So I wrote a CLI tool in Rust.
You give it:
A full name (like “Jane Smith”)
A domain (like company.com)
Generates common email patterns (jane@company.com, jsmith@, etc)
Scrapes the company website for any public emails
Does an SMTP check (MX + RCPT TO) to verify if the email exists
Scores and ranks the candidates
I wanted something fast, private, scriptable, and verifiable — not just “guesses” wrapped in a pretty UI. This has JSON in/out, works well in batch mode, and can run locally or in CI pipelines.
Notes
Port 25 warning: SMTP verification requires outbound port 25 access. Most home ISPs block this. I’m not a networking guy, so maybe there’s a better solution — but I just run it on a GCP VM and it works fine there.
Rust has been awesome for this: fast HTTP/S scraping, socket-level control, robust error handling, and painless multithreading. Probably wouldn’t want to write this in Python.
Would love feedback, issues, feature requests, or just a reality check.
badmonster•2mo ago
iLikeFunctional•2mo ago
Catch all domains is a major source of inaccuracy. The verify_smtp_email function includes a basic catch-all detection heuristic. If the initial RCPT TO for the target email succeeds (2xx), it then tries RCPT TO with a randomly generated, likely non-existent email address at the same domain (e.g., no-reply-does-not-exist-123456@domain.com). If this also succeeds, it flags the original result as inconclusive_retry with a message indicating a "Possible Catch-All". This isn't foolproof (some servers might have smarter catch-all filters), but it's a common technique.