In the comments on my Address Verification in Real Time Ken asks:
are there any legal issues in doing a large number of bulk SMTP transactions where you would connect issue say 20 RCPT TO commands to verify the user then send a RSET and QUIT. Immediatley connect again and do another 20 RCPT TO’s etc…
If you had say 250 thousand email addresses all pointing to the same MX record that would be you continually connecting 12500 times to cleanse your historical email list, then numbers would be small on forward flow as you would check them realtime as they came in.
Could you get into any serious trouble doing this?
I’m not sure there’s anything illegal about doing this. However, it is abusive and most mailservers will block IP addresses doing this.
No kidding, that would be abusive, and no kidding that any site that did that on anything remotely resembling a regular basis would end up in router DENY tables and firewalls all over the Internet. :/
Why do so many marketers mistake “legal” for “you can do this”? Especially in the U.S., it isn’t the law that usually affects most non-criminal marketers. We don’t have enough law enforcement personnel to go after more than a tiny fraction of CAN-SPAM violations, and those personnel rightly focus on the worst violations. It’s the ISPs and web hosting companies that enforce their AUP/TOS. It’s the blocklists and reputation services that provide tools to identify and block abuse. And it’s the individual system administrators at ISPs and web hosting companies that block abusers from their networks.
Marketers are usually smarter about what matters to their business. Somehow many of them seem to loose that savvy when it comes to email marketing. I don’t get it.
This is one of those questions where the mere asking reveals much more than any possible answer would.
If a list is so cruddy that you think you need to listwash it before you can mail to it, it’s too cruddy to use, listwashed or not. (Remember, just because an SMTP server says it’ll accept mail to an address doesn’t mean that it’s a live user, or that it’s not a spam trap.)
If if’s a real list, send mail to it and do normal bounce handling for the small number of deliveries that fail. If it’s anything else, throw it away, or perhaps demand a refund from the crooks who sold it to you.
Wow…that’s exactly why most servers stopped responding to VRFY requests a decade ago.