Business Issue: Marketo lead database is full of invalid, disposable Emails (Spam Domain), junk Email address find a solution to identify such leads, and reduce the lead database load.
Solution: Create a custom webhook to verify the domain and valid syntax of an Email. Most of the suggestions which you see in the Marketo community are related to "Honeypot" as a hidden field. However, this solution doesn't work at all because of the simple fact you can train your bot to ignore the hidden field. You can also test it out with simple chrome extension "Form Filler" under field options you will find ignore all hidden fields.
In order to identify spam(disposable), invalid, and junk emails. I ended up developing a webhook which does the following steps :
Lower Email address and Valid Email syntax check.
You will find an Email address is in all capital and the Email address is missing ".com" And, Marketo lets you submit the form.
Now Let's look at the response from the spam identifier.
Look at the response Email lowercase and validEmail is "Bad Syntax" other responses spam_note and mxRecord are left untouched
Example 2: Spam domain
We used a popular spambot domain "mailinator.net". The application then looks at the list of 5k disposable email domains and assigns a similarity score of 95 along with a similar domain for further check. You can even find mxRecord linked with the domain.
Example 3: Junk Domain
In the above example, I have randomly typed the email address which is a perfect example of the junk entries we get on a daily basis. mxRecord comes to rescue in this case as you found no "spam_note" and email is using valid syntax.
A combination of the above validation and custom logic provides the best solution in Marketo to identify junk and unmarketable leads and keeps your database intact. Almost, all the solutions in the market work on these principles, and the only exception is that I'm not sending an email to check the deliverability status code because it might end my domain in the blacklist.
Interesting way of simulating true SMTP validation, Ajay.
But you're making a false equivalency here: reCAPTCHA has never been intended to detect non-emailable leads! Detecting non-human activity (automated form submissions) and detecting non-emailable leads (nonexistent local-parts and/or domains) are orthogonal concerns, each with their own solutions.