What is Email Validation vs Verification?

Definition

Email validation and email verification are two stages of confirming that an email address is good. They are often used as if they mean the same thing, and many providers sell a single product under both names, but technically they describe different depths of checking.

Email validation is the structural check. It asks whether an address is written correctly and whether its domain is real. Validation looks at the format of the address, confirming there is a valid local part, a single at sign and a properly formed domain, and it checks that the domain exists. It is fast, inexpensive and catches the most common mistakes, such as a missing at sign, a stray space or a misspelled domain like gmial.com.

Email verification is the live check. It asks whether the address actually works, meaning whether a message sent to it would reach a real mailbox. Verification goes beyond format and tests the address against live mail infrastructure, querying DNS records, checking the domain's mail exchange configuration and performing an SMTP-level handshake with the recipient server to determine whether the specific mailbox exists and can accept mail.

The simplest way to hold the two apart is this. Validation answers the question is this written correctly. Verification answers the question will mail sent here be delivered. The first is about appearance, the second is about reality.

How It Works

Validation and verification sit on a single chain of checks, with validation running first and verification running second. Understanding the chain shows why they are different and why one without the other leaves a gap.

The validation steps come first because they are the cheapest. Syntax validation tests the address against the rules for how an email address may be written. Domain validation performs a DNS lookup to confirm the domain exists at all. These steps need no contact with the recipient mail server, so they are near instant, and they reject the addresses that are obviously wrong before any slower work begins. An address that fails validation never reaches verification.

The verification steps come next, on the addresses that passed validation. An MX record lookup confirms the domain publishes mail exchange records, meaning it is set up to receive email rather than only to host a website. Then the decisive step runs: a live SMTP handshake. The verification service opens a connection to the recipient mail server, begins the exchange a real sending server would begin, and asks whether the server will accept mail for the exact address. The server's response is what reveals whether the mailbox exists.

This is the gap that validation alone cannot close. Consider the address user@companyname.com. It has perfect syntax. The domain companyname.com may well exist and host a real website. Validation passes the address with a clean result. But if no mailbox named user was ever created, or it was deleted six months ago, the address is undeliverable. Only verification, through the SMTP handshake, catches that. Verification also adds catch-all detection, disposable detection and role-based detection, which describe the nature of an address that validation has no way of assessing.

Why It Matters for Email Deliverability

The distinction matters because relying on validation alone gives a false sense of safety. A list that has been validated but not verified will still contain undeliverable addresses, because validation cannot see whether a mailbox exists. Sending to that list produces hard bounces, and hard bounces are exactly what damages deliverability.

Mailbox providers such as Gmail, Yahoo and Microsoft treat the bounce rate as a measure of how well a sender maintains its list. A high bounce rate signals a list that was bought, scraped or neglected, and the providers respond by lowering the sender's reputation and routing more of its mail to spam. Because validation cannot catch the address that is correctly formatted but dead, validation alone does not protect the bounce rate. Verification does, because the SMTP handshake removes the addresses that would have bounced.

Verification also catches risks that have nothing to do with format. A disposable address is perfectly valid in structure but belongs to a throwaway provider, so it creates a contact that will soon be unreachable. A spam trap is a valid-looking address that exists only to catch senders mailing unverified lists, and hitting one can get a domain added to a blacklist. Validation passes all of these without comment because they are structurally fine. Verification flags them.

None of this makes validation pointless. Validation is the right first filter. It is instant, it costs almost nothing, and it gives immediate feedback in a form when someone fumbles a keystroke. The correct stance is not validation versus verification but validation then verification: use validation to catch obvious typos at the moment of entry, and use full verification to confirm the address is genuinely deliverable before it is mailed.

How VeriMails Handles It

VeriMails performs validation and verification together as a single combined check, so there is no need to choose between them or to stitch two tools together. Every address submitted to VeriMails runs through the complete chain in one pass.

The validation layer comes first: syntax validation confirms the address is written correctly, and DNS checks confirm the domain exists. The verification layer follows: MX record checks confirm the domain can receive mail, and a live SMTP handshake against the recipient mail server confirms the specific mailbox is real. On top of these, VeriMails runs catch-all detection, disposable email detection and role-based detection so the result describes not just whether an address works but what kind of address it is. VeriMails performs catch-all detection rather than scoring, so a catch-all domain is reported plainly as catch-all instead of being assigned a speculative number.

Both layers are delivered in one structured result, available through the REST API for real-time checks or through a bulk CSV upload for whole lists, and typically returned quickly enough for real-time workflows. Across these checks VeriMails returns clear deliverability categories that are practical for pre-send list cleanup. Verification is billed per address from credits, starting at $0.0019 per email with 10,000 credits costing $19, and subscriptions starting at $15 per month. Every account begins with 100 free credits on signup, with no credit card required and credits that never expire.

Frequently Asked Questions