Email Guardian Advanced
Email Guardian Advanced adds real-time SMTP verification to confirm that email addresses actually exist before tickets are created. This documentation covers Advanced-specific features; see the standard documentation for core features.
Overview
Email Guardian Advanced extends the standard edition with real-time mailbox verification. Instead of just checking against pattern lists, Advanced actually queries mail servers to verify addresses exist.
Why Real-Time Verification?
Pattern matching catches obvious fakes like disposable domains, but many invalid addresses look perfectly legitimate:
- Typos that form valid domains — user@gmal.co (not gmail.com)
- Non-existent mailboxes — Real domain, but the specific mailbox doesn't exist
- Misheard emails — Agent types what they heard, but it's wrong
🚧 Coming Soon: Email Guardian Advanced is currently in development and will be available on the Atlassian Marketplace soon.
What's Included
Email Guardian Advanced includes everything in the standard edition, plus SMTP mailbox verification:
| Feature | Standard | Advanced |
|---|---|---|
| Disposable email blocking (5,100+ domains) | ✓ | ✓ |
| Format validation | ✓ | ✓ |
| Typo detection | ✓ | ✓ |
| SMTP mailbox verification | — | ✓ |
| Price | $0.10/user/mo | $0.10/user/mo |
Installation
Install Email Guardian Advanced from the Atlassian Marketplace.
- Go to Jira Settings → Apps → Find new apps
- Search for "Email Guardian Advanced"
- Click Get app and follow the prompts
- Add the workflow validator to your transitions
SMTP Mailbox Verification
SMTP verification confirms that a specific mailbox exists on the mail server before allowing the ticket to be created.
How It Works
- After local validation passes (format, disposable, typo checks), the email is sent to the AddressHQ verification API
- The API connects to the mail server and verifies the mailbox exists
- If the mailbox doesn't exist, the transition is blocked with a clear error message
Important: SMTP verification does not send any email. It only asks the server if the address would be accepted. No messages are delivered during verification.
What It Catches
- Non-existent mailboxes — The domain is real but that specific email doesn't exist
- Mistyped usernames — john.smith@gmail.com vs jon.smith@gmail.com
- Deleted accounts — Email addresses that once existed but were removed
Validation Flow
Email Guardian Advanced validates in this sequence:
If any check fails, the transition is blocked immediately with the relevant error message. SMTP verification only runs if all local checks pass first.
Error Messages
Users will see clear error messages when validation fails:
| Error | Cause |
|---|---|
| "Invalid email format" | Email doesn't match valid format |
| "Disposable email addresses are not allowed" | Domain is in the disposable blocklist |
| "Possible typo - did you mean @example.com?" | Domain matches a known typo pattern |
| "Mailbox does not exist" | SMTP verification confirmed mailbox doesn't exist |
Troubleshooting
Legitimate emails marked as non-existent
- Some mail servers reject verification attempts as a spam prevention measure
- In these cases, the API allows the email through rather than blocking
- Contact us if a major provider is consistently failing
Verification seems slow
- SMTP verification typically adds 1-2 seconds to form submission
- This is much faster than dealing with bounced emails later
- If verification consistently times out, the API will allow the email through
API errors
- If the AddressHQ API cannot be reached, Email Guardian falls back to local validation only
- Tickets will still be created, just without SMTP verification
- This ensures reliability even if there are connectivity issues
Frequently Asked Questions
Does SMTP verification send actual emails?
No. SMTP verification connects to the mail server and asks if the address would be accepted, but never sends any message.
What data is sent to the API?
Only the email address being verified. No ticket data, user information, or other content is transmitted.
Is there a limit on verification requests?
Yes. Each Jira instance has rate limits: 20 verifications per minute, 200 per hour, 2000 per day. These limits are generous for normal use.
What happens if I hit the rate limit?
If rate limits are exceeded, the API will return an error and Email Guardian will fall back to local validation only.