagged in 4 different blacklists, including spamrats which is one of the largest ones on the web.
In this sense, we can see that the “cheapest” solution comes with visible tradeoffs.
Sidenote: Kitt AI takes a number of steps to ensure a clean IP range including 1) regularly checking all server IPs against blacklists, 2) keeping track of different email server behaviors to detect anomalous results and 3) employing algorithms that evenly distributes traffic across servers based on prior activity instead of simple round-robin loadbalancing.
ISP / Cloud Provider
Email SPAM is a huge headache for most ISPs and Cloud providers for multiple reasons.
First, when spammers use their infrastructure to commit crimes, it forces these providers to deal with legal procedures. Second, the providers often have IPs that are recycled/shared across their customers, and if spammers cause them to be “dirtied” by getting caught in various blacklists, this can cause serious logistical issues for the rest of their customer base.
As a result, most providers (and especially legitimate providers like AWS, Microsoft and Google) disable access to email sending ports by default to their customers and refuse to enable them unless the provider goes through a prolonged vetting process that often involves annual contracts and constant monitoring.
However, lower cost providers — especially those located abroad — don’t have these same concerns, and are happy to provide infrastructure to anyone. for cash. As a result, most email filters include ISP, IP Range and Cloud Provider in their spam scoring mechanism, which can lead to inconsistent results.
We can see this with a concrete example. Here we captured a series of email verification requests from Findymail. You can see the requests all came from lower value providers in Europe.
In our previous research, we generated pools of IPs on one of these providers – Vultr – let the IPs age for 3 months and made sure that they weren’t on any major spam blacklist. However, every single IP was found to be blocked by Proofpoint, one of the larger Enterprise Email Gateways.
Once again, this shows that you’re not only going to get different results across different verification providers based on their cloud provider, but you may even get different results across results within the same provider!
Sidenote: Kitt AI solved this problem by going through one of these heavy duty vetting processes and gaining access to a top-3 infrastructure provider, which results in increased verification accuracy.
Greylisting
Greylisting is a process in email where the receiving server temporarily and transparently rejects an email attempt from an ‘unknown’ sender IP and/or domain to reduce spam.
This works as a deterrent because 1) this signals to spammers that this server has anti-spam systems that are likely to get them blocked/reported and 2) most SPAM servers don’t bother with retries since they are in a hurry to send as much volume in as short a time as possible before they get flagged across various blacklists.
So how does this impact email verification? Here is a log from an email verification request to the volkswagen.de enterprise email server.
And here is where this will produce many different results with different verification servers:
- Some verification providers will count this as a “failure” case and report the email as invalid or catchall
- Most verification provider APIs time out far before this greylisting period, meaning your requests will never actually reach the target server.
- Some verification providers may have already have a server that went through the greylisting process with the server you’re trying to verify against. If you’re lucky enough to hit this server, you may get a positive/negative verification result that you won’t with your second/third provider. Funnily enough, you could hit the same provider twice and get a different result too, if your request landed on a different verification server. And finally, even if the verification provider transparently returns a ‘greylisted’ status, many services we tried will not send the request through the same server when you retry several minutes later 😭.
Sidenote: For customers that want to handle these cases, Kitt AI solves for this by providing results asynchronously (CSV upload, webhook API) that can ensure the request eventually gets through the greylist and then returns a positive/negative result.
Is It Worth “Triple Verifying”?
As can be seen, there are inherent flaws with triple verifying emails — the assumption that the result one service produces will always be the same.
If the underlying service is not set up to provide consistency AND transparency, you probably need to “triple verify” each service individually before you compare the results against each other.
And even then, you’re left with a problem when dealing with “catchall emails”. As we covered in a previous post, many of them use a totally different verification mechanism with varying accuracy levels. This means it’s far better to take the one service you know and trust really well (even though it’s imperfect) than to rely on “wisdom of the crowds” to make decisions on email validity.
As a result, our conclusion is that no, triple verification is not better/safer than using one verification tool. You’re better off taking the time to pick one verification vendor who can give you consistency and transparency and save your money with the double/triple verification requests. In fact, you can pay a little more for your primary vendor and STILL save money while getting better results!
In a future post, we’ll explore a similar question of why different email finders produce such vastly different results. To not miss it, be sure to subscribe to the blog below!
eroltoker
Author