Let's be real. If you're doing any kind of B2B sales, marketing outreach, recruiting, or even just serious networking, finding the right professional email address is crucial. But man, the tools out there... RocketReach, Hunter, Lusha... they get expensive, fast. Paying hundreds or thousands per year just to verify contact info can feel like a necessary evil, especially for bootstrapped startups or smaller teams.
That sticker shock, combined with a love for Rust and a good technical challenge, is exactly why Email Sleuth was born. It's our open-source attempt to build a powerful, cost-effective alternative for discovering and verifying professional emails. Forget the per-seat licenses and credit limits; this is about taking control back.
How Does It Work? More Than Just Patterns
At its core, Email Sleuth is smarter than just spitting out a list of common patterns (though it does that too!). It employs a multi-pronged strategy:
- Smart Pattern Generation: It starts by generating a comprehensive list of likely email formats based on the first and last names (john.doe, jdoe, johnd, doe.j, etc.) combined with the target domain.
- SMTP Verification (The Classic Check): This is the old-school method. Email Sleuth connects directly to the company's mail server (found via MX records) and politely asks, "Hey, would you accept mail for jdoe@example.com?" using standard SMTP commands (MAIL FROM, RCPT TO). A direct "yes" or "no" is great!
- The Catch: This is becoming less reliable. Many servers block these probes, use temporary "greylisting" delays, or worse, are configured as "catch-alls" that accept everything, telling you nothing about a specific address. We now specifically test for and handle catch-all domains.
- Headless Browser Magic (The Clever Workaround): When SMTP lets us down, we get creative. Email Sleuth can fire up a headless Chrome browser (using the fantoccini Rust crate and needing a running WebDriver instance like chromedriver) and automate common web flows:
- Yahoo & Microsoft Password Resets: We mimic a user trying to reset a password for the target email. The screens shown or errors encountered during these flows often reveal whether an account actually exists, even when SMTP is useless! It's a bit like lockpicking, but for email validation.
- API Heuristics (The Educated Guess): For Microsoft 365 accounts, we have another trick. We predict the user's OneDrive for Business URL and send a quick check (a HEAD request). Based on the HTTP status code returned (like a 403 Forbidden often meaning "exists" vs. 404 Not Found), we can make an educated guess.
- Provider Awareness: Email Sleuth tries to identify the email provider (Gmail, Microsoft 365, Yahoo, etc.) based on the domain's mail server records. This helps it choose the best verification strategy. No point trying the Yahoo headless check on a Gmail address!
- Confidence Scoring: Every piece of evidence (pattern match, SMTP result, headless check outcome, API hint) contributes to a confidence score (0-10) for each potential email. Email Sleuth then ranks the candidates and picks the most likely one that meets configurable thresholds.
Built with Rust, Designed for Efficiency
Why Rust? Speed, safety, and excellent concurrency support (tokio) are perfect for this kind of network-bound task. We can run multiple checks concurrently, handle timeouts gracefully, and manage resources effectively. Key crates powering the core include reqwest (HTTP), trust-dns-resolver (DNS), lettre (SMTP), fantoccini (headless), serde/toml (data), and clap (for the CLI).
Recently, we undertook a major refactor, splitting the logic into a core library (email-sleuth-core) and a separate CLI tool. This makes the core logic reusable in other Rust projects and keeps the codebase cleaner and easier to maintain as we add more verification voodoo.
Give It a Whirl
You can use Email Sleuth in two ways:
- The CLI Tool:
- Single lookup: email-sleuth --name "Jane Doe" --domain "example.com"
- Batch processing: email-sleuth --input contacts.json --output results.json
- Enable advanced checks: email-sleuth ... --enable-headless-checks --webdriver-url http://localhost:9515 (See docs/config for more flags!)
- The Core Library:
- Add email_sleuth_core to your Cargo.toml.
- Use the ConfigBuilder to set up your configuration.
- Call initialize_sleuth(&config).await to get started.
- Use find_single_email(...) or process_contacts(...) for the magic.
Finding emails is still a tricky business, a mix of technical probing and educated guesswork. Email Sleuth aims to bring more science (and some clever hacks) to the table.
Check out the project here! We'd love feedback, especially on the experimental headless and API features. Let's make finding those emails a little less painful!
