Paste the address
Drop any email into the pill. Gmail, Outlook, custom domains, role aliases. Single address now, bulk CSV on signup.
Instant Email Deliverability Check
Run an instant email deliverability check on any address with 99.99% accuracy, on the same 9-point verification engine our paid API runs. Catch bounce and spam-trap risk before you hit send. No signup, no card.
Trusted by 500,000+ leading GTM teams of all sizes
Email health, explained
Email health is shorthand for the one question mailbox providers keep asking about you: does this sender's mail get delivered and opened, or does it bounce and hit traps? Every address on your list carries part of the answer. A real, active mailbox is an asset. A dead one is a hard bounce waiting to happen, and Gmail, Outlook, and Yahoo all keep score. Push your bounce rate past roughly 2 % and your sender reputation starts sliding. Stay under it and even heavy sending volume keeps landing in the inbox.
The dangerous part is that an unhealthy list looks fine right up until it isn't. Addresses decay quietly. People change jobs, free mailboxes get abandoned, and providers recycle long-dead accounts into spam traps, addresses that exist purely to catch senders who skip email hygiene. One trap hit can drag your domain onto a blocklist (worth confirming with an email blacklist check if opens suddenly crater) and take weeks to claw back. By the time the open-rate chart falls off a cliff, the damage is already priced into your reputation.
A pre-send health check turns that gamble into a measurement. Paste an address above and the nine-check engine behind our Email Verification API scores its address health: real mailbox or not, disposable or role account, catch-all domain with an AI-confidence read, even domain age and SPF, DKIM, and DMARC on the receiving side. Risky addresses get held back before they cost you, your bounce rate stays under the line, and the healthy email list you actually send to keeps compounding inbox placement. That, more than any clever subject line, is what decides whether your next campaign gets seen.
From paste to verdict
Three steps, no signup, no card on file. Paste any address, watch the nine-check engine score its health, read the safe-to-send verdict in two seconds.
Drop any email into the pill. Gmail, Outlook, custom domains, role aliases. Single address now, bulk CSV on signup.
Nine checks fire in parallel. Syntax, DNS, SMTP, catch-all, disposable, role, age, auth, mailbox state. Verdict in about two seconds.
Valid, invalid, or risky. Plus a confidence score, the per-check breakdown, and a recommended retry policy. Read on the page or via API.
The same nine-check engine our paid email verification API runs. Every email, every verification, every time.
Every address runs a full RFC 5321 and RFC 5322 compliance pass before a single network call goes out. The engine catches what visual scanning misses, the double dot in alice@verifox..ai, the trailing period, the IDN homograph that looks valid but resolves to a different domain.
Bundled typo suggestions let your form offer “did you mean alice@gmail.com?” instead of rejecting silently.

Once syntax passes, the engine resolves the domain. We confirm the DNS records exist, fetch the MX record priority list in order, and verify at least one mail-exchange server is actively accepting connections right now.
Misspelled domains like gmial.com, expired domains, and parked-for-sale domains all fail this gate before the engine wastes a single SMTP roundtrip.

The engine opens a TCP connection on port 25, performs the EHLO handshake, then negotiates MAIL FROM and RCPT TO. Every server response code (220, 250, 550, 552) is parsed deterministically against the IANA enhanced-status registry.
This is the moment a mailbox proves it actually exists. No third-party guesses, no statistical heuristics, just the receiving server's own answer.

Some domains accept every email regardless of whether the mailbox exists, a setup known as a catch-all configuration. The engine sends a deterministic probe to a deliberately fake address (zzz9k7q@domain.com); if the server returns the same 250 OK it returned for the real address, the domain is catch-all.
The verdict isn't dropped, it's flagged RISKY so you know the deliverability signal is degraded.

The engine maintains a curated registry of 10,247 disposable email providers, including Mailinator, Guerrilla Mail, 10MinuteMail, Tempmail, and the long tail of regional clones.
Any address matching the blocklist is flagged INVALID. Deliverability to a mailbox that exists for 10 minutes and is never checked is functionally zero, regardless of whether the SMTP handshake passes.

info@, support@, no-reply@, admin@, hello@, billing@, contact@. These are shared inboxes, not individuals.
The engine extracts the local-part of every address, matches it against the known role-prefix registry, and tags the result with a reduced engagement score.
You don't drop them automatically. The verdict tells you they're roles so you can decide whether they belong in your outbound.

Fresh-spam domains registered hours ago are the single biggest source of inbound abuse. The engine queries WHOIS and RDAP for every unique domain, extracts the registration date, and flags anything under 30 days old with a “fresh” warning.
Domains aged 5+ years pick up a corresponding trust signal. The same heuristic spam filters have been using since the early 2000s, ported into the verdict.

SPF, DKIM, and DMARC together prove the sender is authorised to send from that domain.
The engine reads each policy via DNS, validates SPF includes recursively, scans six common DKIM selectors for a published key, and confirms DMARC alignment with the From: header.
A failing DMARC policy means the sender can be spoofed, so the verdict warns you before you reply.

Beyond “exists vs doesn't exist”, the engine extracts the precise mailbox state from the SMTP server's response. Full inbox (552 / 522 quota), disabled mailbox (550 5.1.1), out-of-office autoresponder, frozen account.
Each state maps to a specific retry policy. Full inbox retries in 6 hours. Disabled drops permanently. The verdict tells you which bucket the bounce belongs in so your retry logic doesn't waste cycles.

How we stack up
Same nine-check pipeline, the highest published accuracy, credits that never expire, and an MCP server no competitor offers. Head-to-head with the two providers our buyers shortlist.
| Feature | Verifox | NeverBounce | ZeroBounce |
|---|---|---|---|
| Published accuracy claim | 99.99% | 99.0% | 99.6% |
| Credits expire | Never | Yes | Never |
| Free credits on signup | 1,000–2,500 / one-time | 1,000 / monthly | 100 / monthly |
| Verify without signup | |||
| Catch-all resolution | AI confidence | Flagged only | AI scoring |
| Real-time API | |||
| Bulk CSV upload | |||
| MCP server for AI agents | |||
| SOC 2 + GDPR + CCPA |
What teams are saying
Growth leads, marketers, and engineers running real campaigns on real lists, with a verified email on every byline.

We were paying ZeroBounce a four-figure monthly bill and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and cut the bill by more than 90%.

Other tools flag 30% of our B2B list as 'risky catch-all' and leave the call to us. Verifox returns a real verdict on those addresses, with a confidence score. We send more, we send safer.

We had a Gmail spam-folder problem after a bad list import. Verifox cleaned the list and the warmup ran on the same engine. Back in primary inbox in six weeks. One vendor, half the cost.

Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.

Their MCP server let me wire email verification directly into our internal Claude agent in about ten minutes. Zero glue code. No other vendor in this space has thought about that workflow.

Tested Verifox at 10,000 verifications per minute on a Tuesday morning. Latency held under 400ms median, no soft failures, no rate-limit walls. The vendor we benched throttled at 2,000/min.

Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.

Bulk upload, sorted CSV back in twenty minutes, plug into our growth stack. The half-day list-hygiene project per cohort turned into something the marketing intern runs on autopilot.

Verifox returns a 0-100 confidence score per address, not just a label. We thresholded at 75 for the cold sequencer, 60 for nurture, and our deliverability team finally has a knob they can tune.

We were paying ZeroBounce a four-figure monthly bill and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and cut the bill by more than 90%.

We had a Gmail spam-folder problem after a bad list import. Verifox cleaned the list and the warmup ran on the same engine. Back in primary inbox in six weeks. One vendor, half the cost.

Their MCP server let me wire email verification directly into our internal Claude agent in about ten minutes. Zero glue code. No other vendor in this space has thought about that workflow.

Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.

Verifox returns a 0-100 confidence score per address, not just a label. We thresholded at 75 for the cold sequencer, 60 for nurture, and our deliverability team finally has a knob they can tune.

Other tools flag 30% of our B2B list as 'risky catch-all' and leave the call to us. Verifox returns a real verdict on those addresses, with a confidence score. We send more, we send safer.

Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.

Tested Verifox at 10,000 verifications per minute on a Tuesday morning. Latency held under 400ms median, no soft failures, no rate-limit walls. The vendor we benched throttled at 2,000/min.

Bulk upload, sorted CSV back in twenty minutes, plug into our growth stack. The half-day list-hygiene project per cohort turned into something the marketing intern runs on autopilot.

We were paying ZeroBounce a four-figure monthly bill and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and cut the bill by more than 90%.

Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.

Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.

Other tools flag 30% of our B2B list as 'risky catch-all' and leave the call to us. Verifox returns a real verdict on those addresses, with a confidence score. We send more, we send safer.

Their MCP server let me wire email verification directly into our internal Claude agent in about ten minutes. Zero glue code. No other vendor in this space has thought about that workflow.

Bulk upload, sorted CSV back in twenty minutes, plug into our growth stack. The half-day list-hygiene project per cohort turned into something the marketing intern runs on autopilot.

We had a Gmail spam-folder problem after a bad list import. Verifox cleaned the list and the warmup ran on the same engine. Back in primary inbox in six weeks. One vendor, half the cost.

Tested Verifox at 10,000 verifications per minute on a Tuesday morning. Latency held under 400ms median, no soft failures, no rate-limit walls. The vendor we benched throttled at 2,000/min.

Verifox returns a 0-100 confidence score per address, not just a label. We thresholded at 75 for the cold sequencer, 60 for nurture, and our deliverability team finally has a knob they can tune.
Why this one
Most free deliverability tools quietly switch off the interesting checks. Ours runs the full nine-check pipeline the paid plans use, capped only on volume, so every health verdict is the real one.
The free tier runs the full nine-check pipeline from our email verification API, capped on volume and never on accuracy.
Verify your first emails right here with no signup at all. Create a free account when you go past four checks a day.
Your free plan unlocks the very same REST API, CSV upload, and bulk parallel processing that the paid plans run on.
Addresses are processed in memory and dropped on response, nothing stored and nothing sold. Read the privacy policy.
Trust & compliance
Every layer of the stack carries a third-party attestation, so you can ship into regulated industries without rebuilding your compliance posture.

Independently audited to the SOC 2 Type II standard.

Built for the EU with full GDPR data-subject rights.

California opt-out, do-not-sell, plus DSAR handling.

Information security held to the ISO 27001 standard.

AI governance aligned to the new ISO 42001 standard.
Common questions
The questions we get from teams that land here to check whether an address is safe to send to, with the real numbers, real limits, and real opinions behind our verification stack.
An email health check answers one question: is this address safe to send to? It runs an address through syntax, DNS, SMTP, and risk checks, then returns a verdict on whether sending will land in the inbox, bounce, or hit a spam trap and drag down your sender reputation.
Verifox runs the same nine-check engine our paid Email Verification API uses, so the email deliverability check you get here is the same one teams pay for at scale. If you prefer the plain verify phrasing, the free email checker is the same tool under a different name.
It is, with no expiry trick. The checker above gives you 4 health checks a day without an account. When you hit that cap you can wait for the daily reset, or sign up free and claim 1,000 credits on the spot, 2,500 if you register with a work address. No card at either step.
Past the free credits, packs are pay-as-you-go and never expire. Pricing is localized to your region, which is why we never quote a flat figure here.
All nine checks from our verification engine fire in parallel on every address:
The combined verdict scores 99.99 % accurate on our 1,000-address benchmark, and the catch-all resolution covers the spot where 20 to 40 % of B2B lists quietly rot. The free email validator runs this same pipeline under the validate phrasing.
Every hard bounce and spam-trap hit chips away at your sender reputation, and once it drops, even your healthy mail starts landing in spam. Mailbox providers watch your bounce rate closely; keeping it under 2 % is the practical line between the inbox and the junk folder.
A health check works on the address; pair it with our email deliverability tester to score your sending side, and the email bounce checker to flag the addresses already costing you. Together they keep a healthy email list earning inbox placement.
Risky means the domain accepted our SMTP handshake but would not confirm the specific mailbox, almost always a catch-all domain. The address might be live, might be a black hole. Our AI-confidence pass scores each one, so you get a probability instead of a shrug.
The practical rule: send to high-confidence risky addresses when the contact is valuable, hold the low-confidence ones back. Since 20 to 40 % of B2B lists sit at catch-all domains, blanket-deleting every risky address throws away real pipeline.
Before every major send, and quarterly at minimum. Addresses decay fast: people change jobs, mailboxes get retired, domains lapse. A list that was clean in January can be a bounce hazard by June.
The free signup tier (1,000 credits, or 2,500 with a work email) covers a full hygiene pass on most small lists, and bulk runs at roughly 10,000 emails per minute on the standard tier. If you would rather not remember a schedule, deliverability monitoring watches your sending health between passes.
Three main routes: recycled traps (providers retire a dead mailbox, then quietly reopen it to catch senders who never clean their lists), purchased or scraped lists that are seeded with pristine traps, and typo domains harvested from sloppy signup forms.
One trap hit can put your domain on a blocklist, so run an email blacklist check if your open rates suddenly crater, and check your email for spam triggers before the next campaign. At the source, our FoxGuard form widget blocks bad addresses before they ever reach the list.
Never. An address exists in our memory for the few hundred milliseconds the health check takes, then it is gone. No logs, no retention, no resale, and nothing for a breach to leak.
That posture is audited: SOC 2 Type II, with the Trust Center report available on request. The privacy policy spells out exactly what we touch during a check and what we refuse to keep.
In practice, nothing. An email health check, an email deliverability check, and email verification all do the same job: confirm an address is real, reachable, and safe to send to. Verifox runs the identical nine-check engine for every one of them. “Health” just frames the verdict around the outcome you care about, inbox placement, rather than a bare valid or invalid.
If you prefer the single-address, paste-and-go phrasing, the free email checker is the same tool, and the free email validator covers the validate-an-address phrasing. All three share the same accuracy, the same verification engine, and the same free tier.
Yes. The REST API reference documents the inbound and outbound shapes for every endpoint, so you can drop a real-time email health check into signup forms, CRMs, or any tool that speaks REST. HubSpot, Salesforce, Zapier, Klaviyo, Mailchimp, and Brevo all connect out of the box. Median latency is around 380 ms per address, sub-50 ms cached, with a 99.9 % uptime SLA on Starter and 99.99 % on annual Volume contracts (live status at status.verifox.ai).
Verifox also ships native MCP server support so AI agents (Claude, Cursor, custom LLM apps) can check address health without glue code. Drop the MCP URL into your agent config and the tools are wired.