Is it possible to determine the creation date of the mail account for the address supplied within the authentication process flow; Or at least determine that the mail account was/was not created the same day as signup (or specifically after confirmation)?
A use case is to flag such accounts for closer scrutiny as part of a risk management system.
What general considerations do you think come into play in approaching this problem?
I imagine that solutions might be specific to different email providers but if I could determine this information for the major ones it's a good place to be.
Would love specific answers in any language or pseudocode assuming this is solvable within ethical principles.
Disclaimer: I have asked this question on Stack Overflow. Some nice person said that email providers would not allow it for privacy reasons. Completely acceptable, but IMHO I think that the age of an email account has little to do with personal privacy. Also there are too many smart people using the stack* forums for me to just lie down and die.
Best Answer
In general, no. SMTP is a protocol with a fixed set of information that can be exchanged, and "How long has this address been active?" is not among that information. (In fact, due to the continuing battle between mail infrastructure providers and spammers, it is getting progressively harder to get reliable answers to the much simpler question "Is this address deliverable?", even though this one is supposed to be answerable.)
That doesn't mean you couldn't find the answer in many cases depending on the details of the entity who is actually providing the ail service. Obviously, if you have control over it yourself, you can query the creation date easily. For public providers, there may be traces of the time when the domain an email uses was registered; many common internet stacks incidentally disclose more information than they are supposed to, and it may be possible to deduce something from that. What probably doesn't exist is a general way that works for all email addresses.