[iLikeFunctional]

The most crucial point is that Email Sleuth does not send an actual email message. It performs the SMTP handshake (EHLO), specifies the sender (MAIL FROM), and attempts to specify the recipient (RCPT TO). It stops before the DATA command, which is where the email body and headers (subject, content, etc.) would be sent.

Catch all domains is a major source of inaccuracy. The verify_smtp_email function includes a basic catch-all detection heuristic. If the initial RCPT TO for the target email succeeds (2xx), it then tries RCPT TO with a randomly generated, likely non-existent email address at the same domain (e.g., no-reply-does-not-exist-123456@domain.com). If this also succeeds, it flags the original result as inconclusive_retry with a message indicating a "Possible Catch-All". This isn't foolproof (some servers might have smarter catch-all filters), but it's a common technique.