You usually create debounced inputs for that. This is similar to the autosuggest and typeahead inputs and comboboxes: sending requests to the server in response to an input change isn't something unusual
It’s a major security/privacy issue, you don’t want to tell world+dog all registered users, especially since that’s typically an email address.
Huge, huge, massive “no no”.
Likewise you still have to do sever side validation as any client side code can be modified, or you can just send payloads directly to the server. IMHO client side form validation is dangerous as it gives a false sense of security.
It's not actually all that bad, if you do it asynchronously and in batches (as much as possible).
The total amount of traffic in both direction is pretty small, and the logic is simple, especially compared to lots of other things your server is typically doing.
I don't think the amount of traffic is necessarily the issue. You're validation could be fairly "expensive". Maybe you need to do a lookup in a legacy system, maybe you need to check multiple systems?
You'd probably have to wait until the user moves on to the next field, if there's more, but that's also a little silly, as you'd force the user to go back to a previous field.
Maybe that is user friendly but for sure I don't like to see the backend bombarded with API calls each time an user types a letter.