email-verifier
Web & Frontend Development
v1.0.1
BenignVerify email address deliverability via SMTP without sending mail.
461 downloads461 installsby @psyduckler
Setup & Installation
Install command
clawhub install psyduckler/email-verifierIf the CLI is not installed:
Install command
npx clawhub@latest install psyduckler/email-verifierOr install with OpenClaw CLI:
Install command
openclaw skills install psyduckler/email-verifieror paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/psyduckler/email-verifierWhat This Skill Does
Verifies email address deliverability by connecting to the recipient's mail server and running an SMTP check without sending any mail. Resolves MX records, performs a RCPT TO handshake, and detects catch-all domains. Accepts single addresses, multiple addresses, or CSV files.
Checks whether an address is deliverable without sending a message, avoiding bounce penalties, credit consumption, or domain reputation impact.
When to Use It
- Checking if a contact email exists before cold outreach
- Cleaning a lead list exported from a CRM
- Validating emails collected through a web form
- Spotchecking an address before adding it to a mailing list
- Filtering invalid addresses from a batch before an email campaign
View original SKILL.md file
# Email Verifier
Verify whether email addresses are deliverable by connecting to the recipient's mail server and checking if it accepts the address — without actually sending any mail.
## How It Works
1. **MX Lookup** — Resolves the domain's mail exchange server
2. **SMTP Handshake** — Connects to the MX server on port 25
3. **RCPT TO Check** — Asks the server if it would accept mail for the address
4. **Catch-All Detection** — Tests a random address to detect catch-all domains
## Dependencies
```bash
pip3 install dnspython
```
## Usage
### Single or multiple emails
```bash
python3 scripts/verify_email.py user@example.com another@domain.com
```
### From stdin
```bash
echo "user@example.com" | python3 scripts/verify_email.py --stdin
```
### From CSV (e.g., a lead list)
```bash
python3 scripts/verify_email.py --csv leads.csv --email-column "Contact Email"
```
### Options
- `--helo DOMAIN` — HELO domain for SMTP greeting (default: verify.local)
- `--timeout SECONDS` — Connection timeout (default: 10)
## Output
JSON array to stdout. Each result contains:
```json
{
"email": "user@example.com",
"domain": "example.com",
"mx_host": "aspmx.l.google.com",
"smtp_code": 250,
"smtp_response": "2.1.5 OK",
"deliverable": "yes"
}
```
### Deliverability values
| Value | Meaning |
|-------|---------|
| `yes` | Server accepted the recipient |
| `no` | Server rejected the recipient (invalid) |
| `catch-all` | Server accepts all addresses — cannot confirm inbox exists |
| `unknown` | Could not determine (timeout, block, greylisting) |
## Rate Limiting
The script includes built-in rate limiting to protect your IP reputation:
```bash
# Defaults: 1s between checks, max 20 per domain before 30s pause
python3 scripts/verify_email.py --csv leads.csv --email-column "Contact Email"
# Conservative: slower checks, lower burst limit
python3 scripts/verify_email.py --delay 3 --max-per-domain 10 --burst-pause 60 email@example.com
# Aggressive (not recommended from residential IPs)
python3 scripts/verify_email.py --delay 0.5 --max-per-domain 50 email@example.com
```
### Options
- `--delay SECONDS` — Pause between each check (default: 1.0)
- `--max-per-domain N` — Max checks to one domain before pausing (default: 20)
- `--burst-pause SECONDS` — How long to pause after hitting the per-domain limit (default: 30)
### Why rate limiting matters
SMTP verification connects directly to mail servers. Without rate limiting:
- **Your IP gets blacklisted** — Mail servers (especially Gmail, Microsoft) flag IPs that make many rapid RCPT TO requests. Once flagged, your IP may be blocked for hours or permanently.
- **Port 25 gets blocked** — ISPs monitor outbound port 25 traffic. Unusual volume can trigger automatic blocks.
- **Greylisting increases** — Servers that see rapid-fire checks start returning temporary failures, making your results less accurate.
- **It looks like spam reconnaissance** — Because that's exactly what spammers do. Legitimate use requires responsible pacing.
### Guidelines for agents
| Scenario | Recommended settings |
|----------|---------------------|
| Quick spot check (1-5 emails) | Defaults are fine |
| Small lead list (10-50 emails) | `--delay 2 --max-per-domain 15` |
| Larger batch (50-200 emails) | `--delay 3 --max-per-domain 10 --burst-pause 60` |
| Bulk verification (200+) | Use a dedicated service (ZeroBounce, NeverBounce) instead |
**Rule of thumb:** Stay under 50 unique domain checks per day from a residential IP. For repeated checks to the same domain (pattern guessing), stay under 15 per session.
## Limitations
- **Catch-all domains** accept all addresses; a "yes" doesn't guarantee a real inbox
- **Some servers block** SMTP verification (disconnect or timeout) — result will be "unknown"
- **Greylisting** temporarily rejects first attempts by design
- **Rate limiting** — don't bulk-verify hundreds from one IP; use a dedicated service for large lists
- **Port 25 blocked** — some ISPs/networks block outbound port 25; won't work from those environments
- Residential IPs may get flagged if used heavily — for bulk verification, prefer services like ZeroBounce or NeverBounce
Example Workflow
Here's how your AI assistant might use this skill in practice.
INPUT
User asks: Checking if a contact email exists before cold outreach
AGENT
- 1Checking if a contact email exists before cold outreach
- 2Cleaning a lead list exported from a CRM
- 3Validating emails collected through a web form
- 4Spotchecking an address before adding it to a mailing list
- 5Filtering invalid addresses from a batch before an email campaign
OUTPUT
Verify email address deliverability via SMTP without sending mail.
Security Audits
VirusTotalBenign
OpenClawBenign
View full reportThese signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.