001INPUT
Paste the address
Drop any email into the pill. Gmail, Outlook, custom domains, role aliases. Single address now, bulk CSV on signup.
CRM Email Hygiene
Salesforce Email Validation That Cleans Every Address in Your CRM.
Validate and clean the emails in your Salesforce contacts and leads with 99.99% accuracy, on the same 9-point verification engine our paid API runs. Paste one, upload a CSV export, or wire the API. No signup to start.
Trusted by 500,000+ leading GTM teams of all sizes
From export to clean list
How Salesforce email validation works
Three steps, no managed package to install. Paste a single address or upload a CSV export of your contacts, watch the nine-check engine validate every one, and re-import a clean list in minutes.
002ENGINE
Run the 9-check engine
Nine checks fire in parallel. Syntax, DNS, SMTP, catch-all, disposable, role, age, auth, mailbox state. Verdict in about two seconds.
003VERDICT
Verdict in 2 seconds
Valid, invalid, or risky. Plus a confidence score, the per-check breakdown, and a recommended retry policy. Read on the page or via API.
The 9-point engine
Nine checks. One verdict.
The same nine-check engine our paid email verification API runs. Every email, every verification, every time.
- 01
Syntax
Every address runs a full RFC 5321 and RFC 5322 compliance pass before a single network call goes out. The engine catches what visual scanning misses, the double dot in
alice@verifox..ai, the trailing period, the IDN homograph that looks valid but resolves to a different domain.Bundled typo suggestions let your form offer “did you mean alice@gmail.com?” instead of rejecting silently.
- 02
Domain & MX
Once syntax passes, the engine resolves the domain. We confirm the DNS records exist, fetch the MX record priority list in order, and verify at least one mail-exchange server is actively accepting connections right now.
Misspelled domains like
gmial.com, expired domains, and parked-for-sale domains all fail this gate before the engine wastes a single SMTP roundtrip.
- 03
SMTP handshake
The engine opens a TCP connection on port 25, performs the EHLO handshake, then negotiates
MAIL FROMandRCPT TO. Every server response code (220, 250, 550, 552) is parsed deterministically against the IANA enhanced-status registry.This is the moment a mailbox proves it actually exists. No third-party guesses, no statistical heuristics, just the receiving server's own answer.
- 04
Catch-all detection
Some domains accept every email regardless of whether the mailbox exists, a setup known as a catch-all configuration. The engine sends a deterministic probe to a deliberately fake address (
zzz9k7q@domain.com); if the server returns the same 250 OK it returned for the real address, the domain is catch-all.The verdict isn't dropped, it's flagged RISKY so you know the deliverability signal is degraded.
- 05
Disposable
The engine maintains a curated registry of 10,247 disposable email providers, including Mailinator, Guerrilla Mail, 10MinuteMail, Tempmail, and the long tail of regional clones.
Any address matching the blocklist is flagged INVALID. Deliverability to a mailbox that exists for 10 minutes and is never checked is functionally zero, regardless of whether the SMTP handshake passes.
- 06
Role address
info@,support@,no-reply@,admin@,hello@,billing@,contact@. These are shared inboxes, not individuals.The engine extracts the local-part of every address, matches it against the known role-prefix registry, and tags the result with a reduced engagement score.
You don't drop them automatically. The verdict tells you they're roles so you can decide whether they belong in your outbound.
- 07
Domain age
Fresh-spam domains registered hours ago are the single biggest source of inbound abuse. The engine queries WHOIS and RDAP for every unique domain, extracts the registration date, and flags anything under 30 days old with a “fresh” warning.
Domains aged 5+ years pick up a corresponding trust signal. The same heuristic spam filters have been using since the early 2000s, ported into the verdict.
- 08
Email authentication
SPF, DKIM, and DMARC together prove the sender is authorised to send from that domain.
The engine reads each policy via DNS, validates SPF includes recursively, scans six common DKIM selectors for a published key, and confirms DMARC alignment with the
From:header.A failing DMARC policy means the sender can be spoofed, so the verdict warns you before you reply.
- 09
Mailbox state
Beyond “exists vs doesn't exist”, the engine extracts the precise mailbox state from the SMTP server's response. Full inbox (552 / 522 quota), disabled mailbox (550 5.1.1), out-of-office autoresponder, frozen account.
Each state maps to a specific retry policy. Full inbox retries in 6 hours. Disabled drops permanently. The verdict tells you which bucket the bounce belongs in so your retry logic doesn't waste cycles.
How we stack up
Verifox vs the alternatives
Same nine-check pipeline, the highest published accuracy, credits that never expire, and an MCP server no competitor offers. Head-to-head with the two providers our buyers shortlist.
| Feature | Verifox | NeverBounce | ZeroBounce |
|---|---|---|---|
| Published accuracy claim | 99.99% | 99.0% | 99.6% |
| Credits expire | Never | Yes | Never |
| Free credits on signup | 1,000–2,500 / one-time | 1,000 / monthly | 100 / monthly |
| Verify without signup | |||
| Catch-all resolution | AI confidence | Flagged only | AI scoring |
| Real-time API | |||
| Bulk CSV upload | |||
| MCP server for AI agents | |||
| SOC 2 + GDPR + CCPA |
What teams are saying
Built for the teams that ship outbound
Growth leads, marketers, and engineers running real campaigns on real lists. Specific numbers, specific tools they switched from, and a verified email address on every byline.
90% lower bill, 0.4% bounces
We were paying ZeroBounce a four-figure monthly bill and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and cut the bill by more than 90%.
Thomas G.GTM Lead, Stripe
Catch-all finally has a verdict
Other tools flag 30% of our B2B list as 'risky catch-all' and leave the call to us. Verifox returns a real verdict on those addresses, with a confidence score. We send more, we send safer.
Brittany K.GTM Lead, HubSpot
Reputation rebuilt in 6 weeks
We had a Gmail spam-folder problem after a bad list import. Verifox cleaned the list and the warmup ran on the same engine. Back in primary inbox in six weeks. One vendor, half the cost.
Dale M.GTM Lead, Slack
0.7% bounce on 50k
Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.
Erica K.GTM Lead, Discord
MCP in 10 minutes
Their MCP server let me wire email verification directly into our internal Claude agent in about ten minutes. Zero glue code. No other vendor in this space has thought about that workflow.
Greg L.GTM Lead, OpenAI
10k/min held under 400ms
Tested Verifox at 10,000 verifications per minute on a Tuesday morning. Latency held under 400ms median, no soft failures, no rate-limit walls. The vendor we benched throttled at 2,000/min.
Rini V.Product Manager, Vercel
Hygiene that doesn't break pipeline
Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.
Jonathan A.GTM Lead, MongoDB
Bulk that actually ships
Bulk upload, sorted CSV back in twenty minutes, plug into our growth stack. The half-day list-hygiene project per cohort turned into something the marketing intern runs on autopilot.
Emma F.GTM Lead, Linear
Scores you can act on
Verifox returns a 0-100 confidence score per address, not just a label. We thresholded at 75 for the cold sequencer, 60 for nurture, and our deliverability team finally has a knob they can tune.
David H.GTM Lead, Snowflake
90% lower bill, 0.4% bounces
We were paying ZeroBounce a four-figure monthly bill and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and cut the bill by more than 90%.
Thomas G.GTM Lead, Stripe
Reputation rebuilt in 6 weeks
We had a Gmail spam-folder problem after a bad list import. Verifox cleaned the list and the warmup ran on the same engine. Back in primary inbox in six weeks. One vendor, half the cost.
Dale M.GTM Lead, Slack
MCP in 10 minutes
Their MCP server let me wire email verification directly into our internal Claude agent in about ten minutes. Zero glue code. No other vendor in this space has thought about that workflow.
Greg L.GTM Lead, OpenAI
Hygiene that doesn't break pipeline
Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.
Jonathan A.GTM Lead, MongoDB
Scores you can act on
Verifox returns a 0-100 confidence score per address, not just a label. We thresholded at 75 for the cold sequencer, 60 for nurture, and our deliverability team finally has a knob they can tune.
David H.GTM Lead, Snowflake
Catch-all finally has a verdict
Other tools flag 30% of our B2B list as 'risky catch-all' and leave the call to us. Verifox returns a real verdict on those addresses, with a confidence score. We send more, we send safer.
Brittany K.GTM Lead, HubSpot
0.7% bounce on 50k
Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.
Erica K.GTM Lead, Discord
10k/min held under 400ms
Tested Verifox at 10,000 verifications per minute on a Tuesday morning. Latency held under 400ms median, no soft failures, no rate-limit walls. The vendor we benched throttled at 2,000/min.
Rini V.Product Manager, Vercel
Bulk that actually ships
Bulk upload, sorted CSV back in twenty minutes, plug into our growth stack. The half-day list-hygiene project per cohort turned into something the marketing intern runs on autopilot.
Emma F.GTM Lead, Linear
90% lower bill, 0.4% bounces
We were paying ZeroBounce a four-figure monthly bill and still landing 3% bounces on cold campaigns. Switched the pipeline to Verifox, dropped to 0.4% bounces, and cut the bill by more than 90%.
Thomas G.GTM Lead, Stripe
0.7% bounce on 50k
Ran a 50,000-address outbound list through Verifox before our quarterly campaign. Bounces landed at 0.7%, sender reputation didn't move, replies were up 22% over last quarter.
Erica K.GTM Lead, Discord
Hygiene that doesn't break pipeline
Our SDRs were enriching from three tools and 14% of the emails were invalid before they hit the sequencer. Verifox sits in the pipeline now and the team stopped seeing 'undeliverable' replies the next week.
Jonathan A.GTM Lead, MongoDB
Catch-all finally has a verdict
Other tools flag 30% of our B2B list as 'risky catch-all' and leave the call to us. Verifox returns a real verdict on those addresses, with a confidence score. We send more, we send safer.
Brittany K.GTM Lead, HubSpot
MCP in 10 minutes
Their MCP server let me wire email verification directly into our internal Claude agent in about ten minutes. Zero glue code. No other vendor in this space has thought about that workflow.
Greg L.GTM Lead, OpenAI
Bulk that actually ships
Bulk upload, sorted CSV back in twenty minutes, plug into our growth stack. The half-day list-hygiene project per cohort turned into something the marketing intern runs on autopilot.
Emma F.GTM Lead, Linear
Reputation rebuilt in 6 weeks
We had a Gmail spam-folder problem after a bad list import. Verifox cleaned the list and the warmup ran on the same engine. Back in primary inbox in six weeks. One vendor, half the cost.
Dale M.GTM Lead, Slack
10k/min held under 400ms
Tested Verifox at 10,000 verifications per minute on a Tuesday morning. Latency held under 400ms median, no soft failures, no rate-limit walls. The vendor we benched throttled at 2,000/min.
Rini V.Product Manager, Vercel
Scores you can act on
Verifox returns a 0-100 confidence score per address, not just a label. We thresholded at 75 for the cold sequencer, 60 for nurture, and our deliverability team finally has a knob they can tune.
David H.GTM Lead, Snowflake
Why this one
CRM email validation, without the tradeoffs
Most validators that touch a CRM quietly switch off the interesting checks, or lock you into a managed package. Ours runs the full nine-check pipeline the paid plans use on any Salesforce export, capped only on volume, with nothing to install in your org.
Accuracy
99.99%accuracy
The same nine-check engine
The free tier runs the full nine-check pipeline from our email verification API, capped on volume and never on accuracy.
Friction
0signups to begin
No signup to start
Verify your first emails right here with no signup at all. Create a free account when you go past four checks a day.
Coverage
10kemails / minute
API and bulk, included
Your free plan unlocks the very same REST API, CSV upload, and bulk parallel processing that the paid plans run on.
Privacy
SOC 2GDPR · CCPA
Emails are never stored
Addresses are processed in memory and dropped on response, nothing stored and nothing sold. Read the privacy policy.
CRM hygiene, explained
What Salesforce email validation actually does for your CRM
Salesforce email validationis the job of confirming that the email addresses sitting in your Contacts and Leads are real, reachable, and safe to send to before you launch a campaign. Salesforce itself stores whatever you put in it and doesn't check whether an address still works, so over time an org fills with typos, abandoned mailboxes, and people who have changed jobs. Every one of those is a hard bounce waiting to happen, and bounces are what mailbox providers watch to decide whether your mail belongs in the inbox or the spam folder.
It helps to be precise about the mechanics. Verifox verifies any address, including the ones you export from Salesforce, by running the same nine-check engine our email verification service uses: syntax, domain and MX, an SMTP mailbox ping, plus disposable, role, and catch-all detection. There's nothing to install in your org. You get your data in one of two honest ways, a CSV export of a Contact or Lead report, or the REST APIcalled from Flow or middleware, so validation stays decoupled from your CRM's release cycle.
The payoff is deliverability you can defend. Scrub a list with the free email validator before a send and you stop feeding bounces to the providers that score your domain; verify single records with the free email checker as they come in to keep the org clean between scrubs. AI agents can run the same verdict through the native MCP server, and when you need this at scale across thousands of contacts the pay-as-you-go credits never expire.
Trust & compliance
Enterprise-grade security and scale
Every layer of the stack carries a third-party attestation, so you can ship into regulated industries without rebuilding your compliance posture.
SOC 2 Type II
Independently audited to the SOC 2 Type II standard.
GDPR
Built for the EU with full GDPR data-subject rights.
CCPA
California opt-out, do-not-sell, plus DSAR handling.
ISO 27001
Information security held to the ISO 27001 standard.
ISO 42001
AI governance aligned to the new ISO 42001 standard.
Common questions
Salesforce email validation, answered
The questions we get from RevOps and marketing teams that land here to clean their Salesforce contacts, with the real numbers, real limits, and real opinions behind our verification stack.
How do I get my Salesforce emails into Verifox?
Two ways, and neither needs an installed package. The simplest is a CSV export: pull a report of your Contacts or Leads in Salesforce, export it to CSV, and upload it here. We validate every address in the file and hand back a cleaned list you re-import, so your CRM ends up with only deliverable emails.
For continuous hygiene, wire the REST API into your stack so each new or updated record is verified the moment it lands. You can call it from Flow via an outbound callout, from middleware like Zapier or Workato, or from your own integration. Same engine either way, so a one-off CSV scrub and a live API check return identical verdicts.
Why does my Salesforce CRM need email validation?
Because CRM data decays. B2B contact data goes stale at roughly 22.5 % to 30 % a year as people change jobs, and every dead address you mail to is a hard bounce. Pile up enough bounces and mailbox providers throttle or block your domain, so a dirty Salesforce list quietly drags down deliverability for every campaign, not just the one that hit the bad addresses.
Validating the list first protects your sender reputation and your inbox placement. Clean the contacts before the send, and your good emails keep landing where they should.
Is the Salesforce email validation tool actually free?
Yes. You can validate 4 emails per day from this page without an account. No card, no signup.
Create a free account and you get 1,000 validations on the spot, or 2,500 if your signup email is a work address, which is plenty to clean a small Salesforce export outright. After that, credits are pay-as-you-go and never expire on any paid plan, with volume pricing shown for your region.
What does the validation actually check on each CRM address?
Nine checks run in parallel on every address you validate:
- Syntax + format validation (RFC 5321 / 5322)
- Domain existence and MX record presence
- SMTP handshake and mailbox-exists ping
- Disposable-domain match
- Role-address detection (info@, sales@)
- Catch-all domain detection
- AI-confidence pass on catch-all addresses
The catch-all resolution is the one most validators skip, and it's where 20 to 40 % of B2B lists actually fail, which matters a lot for the work-email-heavy data sitting in a Salesforce org. To spot-check a single record, the free email checker runs the same engine one address at a time.
Can I validate my whole list of Salesforce contacts in bulk?
Yes. Export your Contacts or Leads to CSV, upload it, and the same engine runs across the whole file in parallel at roughly 10,000 emails per minute. You get back a cleaned, deduplicated list with a per-address verdict you can map straight back onto your records.
The free signup tier covers 1,000 validations (2,500 with a work email). For larger orgs, our paid credit packs are pay-as-you-go and never expire, and CSV upload plus API access are included from the free tier up.
Do you need a native Salesforce managed package or AppExchange app?
No. Verifox works with your Salesforce data through a plain CSV export or the REST API, so there's nothing to install in your org and no admin review to wait on. Export, clean, re-import, or call the API from Flow and middleware for live checks.
That keeps validation decoupled from your CRM's release cycle. The same approach connects HubSpot, Pipedrive, Zapier, Klaviyo, Mailchimp, and Brevo, so the moment your data lives anywhere that can export a CSV or speak REST, Verifox can verify it.
Do you store the Salesforce emails I validate?
No. Addresses are processed in memory and discarded the moment validation completes. Nothing logged, nothing retained, nothing sold, whether you upload a CSV or stream records through the API.
We're SOC 2 Type II compliant with the full Trust Center report on request. Read the privacy policy for the byte-by-byte breakdown of what we touch and what we don't.
How accurate is the validation on CRM data?
Same engine as the paid plans. 99.99 % accuracy on a 1,000-address benchmark list, including the catch-all and role addresses that clog up a typical Salesforce export.
The free tier doesn't trade accuracy for the price tag. It caps volume only. Every check the paid Email Verification API runs is the same check this page runs on your CRM list.
Can I add real-time email validation to my Salesforce forms and Flows?
Yes. The REST API reference documents the inbound and outbound shapes for every endpoint, so you can drop real-time validation into a web-to-lead form, a Screen Flow, or an outbound callout that fires whenever a record is created or updated. Bad addresses get caught at entry instead of polluting the org.
Verifox also ships native MCP server support so AI agents (Claude, Cursor, custom LLM apps) can validate CRM addresses without glue code. Drop the MCP URL into your agent config and the tools are wired.
What's your refund policy?
Credits never expire and are refundable for the first 30 days from purchase, no questions asked. After 30 days, unused credits stay on your account permanently. Keep using them or transfer them to a teammate.
No subscription lock-in, no auto-renewals you have to fight to cancel. Full terms in the refund policy.