diff --git a/src/api/identity.rs b/src/api/identity.rs
index 86cdd4710c..39478c502d 100644
--- a/src/api/identity.rs
+++ b/src/api/identity.rs
@@ -744,8 +744,13 @@ async fn register_verification_email(
 
     let should_send_mail = CONFIG.mail_enabled() && CONFIG.signups_verify();
 
-    if User::find_by_mail(&data.email, &mut conn).await.is_some() {
-        if should_send_mail {
+    let token_claims =
+        crate::auth::generate_register_verify_claims(data.email.clone(), data.name.clone(), should_send_mail);
+    let token = crate::auth::encode_jwt(&token_claims);
+
+    if should_send_mail {
+        let user = User::find_by_mail(&data.email, &mut conn).await;
+        if user.filter(|u| u.private_key.is_some()).is_some() {
             // There is still a timing side channel here in that the code
             // paths that send mail take noticeably longer than ones that
             // don't. Add a randomized sleep to mitigate this somewhat.
@@ -754,16 +759,9 @@ async fn register_verification_email(
             let delta: i32 = 100;
             let sleep_ms = (1_000 + rng.random_range(-delta..=delta)) as u64;
             tokio::time::sleep(tokio::time::Duration::from_millis(sleep_ms)).await;
+        } else {
+            mail::send_register_verify_email(&data.email, &token).await?;
         }
-        return Ok(RegisterVerificationResponse::NoContent(()));
-    }
-
-    let token_claims =
-        crate::auth::generate_register_verify_claims(data.email.clone(), data.name.clone(), should_send_mail);
-    let token = crate::auth::encode_jwt(&token_claims);
-
-    if should_send_mail {
-        mail::send_register_verify_email(&data.email, &token).await?;
 
         Ok(RegisterVerificationResponse::NoContent(()))
     } else {