Yes, this is possible. First, get the UIDs for all of a user's friends. Then, execute this FQL to get the email_hashes for each friend:
SELECT email_hashes FROM user WHERE uid IN (comma_delimted_set_of_uids)
Since you already have the email address, you can hash it and compare it to facebook's email_hash. If you have a match, you know it's valid. According to the FB documentation, the format of each email hash is the crc32 and md5 hashes of the email address combined with an underscore (_).
