This website uses cookies to better the user experience of its visitors. Where applicable, this website uses a cookie control system, allowing users to allow or disallow the use of cookies on their computer/device on their first visit to the website. This complies with recent legislative requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer/device. To learn more click Cookie Policy.

Privacy preference center

Cookies are small files saved to a user’s computer/device hard drive that track, save, and store information about the user’s interactions and website use. They allow a website, through its server, to provide users with a tailored experience within the site. Users are advised to take necessary steps within their web browser security settings to block all cookies from this website and its external serving vendors if they wish to deny the use and saving of cookies from this website to their computer’s/device’s hard drive. To learn more click Cookie Policy.

Manage consent preferences

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Cookies list
Name _rg_session
Provider rubygarage.org
Retention period 2 days
Type First party
Category Necessary
Description The website session cookie is set by the server to maintain the user's session state across different pages of the website. This cookie is essential for functionalities such as login persistence, ensuring a seamless and consistent user experience. The session cookie does not store personal data and is typically deleted when the browser is closed, enhancing privacy and security.
Name m
Provider m.stripe.com
Retention period 1 year 1 month
Type Third party
Category Necessary
Description The m cookie is set by Stripe and is used to help assess the risk associated with attempted transactions on the website. This cookie plays a critical role in fraud detection by identifying and analyzing patterns of behavior to distinguish between legitimate users and potentially fraudulent activity. It enhances the security of online transactions, ensuring that only authorized payments are processed while minimizing the risk of fraud.
Name __cf_bm
Provider .pipedrive.com
Retention period 1 hour
Type Third party
Category Necessary
Description The __cf_bm cookie is set by Cloudflare to support Cloudflare Bot Management. This cookie helps to identify and filter requests from bots, enhancing the security and performance of the website. By distinguishing between legitimate users and automated traffic, it ensures that the site remains protected from malicious bots and potential attacks. This functionality is crucial for maintaining the integrity and reliability of the site's operations.
Name _GRECAPTCHA
Provider .recaptcha.net
Retention period 6 months
Type Third party
Category Necessary
Description The _GRECAPTCHA cookie is set by Google reCAPTCHA to ensure that interactions with the website are from legitimate human users and not automated bots. This cookie helps protect forms, login pages, and other interactive elements from spam and abuse by analyzing user behavior. It is essential for the proper functioning of reCAPTCHA, providing a critical layer of security to maintain the integrity and reliability of the site's interactive features.
Name __cf_bm
Provider .calendly.com
Retention period 30 minutes
Type Third party
Category Necessary
Description The __cf_bm cookie is set by Cloudflare to distinguish between humans and bots. This cookie is beneficial for the website as it helps in making valid reports on the use of the website. By identifying and managing automated traffic, it ensures that analytics and performance metrics accurately reflect human user interactions, thereby enhancing site security and performance.
Name __cfruid
Provider .calendly.com
Retention period During session
Type Third party
Category Necessary
Description The __cfruid cookie is associated with websites using Cloudflare services. This cookie is used to identify trusted web traffic and enhance security. It helps Cloudflare manage and filter legitimate traffic from potentially harmful requests, thereby protecting the website from malicious activities such as DDoS attacks and ensuring reliable performance for genuine users.
Name OptanonConsent
Provider .calendly.com
Retention period 1 year
Type Third party
Category Necessary
Description The OptanonConsent cookie determines whether the visitor has accepted the cookie consent box, ensuring that the consent box will not be presented again upon re-entry to the site. This cookie helps maintain the user's consent preferences and compliance with privacy regulations by storing information about the categories of cookies the user has consented to and preventing unnecessary repetition of consent requests.
Name OptanonAlertBoxClosed
Provider .calendly.com
Retention period 1 year
Type Third party
Category Necessary
Description The OptanonAlertBoxClosed cookie is set after visitors have seen a cookie information notice and, in some cases, only when they actively close the notice. It ensures that the cookie consent message is not shown again to the user, enhancing the user experience by preventing repetitive notifications. This cookie helps manage user preferences and ensures compliance with privacy regulations by recording when the notice has been acknowledged.
Name referrer_user_id
Provider .calendly.com
Retention period 14 days
Type Third party
Category Necessary
Description The referrer_user_id cookie is set by Calendly to support the booking functionality on the website. This cookie helps track the source of referrals to the booking page, enabling Calendly to attribute bookings accurately and enhance the user experience by streamlining the scheduling process. It assists in managing user sessions and preferences during the booking workflow, ensuring efficient and reliable operation.
Name _calendly_session
Provider .calendly.com
Retention period 21 days
Type Third party
Category Necessary
Description The _calendly_session cookie is set by Calendly, a meeting scheduling tool, to enable the meeting scheduler to function within the website. This cookie facilitates the scheduling process by maintaining session information, allowing visitors to book meetings and add events to their calendars seamlessly. It ensures that the scheduling workflow operates smoothly, providing a consistent and reliable user experience.
Name _gat_UA-*
Provider rubygarage.org
Retention period 1 minute
Type First party
Category Analytics
Description The _gat_UA-* cookie is a pattern type cookie set by Google Analytics, where the pattern element in the name contains the unique identity number of the Google Analytics account or website it relates to. This cookie is a variation of the _gat cookie and is used to throttle the request rate, limiting the amount of data collected by Google Analytics on high traffic websites. It helps manage the volume of data recorded, ensuring efficient performance and accurate analytics reporting.
Name _ga
Provider rubygarage.org
Retention period 1 year 1 month 4 days
Type First party
Category Analytics
Description The _ga cookie is set by Google Analytics to calculate visitor, session, and campaign data for the site's analytics reports. It helps track how users interact with the website, providing insights into site usage and performance.
Name _ga_*
Provider rubygarage.org
Retention period 1 year 1 month 4 days
Type First party
Category Analytics
Description The _ga_* cookie is set by Google Analytics to store and count page views on the website. This cookie helps track the number of visits and interactions with the website, providing valuable data for performance and user behavior analysis. It belongs to the analytics category and plays a crucial role in generating detailed usage reports for site optimization.
Name _gid
Provider rubygarage.org
Retention period 1 day
Type First party
Category Analytics
Description The _gid cookie is set by Google Analytics to store information about how visitors use a website and to create an analytics report on the website's performance. This cookie collects data on visitor behavior, including pages visited, duration of the visit, and interactions with the website, helping site owners understand and improve user experience. It is part of the analytics category and typically expires after 24 hours.
Name _dc_gtm_UA-*
Provider rubygarage.org
Retention period 1 minute
Type First party
Category Analytics
Description The _dc_gtm_UA-* cookie is set by Google Analytics to help load the Google Analytics script tag via Google Tag Manager. This cookie facilitates the efficient loading of analytics tools, ensuring that data on user behavior and website performance is accurately collected and reported. It is categorized under analytics and assists in the seamless integration and functioning of Google Analytics on the website.

How to Validate an Email with the Truemail Ruby Gem

  • 32352 views
  • 8 min
  • Jun 11, 2019
Vladyslav T.

Vladyslav T.

Ruby Developer

Daria R.

Daria R.

Copywriter

Tags:

Share

Email validation can be a challenging task. You can use different approaches to validate an email address but all of them have to comply with the best practices to provide proper email validation. In this article, we shed some light on the 3 different email validation techniques and present you our gem that includes these techniques and allows you to automate email validation processes.

Why do we need to validate emails?

Email validation comes in handy when you’re building a product for the marketing sphere or that has marketing features. It’s especially important when sending a large number of emails. Here are three benefits that can persuade you to add email validation functionality to your product.

#1 Increases delivery rates

Email validation will help you remove invalid email addresses from your list. This will improve email deliverability, which means marketing campaigns will be more effective and cheaper.

#2 Helps you maintain a high sender reputation

Mailboxes rate senders by different metrics to form their reputation score. If your product sends emails en masse, you have to keep your sender score high. When a sender score is low, emails automatically go to spam or even get blocked.

One of the metrics that mailboxes track is the number of invalid email addresses a sender mails things to. More invalid emails mean a lover reputation.

Email validation allows you to eliminate invalid emails and keep your sender reputation high.

#3 Improves the conversion rate

A better sender score also means that more of your emails will arrive to users’ inboxes, more people will open them, and you’ll get more clicks and better performance.

Email validation can cut business expenses significantly and improve the results of marketing campaigns.

To validate an email properly, you need to perform regex, MX, and SMTP validation one by one.

Let’s take a look at these three email validation techniques separately and then check out how we implemented all of them in our gem.

Email validation techniques

1. Regex validation

Regex is the first, lowest-level email validation method. It’s based on checking the email address via a regex pattern.

A typical email address consists of three parts: a username, the @ symbol, and a domain name.

USER = /\A([a-z0-9]+[\w|\-|\.|\+]*/i

The username has to fulfill the following criteria:

  • Must be one character or more
  • May contain any letters, numbers and underscore
  • Must be case insensitive
  • May contain periods and hyphens, but not as the first character

DOMAIN = /[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,63}/i

The domain has to fulfill the following criteria:

  • Must start with a letter or number
  • May contain periods and hyphens
  • The TLD should contain only letters and should be between 2 and 63 characters long
  • Must be case insensitive

TYPICAL_EMAIL = /(?=\A.{6,255}\z)(#{USER})@(#{DOMAIN})/

Please note that this regex pattern doesn’t strictly follow the RFC 5322. You can’t validate internationalized emails or TLD emails via this regex, such as [email protected].

2. MX validation

Mail exchange (MX) record validation is the second, DNS-level validation method. The point of this method is to check the availability of the domain that’s used in the email address with the help of DNS records.

how to validate emails
Domain MX lookup validation

This is the schema of a typical MX domain lookup based on RFC 5321. It consists of three substeps: MX, CNAME, and A record resolution. Each resolver attempts to extract the mail servers from the email domain. If at least one server exists, validation is successful. Resolvers are checked in sequence until a resolver returns true or all resolvers fail.

Email validation
First step of MX validation

The MX records resolver consists of Null MX record, and MX records check. Following RFC 7505, if a domain doesn’t accept email, it should have a Null MX record. This is an MX record with zero priority and with a period as the value. If Null MX exists, validation will fail. Otherwise, we have to check MX records. If no MX records are found, we proceed to the second substep: the CNAME records resolver.

mx email validation
Second step of MX validation

The CNAME records resolver tries to extract hosts from domain CNAME records. If domain CNAME records exist, the CNAME resolver just transfers control to the MX resolver; otherwise, it transfers control to an A record resolver.

MX email validation
Third step of MX validation

An A record resolver checks domain A, records its existence, and saves the result as an IP address in the list.

3. SMTP validation

SMTP validation is the last high-level email validation. This method tries to determine the existence of an email address.

email validation
SMTP validation technique

SMTP validation consists of two parts: checking ports and checking SMTP sessions.

The operation will be iterated until the SMTP session returns true. Otherwise, validation fails.

email validation smtp
SMTP validation session

An SMTP session consists of four substeps: opening the session and three SMTP commands (HELO, MAILFROM, and RCPT TO). If an email exists, each step of the SMTP session should return status code 250.

Note that a verifier IP should have a PTR record to the HELO host for the best validation results. Also, the HELO host should be real and should have an A record to a verifier IP address where it runs. The MAILFROM argument should also exist and must include the HELO host.

What’s Truemail?

Truemail is a gem that uses all the verification methods mentioned above. It’s a lightweight, configurable, and simple Ruby email validator.

How does Truemail work?

The Truemail gem allows you to validate emails via the regex pattern, by domain DNS records, and by the real existence of an email account on a mailbox provider.

Benefits of Truemail

When we were working on Truemail, we wanted to combine all email validation methods and make this gem very easy to use. Here are the benefits you get using Truemail:

  • It’s configurable. Truemail allows you to validate only those metrics you need.
  • It’s lightweight. Truemail is a Ruby library with zero runtime dependencies.
  • It has a simple SMTP debugger. This debugger helps us find bugs easily.

What configurable options does Truemail have?

Here’s how you can configure Truemail.

Truemail host audit

As email validation based on the existence of an email address is a complex network process, you need to make sure that your verification host corresponds to modern SMTP metrics that mailbox providers use.

That’s why we added a host audit feature in Truemail. This feature allows us to perform an audit of the host where Truegem runs and helps us determine any current host issues.

So far, we’ve implemented only PTR record audit in Truemail. This feature helps us check:

  • PTR existence
  • PTR reference
  • Reverse trace

Here’s how we perform a Truemail host audit:

Once we’ve checked that our host works correctly, we can start email validation.

Email validation with Truemail

Below, you can see how Truemail performs regex, MX, and SMTP validation.

Regex validation

Validation with the regex pattern is the first validation level. By default, this validation isn’t performed by strictly following the RFC 5322 standard, so you can override Truemail’s default regex pattern if you want.

MX validation

Validation by MX records is the second validation level.

regex mx validation
Email validation schema

Truemail performs regex validation and then the MX validation itself.

The Truemail MX validator doesn’t follow the RFC 5321 standard strictly for the best validation outcome. So operation will be iterated even if one of the MX records has an unresolvable host.

SMTP validation

SMTP validation is the final, third level of validation. This type of validation tries to check the existence of an email account on a mail server.

email validation practices
Three-step validation schema

If the total number of MX servers equals one, the Truemail::Smtp validator will use the value from Configuration.connection_attempts.

Also, you don't need to pass with-parameter to use this validation.

This is an example with default settings (smtp_safe_check param equals to false)

If there are no SMTP errors found, the validation is successful.

But what is the SMTP safe check option? By default, it’s set to false, meaning that if any SMTP errors are detected, the validation will fail.

Here you can see an example of an SMTP error with the option smtp_safe_check = false.

You can find all request instances with SMTP errors in SMTP debugger.

Now, let’s see what happens with smtp_safe_check = true.

Truemail email validation
Truemail SMTP validation

In this case we have SMTP errors, but validation is successful. Why? Because the SMTP server doesn’t return the exact response that the current email doesn’t exist. By default, SMTP safe check is disabled and is available for SMTP validation only. So what will we receive if the server returns an RCPT TO error?

Truemail for validation
Email validation using Truemail gem

If an SMTP RCPT TO error is found, validation will fail. The SMTP error body pattern is configurable, which means you can define your own regex pattern if you need.

Truemail aims at making email validation easier and faster. You can find the full source code on our GitHub account. Feel free to ask a question or start a conversation below.

CONTENTS

Tags:

Authors:

Vladyslav T.

Vladyslav T.

Ruby Developer

Daria R.

Daria R.

Copywriter

Rate this article!

Nay
So-so
Not bad
Good
Wow
10 rating, average 4.8 out of 5

Share article with

Comments (2)
Collins Ruto
Collins Ruto over 4 years ago
Thanks for the amazing gem! It does look fantastic and I can't say enough thanks! So I just want a clarification, with Truemail, I don't actually have to send the user an email and ask them to verify their account exists by clicking on the link I sent them, right?
Reply
Daria R.
Daria R. over 4 years ago Collins Ruto
Hi, Collins! Thank you for your feedback. You need to send user's verification email link when a user has left an existent email, but he/she is not the owner of this one.
Reply

Subscribe via email and know it all first!