6 comments

[ 3.2 ms ] story [ 26.7 ms ] thread
Saw this the other day on reddit, tried it a few times with minor success.
How does this work? How is the confidence value calculated?
It does SMTP requests, trying to send mail (and aborting) to check the emails. It first tries a bogus gqjcqjcbhkjxcg@thedomain.com to see if the server throw an error (and was not config as a catchall), then for Bill Gates, tries : - billgates@ - gatesbill@ - bgates@ - gatesb@ - bill@ ... - bill.gates@ ...

but they don't try bg@thedomain.com

The results also depends of the order of the tests. If you have bill@ that redirects to bill.gates@, as they try bill@ before bill.gates@, it will tell you that bill@ is the address.

Clever, but used by spammers and list makers for years (those who scan whois domain infos and reconstruct the email with your name and the domain).

Man, I would pay money for this. Its exactly what I need. Who made this?
It's easier to simply google @example.com to find examples of email addresses from the business on the web. 90% of the time that gives you the standard of how they construct the left side of the email address. If that doesn't work a few educated guesses will get you there.