You are in control!

Configure the API for your use case:

• For validating the format only, provide an email address and check the response.
• For DNS and mail server deliverability check, set the get_deliverability_flag to Y.
• If you need deliverability (which may take a long time) & fast response, specify the dns_timeout.
• If you want direct marketing suitability, set the get_attributes_flag to ‘Y’.

Decide what you consider valid:

• an address fulfilling the RFC requirements and with affirmed deliverability is generally safe for most purposes,
• check warnings for edge cases and decide if you accept e.g. Unicode addresses, IP domains, no-reply accounts.

Usage:
GET with the following parameters in the URL.

• email=example@example.com (mandatory)
• get_deliverability_flag=Y (optional, default value is N)
• get_attributes_flag=Y (optional, default value is N)
• dns_timeout=0.8 (optional, only parsed if get_deliverability_flag is set to Y)

The email validation checks the format of the email address as per the standards:

• Validates structure,
• Validates local part,
• Validates domain part,
• Validates special use reserved domains (such as example.com, see https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml).
• Returns an error code and a user-friendly, displayable message if the address does not comply with the rules.

In addition, it checks for and flags the following:

• Unicode international local part,
• Quoted local-part,
• Commented local-part,
• Postmaster and no-reply type local part,
• Unicode international domain part,
• Localhost and internal domain part,
• IPv4 or IPv6 as domain part.

The above issues do not constitute a format error, however, you may want to reject them. The response returns the normalised format of the address, thus:

• comments removed (modern serves would not accept this format anyway),
• quotes removed if used with no reason,
• Unicode international domain part converted,
• Unicode local part converted.

Deliverability is not checked for IP literal domains.

{
“deliverable”: “”,
“original_email”: “example@[127.1.1.1]”,
“standardised_email”: “example@[127.1.1.1]”,
“valid”: “Y”,
“warning-IPv4-domain”: “Y”,
“warning-domain-literal”: “Y”
}

Domain name and mail server (MX) validation (optional):

• Performs a DNS check,
• Performs an MX check.

Domain name and MX verification are typically reliable indicators of email deliverability. While expected to be fast, it delays the verification process and in extreme cases, may time out.

Washing lists (optional):

• Role emails are received by a group of users at an organisation, not by a single person. Using role emails is a good solutions to send or receive certain type of communication, e.g. invoices. However, sending newsletters or other marketing communication to role emails is considered a spam attempt by major email distributors (e.g. Mailchimp and Salesforce).
• Disposable emails are only valid for a limited time, often used by spammers. Depending on your use case, you may want to ban them from your system, and definitely ban them from your mailing lists.
• Free email providers are sometimes misused by spammers and people with dubious intentions. While most legitimate private email addresses are from free email providers, there might be use cases where you want to avoid them.
• Masked email addresses link a technically disposable address to a permanent one. This service is gaining popularity because it is an efficient way to eliminate an address misused by spammers while keeping the mailbox behind it. While it is a legitimate use case, marketing communication may start bouncing back after some time, damaging the sender’s reputation at mail distributors.

The response flags email addresses with a corresponding warning if they appear to be role emails, disposable addresses, masked addresses or from free email providers.

Internationalized email addresses

Historically, the email protocol SMTP and the domain name system DNS only allowed English (ASCII) characters. Email addresses and domain names adapted to internationalisation in separate ways. Therefore the two parts of international email addresses are verified with different approaches.

Internationalised domain names (IDN)

The DNS system seemingly adopted Unicode support. The address bar accepts Unicode characters, but under the hood the text is converted into IDNA ASCII, also called Punycode. (See: RFC 5891 https://tools.ietf.org/html/rfc5891, https://www.rfc-editor.org/rfc/rfc3492.txt.) An email address with Unicode characters is validated based on these rules. The normalised email reflect the IDNA ASCII converted domain name.

Internationalised local parts

In standard ASCII email addresses, only English letters, numbers, printable characters, and between quotes, further additional characters are allowed. In internationalised email addresses the local part can contain a wider range of Unicode characters. Unlike the ASCII version, the Unicode standard can contain non-printable characters. While these are technically not invalid, at the same time not safe either. A warning is raised when such characters are detected, furthermore the normalised email address will contain the code equivalent of these characters. To understand the risks, see https://qntm.org/safe and https://trojansource.codes/ for details.

For internationalised email addresses to work, SMTPUTF8 need to be allowed on the email server, and it should be able to handle the DNS as well. Email addresses with non-ASCII characters only work if all elements of processing support the
SMTPUTF8 (RFC 6531) extension.

SMTP verification

The general advice is that the reliability of SMTP verification dropped below the level where it is not worth it. If you feel the lack of it is a dealbreaker for you, drop a message.

Error codes

Every error message comes with a unique error code.The complete list of messages and codes is provided below, thus if you need to override or translate the messages, here we go:

• E001 - The email address must have exactly one @ sign.
• E002 - The email address needs a local part before the @ sign.
• E003 - The domain part after the @ sign is missing.
• E004 - The email address is too long {details}.
• E005 - The internationalised email address is too long {reason}.
• E006 - The domain part after the @ sign has no ASCII value.
• E101 - The local part before the @ sign is too long {details}.
• E102 - The quoted local part before the @ sign contains invalid characters: {sorted invalid chars}".
• E103 - The internationalised local part before the @ sign is invalid: ({exception text}).
• E104 - The local part before the @ sign contains invalid characters: {sorted invalid chars}".
• E105 - The local part before the @ sign contains invalid characters.
• E106 - The local part before the @ sign must not start with a period.
• E107 - The local part before the @ sign must not end with a period.
• E108 - The local part before the @ sign must not have two consecutive periods.
• E201 - The domain part after the @ sign must not start with a period.
• E202 - The domain part after the @ sign must not end with a period.
• E203 - The domain part after the @ sign must not have two consecutive periods.
• E204 - The domain part after the @ sign cannot start with a hyphen.
• E205 - The domain part after the @ sign cannot end with a hyphen.
• E206 - The domain part after the @ sign cannot have a period and a hyphen next to each other.
• E207 - The domain part after the @ sign contains invalid characters: {sorted invalid chars}".
• E208 - The domain part after the @ sign contains invalid characters ({exception text}).
• E209 - No section of the domain part (after the @ sign, and after its dots) can start with two letters followed by two dashes, except ‘xn–’ in internationalised domain names.
• E210 - The internationalised domain part (after the @ sign or between its dots) is too long.
• E211 - The internationalised domain part after the @ sign contains invalid characters ({exception text}).
• E212 - The internationalised domain part after the @ sign contains invalid characters.
• E213 - The domain part after the @ sign is too long {details}.
• E214 - The domain part part after the @ sign contains sections too long between the dots {details}.
• E215 - The domain part after the @ sign is not in a valid top-level domain.
• E216 - The domain part after the @ sign is a reserved name and does not handle email messages.
• E217 - The internationalised domain part after the @ sign is not a vaild IDNA ({exception text}).
• E218 - The internationalised domain part after the @ sign contains invalid characters: {sorted invalid chars}".
• E219 - The domain part in brackets after the @ sign is not an IPv4 address or is missing a tag. ({exception text})
• E220 - The domain part in brackets after the @ sign is not a valid IPv6 address. ({exception text})
• E221 - The domain part in brackets after the @ sign is nor a valid IPv4 address neither has the ‘IPv6:’ tag.
• E222 - The domain part in brackets after the @ sign contains invalid characters: {sorted invalid chars}".
• E223 - The domain part in brackets after the @ sign is not a valid IP address.