
Free Email Verification API in Go - sdwolfe32
https://github.com/sdwolfe32/trumail
======
zbentley
Why on _earth_ is this exposed as a web service? This seems like the perfect
example of something that should be done locally in email-sending code, via a
library. This is why microservice zealotry scares me.

"Why can't we alert our customers about our security breach, Bob?"

"Well, Alice, it seems that we can't send them emails because the email-
ability verification service we use before we attempt to . . . y'know, send
the email, is crashing our app! Even worse, that service is taking so long to
return error messages that our app is unresponsive for other requests!"

"Shit, Bob; couldn't we just email them ourselves to see if they are email-
able?"

It also seems likely that repeated use of the "start to compose a letter then
bail out" network behavior might get people using this added to a blacklist by
programs that naïvely detect DDoS attacks on mail servers/relays.

Oh, and you now have another location where all of your customers' email
addresses may be stored in plaintext: your email-verifier server's logs.

To be clear, I think this is a useful thing to be able to do, but designing it
as a remote service seems misguided and unnecessary.

