Detect disposable, catch-all, and abusive email addresses at the moment of registration — with explainable signals, not a boolean.
{
"meta": {
"request_id": "req_7f3a2c1b4e5d",
"domain": "mailinator.com",
"latency_ms": 4,
"path_taken": "fast"
},
"verdict": {
"recommendation": "block",
"risk_level": "critical",
"disposable": true,
"summary": "Domain is a confirmed disposable email provider."
},
"score": {
"value": 100,
"confidence": 1.0,
"confidence_level": "high"
},
"signals": {
"fired": [
{ "name": "known_disposable_domain", "weight": 100 }
]
}
}Get 100 free checks on signup. Then buy credits — bundles from $0.0016/check. No subscriptions, no monthly minimums.
Send a single HTTP request with the email. Get back a confidence-scored risk verdict in under 100ms.
Switch on the recommendation value — block / verify / flag / allow — and stop trial abuse before it starts.
A 0–100 risk score paired with a confidence value between 0 and 1. The verdict recommendation is always one of four values — block, verify_manually, allow_with_flag, allow — so you can switch on it in code without parsing thresholds.
"score": {
"value": 94,
"confidence": 0.91,
"confidence_level": "high"
},
"verdict": {
"recommendation": "block",
"risk_level": "critical"
}Every response includes a signals array listing which signals fired, their direction (risk or trust), their weight, and why. Debug false positives in 10 seconds instead of opening a support ticket.
"fired": [
{ "name": "catch_all_confirmed",
"direction": "risk", "weight": 55 },
{ "name": "domain_age_14_days",
"direction": "risk", "weight": 42 },
{ "name": "mx_shared_with_9_domains",
"direction": "risk", "weight": 35 }
]A Bayesian confidence model catches rotating catch-alls that defeat naive SMTP probes — combining infrastructure signals, behavioral history, and cross-customer network data into a single probability.
85% of traffic resolves from in-memory caches in under 5ms. Weighted p99 latency across all checks is under 28ms. Async-with-preliminary path for deep checks so your signup flow never waits.
Use VerifyMail with your favorite language or framework.
import { VerifyMail } from 'verifymail'; const client = new VerifyMail({ apiKey: 'vm_live_...' }); const result = await client.check('user@mailinator.com'); switch (result.verdict.recommendation) { case 'block': throw new Error(result.verdict.summary); case 'verify_manually': queueForReview(email, result); break; case 'allow_with_flag': logSuspicious(email, result.signals.fired); break; case 'allow': // safe to proceed break; }
A preview of what the API actually checks — grouped by category, each with a weight in the score.
known_disposable_domain+100mx_on_abuse_list+80asn_known_bad+60catch_all_confirmed+55domain_age_under_30d+42mx_shared_with_n_domains+35spf_missing+18random_localpart+38plus_addressing_suspicious+22role_based_address+15gmail_dot_trick+12signup_velocity_high+45seen_across_n_tenants+30first_seen_within_hours+20corporate_domain−40domain_age_over_5y−25reputable_mx_provider−2040+ signals across 6 categories. Every one returned in the signals.fired[] array with name, direction, and weight. Full list in the docs.