Email Validation Accuracy: How to Measure and Improve It

Published February 10, 2026

Every email validation service claims "99% accuracy!" But what does that actually mean? When you validate an email as "deliverable," how confident can you be that an email sent to that address will actually land in the inbox?

Email validation accuracy is more nuanced than a single percentage. It depends on how you measure it, what type of emails you're validating, and what you do with the results. This article breaks down how accuracy is calculated, why 100% is impossible, and how to evaluate validators objectively.

What Is Email Validation Accuracy?

Accuracy measures how often a validator's prediction matches reality. But "reality" in email validation has a catch: the only way to know for certain if an email is valid is to send an email to it.

Validators use indirect signals—DNS records, SMTP checks, historical data—to predict deliverability without actually sending mail. This creates inherent uncertainty.

The Two Types of Accuracy

There are two ways to measure email validation accuracy:

1. Binary Classification Accuracy

Measures how often the validator correctly classifies emails as valid or invalid:

Accuracy = (True Positives + True Negatives) / Total

Where:
- True Positive: Valid email marked as valid ✅
- True Negative: Invalid email marked as invalid ✅
- False Positive: Invalid email marked as valid ❌
- False Negative: Valid email marked as invalid ❌

2. Deliverability Accuracy

Measures how often an email marked "valid" actually receives mail:

Deliverability Accuracy = Successful Deliveries / Emails Marked Valid

This requires actually sending test emails, which is time-consuming
and limited by sender reputation.

Most services claim accuracy based on #1 (binary classification), not #2 (deliverability). This is important to understand when comparing vendors. For more on the distinction, see our guide on email validation vs verification.

Why 100% Accuracy Is Impossible

Email validation faces fundamental challenges that make perfect accuracy unattainable:

1. Catch-All Domains Accept All Addresses

Catch-all mail servers accept mail for any address at the domain, then route or reject internally. The SMTP check passes, but the address might not exist. Learn more about catch-all email detection challenges.

SMTP conversation with catch-all:

> RCPT TO: [email protected]
< 250 OK  ✅ Accepts

> RCPT TO: [email protected]
< 250 OK  ✅ Also accepts!

> RCPT TO: [email protected]
< 250 OK  ✅ Still accepts!

Result: Validator can't tell which addresses actually exist.

Impact: 15-20% of business domains use catch-all. For these, validators can only flag "accept-all, deliverability unknown."

2. Greylisting Creates False Negatives

Some mail servers temporarily reject first connection attempts (greylisting anti-spam technique). Validators must decide: retry or mark invalid?

SMTP conversation with greylisting:

> RCPT TO: [email protected]
< 451 Greylisted. Try again in 5 minutes.

Validator options:
1. Mark as invalid → False negative if address is valid
2. Retry after 5 min → Slows validation to unacceptable speeds
3. Mark as "unknown" → User must decide

Impact: 5-10% of addresses trigger greylisting. Trade-off between speed and accuracy.

3. Temporary vs Permanent Failures

SMTP errors aren't always clear:

• 550 Mailbox not found → Clearly invalid ✅
• 450 Mailbox full → Temporarily unavailable (might be valid) ⚠️
• 451 Server busy → Try again later ⚠️
• 554 Rejected → Could be spam filter, policy block, or invalid address ⚠️

Impact: Ambiguous SMTP responses require interpretation, introducing errors.

4. Time Decay

Email validity changes constantly:

• Users abandon accounts
• Companies close or change domains
• Mailboxes fill up and become inaccessible
• Spam filters change rules

An email validated as "valid" today might bounce tomorrow. Accuracy claims are only true at the moment of validation.

5. Rate Limiting and Aggressive SMTP Servers

Some mail servers block or throttle validation checks:

Common defensive measures:
- Ban known validator IP ranges
- Require full email delivery (not just RCPT check)
- Implement tarpitting (slow responses to waste validator time)
- Return random results to pollute validator databases

Impact: Certain domains (especially large ISPs like Gmail, Microsoft) are harder to validate accurately.

How to Measure Accuracy Objectively

When comparing validators, use real-world testing, not marketing claims. Here's how:

Step 1: Create a Ground Truth Dataset

Build a test set of emails with known status:

Ground truth dataset (example 1,000 emails):

500 Known Valid:
- Your own email addresses
- Accounts you control
- Recently confirmed signups

500 Known Invalid:
- Made-up addresses ([email protected])
- Deleted accounts
- Addresses that bounced in recent sends
- Typo domains (gnail.com, yaho.com)

Important: Include a mix that represents your real-world data (consumer emails, business emails, disposables, catch-alls).

Step 2: Run Through Validators

Validate your test set through each service you're evaluating:

// Test script
const testEmails = loadGroundTruth(); // 1,000 emails with known status

const results = {
  service_a: await validateBulk(testEmails, SERVICE_A_KEY),
  service_b: await validateBulk(testEmails, SERVICE_B_KEY),
  service_c: await validateBulk(testEmails, SERVICE_C_KEY)
};

// Compare against ground truth
const metrics = calculateMetrics(results, testEmails);

Step 3: Calculate Confusion Matrix

For each validator, calculate:

Metrics:

Accuracy = (TP + TN) / Total = (485 + 478) / 1000 = 96.3%

Precision (Valid) = TP / (TP + FP) = 485 / (485 + 22) = 95.7%
  "When validator says valid, how often is it right?"

Recall (Valid) = TP / (TP + FN) = 485 / (485 + 15) = 97.0%
  "Of all valid emails, how many did validator catch?"

F1 Score = 2 * (Precision * Recall) / (Precision + Recall) = 96.3%

Step 4: Test Deliverability (Optional)

For high-stakes use cases, send actual emails to a sample marked "valid":

// Select 100 random emails marked valid by validator
const markedValid = results.filter(r => r.status === 'valid').slice(0, 100);

// Send test emails
const deliveryResults = await sendTestEmails(markedValid);

// Calculate deliverability accuracy
const delivered = deliveryResults.filter(r => !r.bounced).length;
const deliverabilityAccuracy = delivered / markedValid.length;

console.log(`Deliverability: ${deliverabilityAccuracy}%`);

Limitation: Deliverability testing requires a warmed IP and good sender reputation. Poor reputation will skew results downward.

Accuracy Benchmarks: What's Realistic?

Based on industry testing and our own validation of 500M+ emails:

Red flag: Services claiming "99.9%" or "100%" accuracy are either lying or using deceptive measurement (e.g., excluding catch-all emails from accuracy calculation).

Factors That Affect Accuracy

1. Validation Depth

More comprehensive checks improve accuracy but slow response:

Trade-off: Real-time signup forms need speed (<300ms) while bulk list cleaning can tolerate longer checks for higher accuracy.

2. Data Freshness

Disposable email lists and validation caches decay quickly:

• Daily updates: Catches 95%+ of new disposable domains
• Weekly updates: Catches 85-90%
• Monthly updates: Catches 70-80%

Email Wipes updates disposable lists daily. Many competitors update weekly or monthly. Read our disposable email detection guide for more details.

3. Machine Learning & Historical Data

Validators improve accuracy by learning from past validations:

ML signals that improve accuracy:
- Domain reputation (high bounce domains = risky)
- Syntax patterns (random strings vs real names)
- Behavioral signals (signup patterns, engagement history)
- Correlation analysis (emails from same IP, device, time)

Example:
[email protected] → Random pattern = High risk
[email protected] → Real name pattern = Low risk

Impact: ML-enhanced validators achieve 2-3% higher accuracy on edge cases (gibberish addresses, new disposable domains).

How Email Wipes Achieves 99.3% Accuracy

Our accuracy comes from layered verification:

Layer 1: Syntax & Pattern Recognition

// Advanced regex + pattern analysis
const checks = [
  validateFormat(email),        // RFC 5322 compliance
  detectTypos(email),            // Common mistakes (gnail→gmail)
  checkLocalPart(email),         // Gibberish detection
  validateDomainStructure(email) // TLD validation
];

if (checks.some(check => !check.valid)) {
  return { status: 'invalid', reason: check.reason };
}

Layer 2: DNS & MX Records

// DNS lookups with caching
const mxRecords = await resolveMX(domain);

if (!mxRecords || mxRecords.length === 0) {
  return { status: 'invalid', reason: 'no_mx_records' };
}

// Check MX priority and validity
const validMX = mxRecords.filter(mx => isReachable(mx.exchange));

Layer 3: SMTP Verification

// Parallel SMTP checks with smart timeouts
const smtp = await smtpCheck(email, {
  timeout: 500,  // Fail fast on unresponsive servers
  retries: 2,    // Retry greylisting once
  checkCatchAll: true
});

if (smtp.catchAll) {
  // Return with risk scoring instead of binary valid/invalid
  return {
    status: 'valid',
    catchall: true,
    risk_score: calculateRisk(domain, smtp.response)
  };
}

Layer 4: Risk Scoring (ML)

// Machine learning risk model
const riskFactors = {
  disposable: checkDisposableList(domain),
  domainAge: getDomainAge(domain),
  historicalBounces: getHistoricalData(domain),
  patternScore: analyzeLocalPartPattern(localPart),
  reputationScore: getDomainReputation(domain)
};

const risk_score = mlModel.predict(riskFactors); // 0-100

return {
  status: smtp.valid ? 'valid' : 'invalid',
  risk_score,
  suggestion: typoSuggestion(email)
};

Result: 99.3% accuracy on mixed datasets, with granular risk scoring for edge cases.

How to Improve Your Validation Accuracy

If you're already using a validator but still seeing bounces, try these:

1. Use Risk Scoring, Not Binary Valid/Invalid

// Instead of:
if (validation.status === 'valid') {
  acceptEmail(email);
}

// Use risk-based decisions:
if (validation.status === 'valid' && validation.risk_score < 30) {
  acceptEmail(email);  // High confidence
} else if (validation.status === 'valid' && validation.risk_score < 60) {
  acceptWithCaution(email);  // Send welcome email, monitor engagement
} else {
  rejectEmail(email);  // Too risky
}

2. Combine with Engagement Tracking

// Validation says valid, but track actual deliverability
const validation = await validateEmail(email);

if (validation.status === 'valid') {
  await addToList(email);
  await sendWelcomeEmail(email);

  // Track if they actually engage
  setTimeout(async () => {
    const opened = await checkIfOpened(email);
    if (!opened) {
      // Valid by SMTP, but might be inactive or wrong address
      await flagAsLowEngagement(email);
    }
  }, 7 * 24 * 60 * 60 * 1000); // 7 days
}

3. Re-Validate Periodically

Email addresses decay at ~22.5% per year. Re-validate quarterly to maintain list quality and reduce bounces. See our email bounce handling best practices for more strategies.

// Cron job: validate all subscribers quarterly
const subscribers = await getSubscribers();
const lastValidated = subscribers.filter(s => {
  const daysSince = (Date.now() - s.last_validated) / 86400000;
  return daysSince > 90;  // 90 days
});

const results = await bulkValidate(lastValidated.map(s => s.email));

// Remove newly invalid addresses
const invalid = results.filter(r => r.status === 'invalid');
await removeFromList(invalid.map(r => r.email));

4. Implement Double Opt-In

Validation confirms syntax/deliverability. Double opt-in confirms intent:

// Signup flow
const validation = await validateEmail(email);

if (validation.status !== 'valid') {
  return res.json({ error: 'Invalid email address' });
}

// Even if valid, require confirmation
await createPendingSubscriber(email);
await sendConfirmationEmail(email, confirmToken);

// Only add to active list after click
// Catches:
// - Typos that passed validation (user meant [email protected])
// - Malicious signups
// - Addresses user doesn't control

Combined approach: Validation (99% accuracy) + double opt-in (99% intent confirmation) = 98%+ clean list.

Common Accuracy Pitfalls

Pitfall 1: Testing Only Invalid Emails

Some developers test validators by throwing obviously fake emails at them:

// Bad test
const testEmails = [
  'notanemail',
  'fake@fake',
  '[email protected]'
];

// These are easy to detect. Real challenge is edge cases:
const realWorldEdgeCases = [
  '[email protected]',  // Catch-all domain, user might not exist
  '[email protected]',   // New disposable service
  '[email protected]',      // New domain, no reputation data
  '[email protected]'        // Valid but might be unmanned mailbox
];

Fix: Test with real-world data that includes ambiguous cases.

Pitfall 2: Ignoring Catch-All Addresses

Excluding catch-all from accuracy metrics inflates scores:

// Misleading metric
const accuracy = validEmails.filter(e => !e.catchall).length / total;

// This ignores 15-20% of business emails!

// Honest metric includes catch-all:
const accuracy = validEmails.length / total;

Pitfall 3: Not Accounting for Greylisting

Greylisting can cause false negatives. Good validators retry:

// Poor approach
if (smtpResponse.code === 451) {
  return { status: 'invalid' };  // False negative!
}

// Better approach
if (smtpResponse.code === 451) {
  // Retry after delay
  await delay(60000);  // 1 minute
  const retryResponse = await smtpCheck(email);
  return retryResponse;
}

Conclusion: Accuracy Is a Spectrum, Not a Number

Email validation accuracy isn't a single percentage—it's a combination of:

• True positive rate: Catching valid emails (recall)
• True negative rate: Catching invalid emails (precision)
• Risk scoring: Handling ambiguous cases (catch-all, greylisting)
• Deliverability: Actual inbox placement vs. SMTP validation

Realistic accuracy expectations:

• Consumer emails (Gmail, Yahoo): 98-99%
• Business emails: 92-96%
• Mixed lists: 95-98%
• Aged lists (6+ months): 88-93%

Don't trust claims of 99.9% or 100% accuracy. Test validators yourself with ground truth data. Measure precision, recall, and deliverability—not just overall accuracy.

Best practices:

1. Validate at signup (prevent bad data entry)
2. Use risk scoring (handle ambiguous cases intelligently)
3. Implement double opt-in (confirm intent, not just deliverability)
4. Re-validate quarterly (catch address decay)
5. Monitor actual bounce rates (real-world accuracy check)

With the right validator and validation strategy, you can maintain a 98%+ clean email list—which is about as close to perfect as email validation gets.