The email address is part of our digital self. It is a unique address, which is not shared, which identifies a person, or at least that is the theory. It is used on a private or personal level.
In private use many companies provide you with a personal email address when you start working on it. A problem can occur if that work address is still active even if the work for the company has already been completed.
Google Workspace
It is very common for companies to use Google Workspace. It is a Google service that provides several products with a domain name customized by the customer. When you enter the company you are provided with an mail address assigned by an administrator.
Many times it happens that once you finish working for a company that corporate mail associated with your user is not deleted, which is a serious security and privacy problem. In a company you should only have active mails that are in use. Everything else can compromise the security of the company. In addition, having an active account involves the expense of a license to use if you are using Google Workspace.
Remember that your administrator has access to all data stored in your Google Workspace account, including email. In addition, your domain administrator can turn off certain services or limit your ability to transfer data to or from your organization’s account.
Email account after finishing work
Once you stop working for a company it is important that the corporate mail that is associated with your name is deleted. Since the administrator has access to all account data, including email, you can be unpleasantly surprised that someone sends an email for you, usurping your identity.
This process of deleting your account must be done without the person leaving the company intervening. This has to be done by the system administrator. However, many times due to ignorance or neglect it is not done. In that case, you yourself must force it to be done, although many times as it is an mail that you no longer use you do not give it importance or you forget.
Basic way to check if an email exists
There are several ways to know if an mail exists. The simplest is to send a mail to that address and check if you get a response. Depending on the mail server of the domain to which you send a message, you can receive one mail or another.
For example, in the case of Gmail you get this message:
550 5.1.1 The email account that you tried to reach does not exist. Please try double-checking the recipient's email address for typos or unnecessary spaces. Learn more at https://support.google.com/mail/?p=NoSuchUser a10sor8181013wmb.1 - gsmtp
Reporting-MTA: dns; googlemail.com
Received-From-MTA: dns; TUCORREODEGMAIL@gmail.com
Arrival-Date: Sat, 18 Sep 2021 01:50:27 -0700 (PDT)
X-Original-Message-ID: <0E2EF323-DB6C-4523-A641-DC52C309BF1B@gmail.com>
Final-Recipient: rfc822; CORREOQUENOEXISTE@gmail.com
Action: failed
Status: 5.1.1
Diagnostic-Code: smtp; 550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 https://support.google.com/mail/?p=NoSuchUser a10sor8181013wmb.1 - gsmtp
Last-Attempt-Date: Sat, 18 Sep 2021 01:50:28 -0700 (PDT)In the case of Hotmail it would give this error:
Could not be delivered to these recipients or groups:
CORREOQUENOEXISTE@gmail.com (CORRENOEXISTE@gmail.com)
The address to which you sent the message was not found in the destination domain. It may be misspelled or no longer exist. Do one or more of the following to try to troubleshoot the problem:
Resend the message, but first delete the address and retype it. If the mail program automatically suggests an address, do not select it.
Follow the steps in the following article to clear the Recipient AutoComplete cache stored in the mail program: Status code 5.1.1. Then, resend the message, but first don't forget to delete the address and retype it.
Contact the recipient by another means (for example, by phone) to verify that the address they use is correct. Ask if you have set a mail forwarding rule that might be forwarding the message to the wrong address.
In both cases it is an error code 5.1.1, which is a bounce message that is received by the sender by the server if the destination mail does not exist.
More technical ways to check an email address
There are other more professional ways that are exposed below.
DNS lookup
A DNS lookup is the process of requesting a DNS record from a DNS server. In our case, we are interested in the MX record. It is a DNS entry that specifies an mail server to accept mails for the domain name. Here is an example of a DNS lookup for gestiondeformacioN.es:
nslookup -query=mx gestiondeformacion.es
Server: 80.58.61.250 # dns de nuestro proveedor de servicios de internet
Address: 80.58.61.250#53
Non-authoritative answer:
gestiondeformacion.es mail exchanger = 1 aspmx.l.google.com.
gestiondeformacion.es mail exchanger = 10 aspmx3.googlemail.com.
gestiondeformacion.es mail exchanger = 5 alt1.aspmx.l.google.com.
gestiondeformacion.es mail exchanger = 5 alt2.aspmx.l.google.com.
gestiondeformacion.es mail exchanger = 10 aspmx2.googlemail.com.The mail server with the highest priority is chosen. The lower the preference value, the higher the priority. In our case, this is “aspmx.l.google.com.” This value is needed for what we are going to do next.
Ping the email
A ping consists of sending data packets to a device that receives them and seeing if it responds to that send or not. After checking your DNS, you can validate the mail over an SMTP connection. It is necessary to connect to the chosen SMTP server and ask if that mail address exists. If the server replies with (250 OK), the mail address is valid, that is, your user still exists if you have left the company. If you get a negative response the same error code seen above will come out (550-5.1.1 User Unknown), the mail address does not exist.
For the following instructions, you need an application console and use programs that allow the Telnetcommand.
- Connect to the SMTP mail server through port 25:
telnet aspmx.l.google.com 25You get the following answer that sets up an STMP handshake:
220 mx.google.com ESMTP z23si732378lfb.34 - gsmtp- The SMTP conversation starts:
EHLO gestiondeformacion.esAnd you get this answer:
250-mx.google.com at your service, [31.42.66.68]
250-SIZE 157286400
250-8BITMIME
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8- Now is when you specify the mail address using the MAIL FROMcommand:
mail from:<sender@example.io>Answer:
250 2.1.0 OK z23si732378lfb.34 - gsmtp- Eventually, you can do the mail address verification. Enter the recipient’s mail address using the RCPT TO command:
rcpt to:<new-recipient@mailtrap.io>A response with code 550-5.1.1 is obtained indicating that the receiver does not exist:
550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 https://support.google.com/mail/?p=NoSuchUser z23si732378lfb.34 - gsmtpon the other hand, if you get a 250 OKresponse, then the mail address is valid.
Verificar correo en tiempo real
There is also a website that verifies an mail in real time. There are 3 possible outcomes: Bad (mail does not exist), OK (mail is valid), and Unverifiable (mail cannot be verified).
Summary
The use of mail today is very important and it is essential to use it properly. If it is a personal address you have to be careful not to share it happily and use it to register on sites or communicate with it, without any other pretension.
If a company assigns you a personal email address from day one you have to know that it is your property, and that if an email is sent through that address to someone else you can not deny that you have been you. It is about non-repudiation, you can not say that you have not been if it came out through your email address.
In addition, if you leave the company you have to make sure that the email address associated with your user is deleted to avoid security and privacy problems.
Each email account of a user can entail a cost, so it is necessary that the administrator always deletes the accounts that are no longer in use.
References
https://mailtrap.io/blog/verify-email-address-without-sending/
