check-if-email-exists
check-if-email-exists copied to clipboard
reacherhq
Additional Validation methods - Gmail/Google Apps/Office 365
- [ ] Gmail / Google Apps #1193
Gmail / Google Apps email addresses can be validated with 100% accuracy using this method, and here's an example implementation.
Alternative Google implementation: https://github.com/megadose/holehe/tree/master/holehe/modules/mails/google.py
EDIT 20.05.2025: Google disabled this method: https://github.com/reacherhq/check-if-email-exists/issues/937#issuecomment-2893716828. Open to new ideas
- [x] Office 365 #1194
Office 365 email addresses are a bit trickier. There are some older enumeration options that no longer work reliably. The method outlined in this blog post still works today - with one caveat. It detects valid Office 365 email addresses with 100% accuracy IF the user has opened OneDrive at least once. However, it cannot tell the difference between an invalid email, or a valid email belonging to a user who has never opened OneDrive. Still it's useful as it generates no false positives. Here's an example implementation.
- [ ] ProtonMail: https://github.com/pixelbubble/ProtOSINT, also see example impl
- [ ] Laposte.fr: example impl
- [ ] mail.ru: example impl
- [ ] icloud: any ideas?
- [ ] gmx.de: any ideas?
- [ ] web.de: any ideas?
If any external contributor wants to pick an individual provider to work on, feel free to open a PR.
@amaurym, would you accept a PR for each individually? Wouldn't mind attempting at least the Gmail one.
Yes, for sure! Go ahead for gmail. Please make it optional though, e.g. using a gmail_use_api field (defaulted to false) on CheckEmailInput.
Yes, sure! I would also like to compare the blog's implementation versus a headless version using Outlook's password recovery page. It seems that the latter doesn't work for custom domains in MS 365 (see https://github.com/reacherhq/check-if-email-exists/issues/1185), so we might need to use this blog's API endpoint for those.