Free Spam Filter Test

See Your Email the Way an Anti-Spam Filter Sees It.

Paste any address and get the sender-side spam score filters weigh first: mailbox reality, spam-trap risk, SPF, DKIM, and DMARC, on the 9-point engine behind 2.1B+ verified emails. No signup, no card.

Trusted by 500,000+ leading GTM teams of all sizes

From paste to filter verdict

How the anti-spam filter test works

Three steps, no signup, no card on file. Paste an address you plan to send to, watch the nine-check engine score the signals spam filters weigh, and read the verdict in about two seconds.

001INPUT

Paste the address

Drop any email into the pill. Gmail, Outlook, custom domains, role aliases. Single address now, bulk CSV on signup.

002ENGINE

Run the 9-check engine

Nine checks fire in parallel. Syntax, DNS, SMTP, catch-all, disposable, role, age, auth, mailbox state. Verdict in about two seconds.

003VERDICT

Verdict in 2 seconds

Valid, invalid, or risky. Plus a confidence score, the per-check breakdown, and a recommended retry policy. Read on the page or via API.

The 9-point engine

Nine checks. One verdict.

The same nine-check engine our paid email verification API runs. Every email, every verification, every time.

  1. 01

    Syntax

    Every address runs a full RFC 5321 and RFC 5322 compliance pass before a single network call goes out. The engine catches what visual scanning misses, the double dot in alice@verifox..ai, the trailing period, the IDN homograph that looks valid but resolves to a different domain.

    Bundled typo suggestions let your form offer “did you mean alice@gmail.com?” instead of rejecting silently.

    Claymation ninja-fox mascot holding a clay ink brush beside an unrolled clay scroll: a typo email address marked with a red X seal and the corrected address with a sage-green check seal.
  2. 02

    Domain & MX

    Once syntax passes, the engine resolves the domain. We confirm the DNS records exist, fetch the MX record priority list in order, and verify at least one mail-exchange server is actively accepting connections right now.

    Misspelled domains like gmial.com, expired domains, and parked-for-sale domains all fail this gate before the engine wastes a single SMTP roundtrip.

    Claymation ninja-fox mascot beside a clay torii gate hung with glowing lanterns, representing the domain's prioritized mail-exchange (MX) servers.
  3. 03

    SMTP handshake

    The engine opens a TCP connection on port 25, performs the EHLO handshake, then negotiates MAIL FROM and RCPT TO. Every server response code (220, 250, 550, 552) is parsed deterministically against the IANA enhanced-status registry.

    This is the moment a mailbox proves it actually exists. No third-party guesses, no statistical heuristics, just the receiving server's own answer.

    Claymation ninja-fox mascot watching a clay paper crane pass between two clay gateposts marked EHLO and 250 OK, representing the SMTP handshake.
  4. 04

    Catch-all detection

    Some domains accept every email regardless of whether the mailbox exists, a setup known as a catch-all configuration. The engine sends a deterministic probe to a deliberately fake address (zzz9k7q@domain.com); if the server returns the same 250 OK it returned for the real address, the domain is catch-all.

    The verdict isn't dropped, it's flagged RISKY so you know the deliverability signal is degraded.

    Claymation ninja-fox mascot peeking into a clay box holding a real letter and a fake one sealed identically, with an amber question mark above, representing a catch-all domain.
  5. 05

    Disposable

    The engine maintains a curated registry of 10,247 disposable email providers, including Mailinator, Guerrilla Mail, 10MinuteMail, Tempmail, and the long tail of regional clones.

    Any address matching the blocklist is flagged INVALID. Deliverability to a mailbox that exists for 10 minutes and is never checked is functionally zero, regardless of whether the SMTP handshake passes.

    Claymation ninja-fox mascot on a clay bank watching a labelled clay paper boat sink beneath a red X seal, representing a rejected disposable email address.
  6. 06

    Role address

    info@, support@, no-reply@, admin@, hello@, billing@, contact@. These are shared inboxes, not individuals.

    The engine extracts the local-part of every address, matches it against the known role-prefix registry, and tags the result with a reduced engagement score.

    You don't drop them automatically. The verdict tells you they're roles so you can decide whether they belong in your outbound.

    Claymation ninja-fox mascot beside three clay envelopes each stamped with an amber ROLE seal, representing shared-inbox role addresses like info@ and support@.
  7. 07

    Domain age

    Fresh-spam domains registered hours ago are the single biggest source of inbound abuse. The engine queries WHOIS and RDAP for every unique domain, extracts the registration date, and flags anything under 30 days old with a “fresh” warning.

    Domains aged 5+ years pick up a corresponding trust signal. The same heuristic spam filters have been using since the early 2000s, ported into the verdict.

    Claymation ninja-fox mascot between a sturdy clay tree showing growth rings (an aged, trusted domain) and a tiny clay sapling (a freshly-registered domain).
  8. 08

    Email authentication

    SPF, DKIM, and DMARC together prove the sender is authorised to send from that domain.

    The engine reads each policy via DNS, validates SPF includes recursively, scans six common DKIM selectors for a published key, and confirms DMARC alignment with the From: header.

    A failing DMARC policy means the sender can be spoofed, so the verdict warns you before you reply.

    Claymation ninja-fox mascot holding the middle of three glowing clay seals labelled SPF, DKIM and DMARC, representing email authentication.
  9. 09

    Mailbox state

    Beyond “exists vs doesn't exist”, the engine extracts the precise mailbox state from the SMTP server's response. Full inbox (552 / 522 quota), disabled mailbox (550 5.1.1), out-of-office autoresponder, frozen account.

    Each state maps to a specific retry policy. Full inbox retries in 6 hours. Disabled drops permanently. The verdict tells you which bucket the bounce belongs in so your retry logic doesn't waste cycles.

    Claymation ninja-fox mascot peeking into three clay mailboxes, open and active, overstuffed and full, and shut and disabled, representing the precise mailbox state.

How we stack up

Verifox vs the alternatives

Same nine-check pipeline, the highest published accuracy, credits that never expire, and an MCP server no competitor offers. Head-to-head with the two providers our buyers shortlist.

Feature
Verifox
NeverBounce
ZeroBounce
Published accuracy claim99.99%99.0%99.6%
Credits expireNeverYesNever
Free credits on signup1,000–2,500 / one-time1,000 / monthly100 / monthly
Verify without signup
Catch-all resolutionAI confidenceFlagged onlyAI scoring
Real-time API
Bulk CSV upload
MCP server for AI agents
SOC 2 + GDPR + CCPA

What teams are saying

Built for the teams that ship outbound

Growth leads, marketers, and engineers running real campaigns on real lists, with a verified email on every byline.

Thomas George, GTM Lead at Stripe

90% lower bill, 0.4% bounces

We were paying ZeroBounce a four-figure monthly bill and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and cut the bill by more than 90%.
Thomas G.GTM Lead, Stripe
Brittany King, GTM Lead at HubSpot

Catch-all finally has a verdict

Other tools flag 30% of our B2B list as 'risky catch-all' and leave the call to us. Verifox returns a real verdict on those addresses, with a confidence score. We send more, we send safer.
Brittany K.GTM Lead, HubSpot
Dale Micallef, GTM Lead at Slack

Reputation rebuilt in 6 weeks

We had a Gmail spam-folder problem after a bad list import. Verifox cleaned the list and the warmup ran on the same engine. Back in primary inbox in six weeks. One vendor, half the cost.
Dale M.GTM Lead, Slack
Erica Kovalkoski, GTM Lead at Discord

0.7% bounce on 50k

Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.
Erica K.GTM Lead, Discord
Greg Lindsay, GTM Lead at OpenAI

MCP in 10 minutes

Their MCP server let me wire email verification directly into our internal Claude agent in about ten minutes. Zero glue code. No other vendor in this space has thought about that workflow.
Greg L.GTM Lead, OpenAI
Rini Vasana, Product Manager at Vercel

10k/min held under 400ms

Tested Verifox at 10,000 verifications per minute on a Tuesday morning. Latency held under 400ms median, no soft failures, no rate-limit walls. The vendor we benched throttled at 2,000/min.
Rini V.Product Manager, Vercel
Jonathan Aharon, GTM Lead at MongoDB

Hygiene that doesn't break pipeline

Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.
Jonathan A.GTM Lead, MongoDB
Emma Fox, GTM Lead at Linear

Bulk that actually ships

Bulk upload, sorted CSV back in twenty minutes, plug into our growth stack. The half-day list-hygiene project per cohort turned into something the marketing intern runs on autopilot.
Emma F.GTM Lead, Linear
David Hare, GTM Lead at Snowflake

Scores you can act on

Verifox returns a 0-100 confidence score per address, not just a label. We thresholded at 75 for the cold sequencer, 60 for nurture, and our deliverability team finally has a knob they can tune.
David H.GTM Lead, Snowflake

Why this one

Spam filter testing, minus the snake oil

Plenty of tools promise to beat the filter with one weird trick. We run the full nine-check pipeline our paid API uses and tell you exactly which sender signal would have flagged you, capped only on volume.

Accuracy
99.99%accuracy

The same nine-check engine

The free tier runs the full nine-check pipeline from our email verification API, capped on volume and never on accuracy.

Friction
0signups to begin

No signup to start

Verify your first emails right here with no signup at all. Create a free account when you go past four checks a day.

Coverage
10kemails / minute

API and bulk, included

Your free plan unlocks the very same REST API, CSV upload, and bulk parallel processing that the paid plans run on.

Privacy
SOC 2GDPR · CCPA

Emails are never stored

Addresses are processed in memory and dropped on response, nothing stored and nothing sold. Read the privacy policy.

Filter mechanics, explained

What an anti-spam filter scores before your email ever lands

Every message you send gets interrogated before a human sees it. The anti-spam filterat Gmail, Microsoft, or a corporate gateway running SpamAssassin assigns the message a spam score built from hundreds of rules, and the surprising part is how little of that score comes from your words. Modern spam filtering is reputation-first: who is sending, from which domain and IP, with what authentication, to what kind of list. A sender with a clean record can write “FREE!!!” in the subject and reach the inbox; a sender with a dirty record gets junked on a polite, plain-text note. The filter never explains itself either way.

The good news is that the heaviest signals are the ones you control. Filters watch your bounce rate, because bounces mean an old or bought list. They watch for spam-trap hits, addresses that exist only to catch careless senders. They check whether SPF, DKIM, and DMARC line up, whether your domain has history or was registered last week, and whether you are sitting on a blocklist. Verifox measures exactly those inputs: the 9-point engine pings each mailbox over a live SMTP session, the same handshake an SMTP testperforms, flags disposable and role addresses, resolves catch-all domains with an AI-confidence pass, and reads domain age plus authentication records. One honest boundary: no tool can reach inside a recipient's mailbox, so anyone selling a guaranteed bypass is selling fiction. What works is removing the evidence against you.

In practice that looks like a short pre-send routine. Verify the list, fix what the deliverability tester and your authentication records report, and re-check your domain monthly. The engine documented under email verification does the heavy lifting, the REST API automates it inside your own stack, and pay-as-you-go credits mean you only pay for addresses you actually check.

Trust & compliance

Enterprise-grade security and scale

Every layer of the stack carries a third-party attestation, so you can ship into regulated industries without rebuilding your compliance posture.

  • Claymation Japanese hanko seal in jade-green clay with a twisted shimenawa rope rim, the words SOC 2 TYPE II embossed in cream clay on its face.

    SOC 2 Type II

    Independently audited to the SOC 2 Type II standard.

  • Claymation Japanese hanko seal in cobalt-blue clay with a twisted shimenawa rope rim, the word GDPR embossed in cream clay on its face.

    GDPR

    Built for the EU with full GDPR data-subject rights.

  • Claymation Japanese hanko seal in rose-pink clay with a twisted shimenawa rope rim, the word CCPA embossed in cream clay on its face.

    CCPA

    California opt-out, do-not-sell, plus DSAR handling.

  • Claymation Japanese hanko seal in terracotta clay with a twisted shimenawa rope rim, the text ISO 27001 embossed in cream clay on its face.

    ISO 27001

    Information security held to the ISO 27001 standard.

  • Claymation Japanese hanko seal in lilac-purple clay with a twisted shimenawa rope rim, the text ISO 42001 embossed in cream clay on its face.

    ISO 42001

    AI governance aligned to the new ISO 42001 standard.

Common questions

Anti-spam filters, answered

What teams ask us when their mail starts landing in spam: how filters score senders, what a spam score really means, and which signals are worth fixing first.

What is an anti-spam filter and how does it work?

An anti-spam filter is the software a mailbox provider runs on every incoming message to decide its fate: inbox, spam folder, or outright rejection. Gmail, Microsoft, and open-source filters like SpamAssassin score hundreds of signals, including sender reputation, authentication records, bounce history, recipient engagement, and finally the message content. Most of that score is settled before your subject line is even read, which is why sender hygiene beats clever wording.

How do I test my email against anti-spam filters before sending?

Test the inputs filters weigh heaviest, in order. First, verify every address you plan to send to; the checker above runs 9 checks in about 2 seconds per address.

Then run a full email deliverability test to watch a real send behave, confirm your SPF, DKIM, and DMARC records, and score your sending domain with the domain spam checker. Clean results on those four put you ahead of most senders.

Why do my emails keep getting caught in spam filters?

Reputation, usually. Filters track your domain's bounce rate, spam-trap hits, blocklist listings, and complaint rate, and they keep punishing the pattern long after the offending campaign ends. Content triggers still exist but carry far less weight than they did a decade ago. Start with an email blacklist check to see if you are on a blocklist, then scrub the invalid addresses that caused the bounces in the first place.

What spam score do anti-spam filters use?

There is no universal score. SpamAssassin, the most widely deployed open-source filter, adds points per matched rule and treats anything above 5.0 as spam by default, while Gmail and Microsoft use machine-learned scores they never publish. That is why Verifox reports the sender signals every filter agrees on, mailbox validity, spam-trap risk, authentication, and domain reputation, instead of one number that only applies to one filter.

Do SPF, DKIM, and DMARC help me get past anti-spam filters?

Yes, and they are the entry ticket rather than a bonus. Gmail and Yahoo have required SPF, DKIM, and DMARC for bulk senders since February 2024, and mail that fails alignment gets filtered or rejected before content is even considered. Verifox checks email authentication as one of its 9 verification points, and the dedicated SPF, DKIM, and DMARC checker reads your records back in plain English so you can fix what fails.

Can any tool guarantee my email bypasses anti-spam filters?

No, and treat any tool that promises a bypass as a red flag. Filters are probabilistic, private, and retrained constantly; nobody outside Google can guarantee a Gmail inbox. What you can do is remove every negative signal you control: send only to verified addresses, hold your bounce rate near zero, authenticate your domain, and stay off blocklists. That is the work the Verifox verification engine automates on every address you check.

What is the difference between an anti-spam filter and a spam checker?

Direction. An anti-spam filter sits on the recipient's side and judges incoming mail. A spam checker works on your side, before you send, predicting how those filters will treat you. Verifox is the second kind: it scores the addresses you send to and the domain you send from. To test one address for spam-trap risk, use check email for spam; for your own domain's reputation, the domain spam checker runs the same engine.

How much does list hygiene affect anti-spam filtering?

More than any other factor you control. Mailbox providers read a high bounce rate as a bot or a bought list, and one spam-trap hit can hold a domain in the filter's penalty box for weeks. 20 to 40% of B2B lists fail at catch-all domains, the check most free tools skip. Scrub whole lists with the free email validator before any send; it runs the same 9-point pipeline as this page.

Is this anti-spam filter test really free?

Yes. You get 4 verifications a day on this page with no account. Create a free account and you get 1,000 credits immediately, or 2,500 if you sign up with a work address. No card required. Past that, credits are pay-as-you-go and never expire, with volume pricing shown for your region.

Can I run anti-spam checks from my own app or AI agent?

Yes. The REST API returns the same 9-point verdict at a median 380 ms per address, sub-50 ms cached, and roughly 10,000 emails per minute in bulk on the standard tier.

AI agents can skip the glue code entirely: Verifox ships a native MCP server, so Claude, Cursor, or any MCP client can verify addresses directly. SLA is 99.9% on Starter, 99.99% on an annual Volume contract.

Start before your next send

Walk into the filter with a clean record

Sign up free and get 1,000 verification credits on the spot, 2,500 if you use a work address. No card, no trial clock. Credits never expire, so scrub one list today and the rest whenever you send next. Most lists finish in minutes at roughly 10,000 emails per minute.

Get 1,000 free credits

4 free checks a day on this page without an account.