Tuesday, October 4, 2011

Verify OR Identify a fake email address

How to Verify if an Email Address Is Real or Fake?
"In a simple solution send a test mail to that email address(say abc@example.com) and if your message doesn’t bounce, it is safe to assume* that the address is real."

[*] Some web domains may have configured a catch-all email address meaning that messages addressed to a non-existent mailbox will not be returned to the sender but in most cases, such email messages will bounce.
Verify using Ping:

When you send an email to someone, the message goes to an SMTP server which then looks for the MX (Mail Exchange) records of the email recipient’s domain.

For instance, when you send an email to xyz@gmail.com, the mail server will try to find the MX records for the gmail.com domain. If the records exist, the next step would be to determine whether that email username (xyz in our example) is present or not.

Using a similar logic, we can verify an email address from the computer without actually sending a test message.
Process: Follow the following steps with me.
Ex. Check if the address pavan@gmail.com exists or not?
  • Enable telnet in Windows.  Or if you already have the PuTTY utility, skip this step.
  • Open the command prompt and type the following command:
             nslookup –type=mx gmail.com

[This command will extract and list the MX records of a domain as shown below. Replace gmail.com with the domain of the email address that you are trying to verify.]

       gmail.com MX preference=30, exchanger = alt3.gmail-smtp-in.l.google.com

       gmail.com MX preference=20, exchanger = alt2.gmail-smtp-in.l.google.com

       gmail.com MX preference=5,  exchanger = gmail-smtp-in.l.google.com

       gmail.com MX preference=10, exchanger = alt1.gmail-smtp-in.l.google.com

       gmail.com MX preference=40, exchanger = alt4.gmail-smtp-in.l.google.com
  • As you may have noticed, it is not uncommon to have multiple MX records for a domain. Pick any one of the servers mentioned in the MX records, may be the one with the lowest preference level number (in my example, gmail-smtp-in.l.google.com), and “pretend” to send a test message to that server from you computer.
now type the following commands in the listed sequence:
      1. Connect to the mail server:
                 telnet gmail-smtp-in.l.google.com 25 

       2. Say hello to the other server


       3. Identify yourself with some fictitious email address

                 mail from:<pavan@codeimagine.com>

       4. Type the recipient’s email address that you are trying to verify:

                rcpt to:<pavan@gmail.com>

Result: The server response for ‘rcpt to’ command will give you an idea whether an email address is valid or not. You’ll get an “OK” if the address exists else a 550 error like:

Online Tools to Verify the Email Address:

2. Rolosoft
3. Emailfinder

Always Remember:
  • Look closely at the email address. If the alphanumeric string before the @ sign is gibberish, with a lot of letters and numbers intermixed, it can normally be considered a fake email address. The only time you would actually open an email with an email address of this type is if you know the sender. 

  • Many crooks are taking advantage of free email services online. You can spot a fake email address easily when it starts with a known company name and finishes up with an @(add free email service provider here).com. This can also be true of lottery and banking scams, as they will try to trick you into believing they are having you contact a banking institution at a free email address.
  • Clues within the email message can help you recognize a fake email address. A message that is "urgent" or that needs "immediate attention," ones with spelling and grammatical errors, any email asking for personal information, like passwords or bank account numbers, and emails with impersonal greetings (e.g. "Dear valued customer").


Rahul said...

Good article. But this assumes that the smtp server runs on port 25 whcih may not be always true. for example, if the mail server uses secure SMTP, the port no will be 465 and we can't get connection with simple telnet as it is secured.

Powered by Code Imagine