That depends on the sign-up workflow. It is possible to not provide the information "user already exist" on sign-up and instead just say "we sent you an email, please confirm". In this scenario a potential attacker who just wants to check for existing email addresses has no access to the email addresses he wants to check.
The contents of the email could be something like "Hey you just tried to register with this email address, but we already have an existing account with this email address ... Was that you? ... Maybe you have forgotten got your password?"
The contents of the email could be something like "Hey you just tried to register with this email address, but we already have an existing account with this email address ... Was that you? ... Maybe you have forgotten got your password?"