Why might you send an email to a non-existent address during a penetration test?

This tests how the mail system responds to invalid recipients and what information it leaks through bounce messages. When you send to a non-existent address, the SMTP server issues a non-delivery or bounce response that can reveal details about the email infrastructure—such as the server's identity, version, and configuration—and whether the system validates recipients during the SMTP transaction or defers validation to later processing. Analyzing these responses helps map the mail landscape, detect misconfigurations like catch-all setups, and understand potential information leakage that could aid attackers in targeting phishing or further enumeration. It’s not about checking encryption protocols, confirming real-time recipient status, or triggering account creation, which is why this approach best fits the question.