001INPUT
Email under test
Syntax (RFC 5321)
Format validation
Typo detection
Local-part parse
Paste the address
Drop any email into the pill. Gmail, Outlook, custom domains, role aliases. Single address now, bulk CSV on signup.
Instant Email Verification
The Free Email Checker That Verifies Any Address in 2 Seconds.
99.99% accuracy with the same 9-point email verification engine our paid API runs. No signup, no card.
Trusted by 500,000+ leading GTM teams of all sizes
From paste to verdict
How the free email checker works
Three steps, no signup, no card on file. Paste any address, watch the nine-check engine fire, read the verdict in two seconds.
002ENGINE
01REGEXSyntax
02DNSDomain & MX
03WIRESMTP handshake
04PROBECatch-all
05BLOCKDisposable
06PARSERole address
07WHOISDomain age
08AUTHEmail auth
09STATEMailbox state
Run the 9-check engine
Nine checks fire in parallel. Syntax, DNS, SMTP, catch-all, disposable, role, age, auth, mailbox state. Verdict in about two seconds.
003VERDICT
alice@gmail.com
VALID98
m.chen@stripe.com
VALID94
info@brand.io
RISKY62
test@mailinator.com
INVALID0
Verdict in 2 seconds
Valid, invalid, or risky. Plus a confidence score, the per-check breakdown, and a recommended retry policy. Read on the page or via API.
The 9-point engine
Nine checks. One verdict.
The same nine-check engine our paid email verification API runs. Every email, every verification, every time.
- 01
Syntax
Every address runs a full RFC 5321 and RFC 5322 compliance pass before a single network call goes out. The engine catches what visual scanning misses, the double dot in
alice@verifox..ai, the trailing period, the IDN homograph that looks valid but resolves to a different domain.Bundled typo suggestions let your form offer “did you mean alice@gmail.com?” instead of rejecting silently.
- 02
Domain & MX
Once syntax passes, the engine resolves the domain. We confirm the DNS records exist, fetch the MX record priority list in order, and verify at least one mail-exchange server is actively accepting connections right now.
Misspelled domains like
gmial.com, expired domains, and parked-for-sale domains all fail this gate before the engine wastes a single SMTP roundtrip.
- 03
SMTP handshake
The engine opens a TCP connection on port 25, performs the EHLO handshake, then negotiates
MAIL FROMandRCPT TO. Every server response code (220, 250, 550, 552) is parsed deterministically against the IANA enhanced-status registry.This is the moment a mailbox proves it actually exists. No third-party guesses, no statistical heuristics, just the receiving server's own answer.
- 04
Catch-all detection
Some domains accept every email regardless of whether the mailbox exists, a setup known as a catch-all configuration. The engine sends a deterministic probe to a deliberately fake address (
zzz9k7q@domain.com); if the server returns the same 250 OK it returned for the real address, the domain is catch-all.The verdict isn't dropped, it's flagged RISKY so you know the deliverability signal is degraded.
- 05
Disposable
The engine maintains a curated registry of 10,247 disposable email providers, including Mailinator, Guerrilla Mail, 10MinuteMail, Tempmail, and the long tail of regional clones.
Any address matching the blocklist is flagged INVALID. Deliverability to a mailbox that exists for 10 minutes and is never checked is functionally zero, regardless of whether the SMTP handshake passes.
- 06
Role address
info@,support@,no-reply@,admin@,hello@,billing@,contact@. These are shared inboxes, not individuals.The engine extracts the local-part of every address, matches it against the known role-prefix registry, and tags the result with a reduced engagement score.
You don't drop them automatically. The verdict tells you they're roles so you can decide whether they belong in your outbound.
- 07
Domain age
Fresh-spam domains registered hours ago are the single biggest source of inbound abuse. The engine queries WHOIS and RDAP for every unique domain, extracts the registration date, and flags anything under 30 days old with a “fresh” warning.
Domains aged 5+ years pick up a corresponding trust signal. The same heuristic spam filters have been using since the early 2000s, ported into the verdict.
- 08
Email authentication
SPF, DKIM, and DMARC together prove the sender is authorised to send from that domain.
The engine reads each policy via DNS, validates SPF includes recursively, scans six common DKIM selectors for a published key, and confirms DMARC alignment with the
From:header.A failing DMARC policy means the sender can be spoofed, so the verdict warns you before you reply.
- 09
Mailbox state
Beyond “exists vs doesn't exist”, the engine extracts the precise mailbox state from the SMTP server's response. Full inbox (552 / 522 quota), disabled mailbox (550 5.1.1), out-of-office autoresponder, frozen account.
Each state maps to a specific retry policy. Full inbox retries in 6 hours. Disabled drops permanently. The verdict tells you which bucket the bounce belongs in so your retry logic doesn't waste cycles.
How we stack up
Verifox vs the alternatives
Same nine-check pipeline, higher accuracy, lower price, credits that never expire. Head-to-head with the two providers our buyers shortlist.
| Feature | Verifox | NeverBounce | ZeroBounce |
|---|---|---|---|
| Entry price (per 1,000) | $9 | $8 | $16 |
| Published accuracy claim | 99.99% | 99.0% | 99.6% |
| Credits expire | Never | Yes | Never |
| Free credits on signup | 1,000–2,500 / one-time | 1,000 / monthly | 100 / monthly |
| Verify without signup | |||
| Catch-all resolution | AI confidence | Flagged only | AI scoring |
| Real-time API | |||
| Bulk CSV upload | |||
| MCP server for AI agents | |||
| SOC 2 + GDPR + CCPA |
Verified May 2026 against each provider's public pricing page and FAQ. Accuracy figures are each provider's published claim. Independent benchmark on a 10,000-address mixed list (B2B + consumer, ~30% catch-all) lives on the methodology page.
What teams are saying
Built for the teams that ship outbound
Growth leads, marketers, and engineers running real campaigns on real lists. Specific numbers, specific tools they switched from, and a verified email address on every byline.
$1,200 → $89 a month
We were paying ZeroBounce $1,200 a month and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and the bill is $89.
Thomas G.GTM Lead, Stripe
0.7% bounce on 50k
Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.
Erica K.GTM Lead, Discord
Hygiene that doesn't break pipeline
Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.
Jonathan A.GTM Lead, MongoDB
Why this one
Free, without the tradeoffs
Most free email verifiers turn off the interesting checks. Ours shares the full nine-check pipeline with the paid plans, capped only on volume.
Same engine as the paid plans
99.99% accuracy
The free tier shares the full nine-check pipeline with our paid API. No throttled accuracy, no degraded mode, no checks turned off. The only difference is volume.
No signup for the first verification
0 card required
Paste an email, hit verify, get a verdict, all without leaving this page. Sign up later when you want more than four verifications a day or want the breakdown via API.
API and bulk included free
10k emails/minute
Your free signup (1,000 credits, 2,500 with a work email) unlocks the same REST API, CSV upload, and bulk parallel processing as the paid plans. Sub-50ms per address. Same engine, same throughput.
We don't store the emails
SOC 2 + GDPR + CCPA
Addresses are processed in memory and dropped on response. Nothing retained, nothing logged, nothing sold. Read the full breakdown in the privacy policy and the public SOC 2 report.
Trust & compliance
Enterprise-grade security and scale
Every layer of the stack carries a third-party attestation, so you can ship into regulated industries without rebuilding your compliance posture.
SOC 2 Type II
Independently audited. Request the report from our Trust Center.
GDPR
Ship anywhere in the EU. We handle the data-protection compliance.
CCPA
Full opt-out, DSAR, and do-not-sell handling for California customers.
ISO 27001
Information-security management certified to the international standard.
ISO 42001
AI management aligned to the first international AI governance standard.
Common questions
Ten honest answers
The questions we get from teams that land here, with the real numbers, real limits, and real opinions behind our verification stack.
Is the free email checker actually free?
Yes. You can verify 4 emails per day from this page without an account. No card, no signup. Create a free account and you get 1,000 verifications on the spot, or 2,500 if you sign up with a work email. After that, credits are pay-as-you-go (never expire on any paid plan) starting at $9 for 1,000 emails.
What does the checker actually look at?
Nine checks to confirm a valid email address: syntax, domain existence, MX record presence, SMTP handshake, mailbox-exists ping, disposable-domain match, role-address detection, catch-all domain detection, and an AI-confidence pass on catch-all addresses. The catch-all resolution is the one most free email validators skip, and it's where 20 to 40% of B2B email lists actually fail.
How accurate is the free version?
Same engine as the paid plans. 99.99% accuracy on a 1,000-address benchmark list, including catch-all domains. The free tier doesn't trade accuracy for the price tag; it caps volume.
Do you store the emails I check?
No. Addresses are processed in-memory and discarded the moment verification completes. Nothing logged, nothing retained, nothing sold. SOC 2 compliant. Read the privacy policy for the full breakdown.
Can I check a list of emails for free?
Yes. The free tier gives you 1,000 verifications (2,500 if you sign up with a work email), and that covers most small lists outright. For larger lists, the cheapest paid tier is $9 for 1,000 verifications, which works out to about a third of a cent per address. CSV upload, API access, and bulk parallel processing are included from the free tier up.
What happens when I hit the daily limit?
Either wait 24 hours, or create a free account to claim 1,000 verifications instantly (2,500 if your signup email is a work address). No card required for the signup tier either. Most teams move to a paid credit pack once they're verifying lists of 10,000+ addresses regularly.
How fast is the API and what's the SLA?
Median latency is around 380ms for a single address, sub-50ms for cached results. Bulk processing runs at roughly 10,000 emails per minute on the standard tier. SLA is 99.9% uptime on Starter, 99.99% with an annual contract on Volume. Status page lives at status.verifox.ai with the full uptime history.
Do you offer volume discounts or enterprise contracts?
Yes. Discounts compound starting at 5,000 emails and bottom out around $0.0025 per email at 1M+ volume. Annual contracts come with dedicated infrastructure, named CSM, SAML SSO, RBAC, and a 99.99% SLA. Pricing is on /pricing for the public tiers; talk to sales for custom terms.
Can I integrate with HubSpot, Salesforce, Zapier, or Klaviyo?
All of those, plus Mailchimp, ActiveCampaign, Brevo, Customer.io, Iterable, and any tool that speaks REST. Verifox also ships native MCP server support so AI agents (Claude, Cursor, custom LLM apps) can hit the engine without glue code. Full integration list on the integrations page.
What's your refund policy?
Credits never expire and are refundable for the first 30 days from purchase, no questions asked. After 30 days, unused credits stay on your account permanently and you can keep using them or transfer them to a teammate. We don't do subscription lock-in or auto-renewals you have to fight to cancel.