How email verification works.
Three checks stack on top of each other — syntax, DNS, and a live SMTP conversation. Each one proves something specific, and none of them proves everything. Here’s the whole picture.
Layer one: syntax
The simplest check is the one that never touches a network. A syntax check asks whether a string is even shaped like an email address: one @ sign, a plausible local part, a domain with at least one dot, no illegal characters. It also catches the mechanical junk that creeps into any list — trailing whitespace, swapped characters from manual entry, “.con” instead of “.com”, and role patterns like noreply@ that you probably never want to mail.
What syntax proves: the address is well-formed. What it cannot prove: that the domain exists, that it receives mail, or that the mailbox is real. A perfectly formatted address at a domain that was abandoned in 2019 sails through a syntax check. Treat this layer as a filter for garbage, not a verdict on deliverability.
Layer two: DNS and MX records
The second layer asks the domain name system a simple question: if I wanted to deliver mail to this domain, where would I send it? A domain that receives email publishes MX (mail exchanger) records — the hostnames of the servers willing to accept its mail. If those records resolve, the domain participates in email at all. If they don’t, every address at that domain is dead, and you can reject the whole batch without ever contacting a server.
MX lookups are fast, free of side effects, and eliminate entire failed companies, typo’d domains, and parked websites in one pass. But the limit is just as clear: an MX record proves the domain accepts mail somewhere. It says nothing about whether j.smith@ that domain is a real person with a live mailbox. Plenty of vendors stop here and call the result “verified.” It isn’t.
Layer three: the SMTP probe
The only way to test a specific mailbox is to ask the server that owns it. An SMTP probe opens a real delivery conversation with the domain’s mail server — HELO, MAIL FROM, then RCPT TO with the exact address in question — and reads the server’s answer. A 250 response means the server is prepared to accept mail for that mailbox; a 550 means it isn’t. The probe then disconnects before any message is transmitted. Nothing lands in an inbox, and the mailbox owner never knows the check happened.
This is categorically stronger evidence than the first two layers because it interrogates the same system that will ultimately accept or bounce your campaign. It’s also the layer where honest vendors and dishonest ones diverge, because SMTP answers are not always clean — which brings us to catch-alls and greylisting. For exactly how Argorant runs this conversation, see how we verify.
The catch-all problem
Some domains are configured to accept mail for every address — real or invented. Probe jane.doe@ such a domain and the server says yes; probe xkcd9931@ and it says yes to that too. These are catch-all (or accept-all) domains, and they are common in mid-size companies whose IT teams route everything to a central filter. On a catch-all domain, a per-mailbox verdict is structurally impossible from the outside. Any vendor claiming a definitive “valid” on a catch-all address is reporting a guess with confident formatting.
The honest behavior is to flag catch-alls as their own category and let the buyer decide. Many catch-all addresses do deliver — the domain accepting everything doesn’t mean the person is fake — but they carry residual bounce risk that valid-status addresses don’t. Argorant treats them as opt-in at export: excluded by default, included only when you choose, charged like a valid contact when you do.
Greylisting and the “unknown” bucket
Mail servers defend themselves. Greylisting is the classic tactic: the server answers a first-time connection with a temporary failure — “try again later” — on the theory that real mail servers retry and spam cannons don’t. Other servers throttle probes, answer ambiguously, or time out under load. A verification engine that probes such a server gets no usable verdict on the first pass.
Good engines retry with appropriate delays and from reputable infrastructure, which resolves most greylisting. What remains lands in an “unknown” bucket. The right way to handle unknowns is conservatively: don’t deliver them as valid, don’t charge for them, and don’t quietly fold them into the valid count to inflate an accuracy statistic. When you evaluate any verifier, ask what percentage of results come back unknown and how those rows are billed. The answer tells you more than the marketing page does. (If terms like greylisting are new, the glossary covers them.)
Verification decays. Fast.
A verification verdict is a photograph, not a property. People change jobs, companies migrate mail systems, IT departments retire mailboxes — and the address that probed valid in January hard bounces in June. Industry estimates put B2B email decay around 2–3% per month, which compounds: a list verified a year ago can carry a quarter to a third dead weight, while still wearing its “verified” label.
This is why when a record was verified matters as much as the verdict itself. Argorant’s answer is to verify at the moment of export: every address is probed live against the recipient’s mail server right before it reaches your file, so the verdict reflects the mailbox’s current state rather than whenever the record was added.
Verify-at-export beats verify-at-collection
Here is the architectural decision that separates data providers. Most verify at collection: an address is checked when it enters the database, stamped “verified,” and sold under that stamp for as long as it sits in inventory — months, often years. The stamp was true once. Decay makes it progressively less true every week, and the buyer pays for the gap in bounces.
Verify-at-export inverts this: the probe runs at the moment you download, against the mail server as it exists today. The verdict you pay for is at most minutes old (or inside a disclosed freshness window). The practical difference shows up exactly where it hurts — your bounce rate, and therefore your sender reputation. If you take one heuristic from this guide: when a vendor says “verified,” ask when. A vendor that can’t answer per-row is describing the past.
The economics: pay-per-valid
Verification timing also determines what honest pricing can look like. If verification happens at export, the seller knows — before charging you — which rows are valid, which are invalid, which are catch-all, and which are unknown. There is no longer an excuse to bill them all the same. Argorant’s model follows directly: invalid and unknown rows are filtered out and cost zero credits; you pay per deliverable contact delivered — valid by default, with catch-all and risky as explicit opt-ins. Across 614M contacts in 184 countries, the economics stay simple because the risk of a stale verdict sits with the seller, where it belongs.
Compare that with paying per record regardless of outcome: every dead address is margin for the vendor and a bounce for you. When you model cost, ignore the per-credit sticker and compute cost per deliverable contact — pricing structures change ranking dramatically once you do. Plans start under $100/month, and the free tier is enough to test the verification behavior on a real segment before spending anything.
See a live SMTP verdict
on your own segment.
Search, export, and pay only for deliverable contacts. Free account, 100 credits included.