This is more a security/privacy question but that often touches the UX too.
You should verify e-mail and password for the same reasons you do that for all users. If a user tries to log in with a non-registered e-mail address and it tells that the e-mail address was not found, that is a potential security and privacy risk.
You can show that the user is banned only when the e-mail and password combination is correct. When banned users forget their password, treat them the same as other users and let them reset the password by sending them an e-mail. In that e-mail you can mention that it is not possible to reset the password because they have been banned from the site.