Can I verify an email address for free?

Yes. KaijuVerifier's free tier includes 200 real-time checks every month, no credit card. Each check runs syntax + DNS + SMTP + risk scoring and returns a verdict in under one second.

What does 'catch-all' mean in email verification?

A catch-all domain accepts mail for every address on the domain, even invented ones. This defeats SMTP verification — you get a 250 response regardless of whether the mailbox exists.

How to Verify an Email Address

Four layered checks — syntax, DNS/MX, SMTP handshake and risk scoring — answer the question "is this email real?" in under a second, without sending anything to the recipient. Here's how each layer works and how to wire them together.

Quick answer: to verify an email address without sending a message, (1) validate its syntax against RFC 5321, (2) check the domain has MX records, (3) open an SMTP connection and issue RCPT TO — the server's response code tells you if the mailbox exists, and (4) cross-check against disposable and role-based databases.

Want the verdict right now? Paste an address into our free checker:

Verify an email now →

200 free checks/month. No signup required for single lookups.

Step 1 — Syntax check (RFC 5321/5322)

Catches ~70% of typos instantly and costs nothing. At minimum verify:

Exactly one @ separating local part and domain.
Local part ≤ 64 chars, domain ≤ 253 chars.
Domain resolves to a valid hostname (letters/digits/hyphens, dots between labels).
No illegal characters in the local part (spaces, control chars).

Don't roll your own regex — use a battle-tested library (egulias/email-validator in PHP, email_validator in Python).

Step 2 — DNS & MX lookup

Ask DNS if the domain is set up to receive email. No MX records (and no fallback A record) means the address cannot be valid — reject before you spend an SMTP round-trip.

dig MX gmail.com +short
# 5 gmail-smtp-in.l.google.com.
# 10 alt1.gmail-smtp-in.l.google.com.
# ...

Cache MX results per domain — a 50k list typically has only a few thousand unique domains.

Step 3 — SMTP handshake

The decisive test. Open a TCP connection to the MX server, go through EHLO → MAIL FROM → RCPT TO, then close without sending DATA. The response to RCPT TO is the answer:

Response	Meaning
250	Mailbox accepted (could still be catch-all)
4xx	Temporary — retry with back-off
550	Mailbox doesn't exist — hard invalid
554	Your IP is blocked — your reputation, not theirs

Full protocol walkthrough in our SMTP validation deep dive.

Step 4 — Risk scoring

A mailbox can exist and still be worthless for your CRM. Layer on:

Disposable detection — reject @10minutemail.com, Mailinator, TempMail and 15k+ others. See disposable email detector.
Role-based flag — info@, sales@, support@ rarely engage.
Catch-all detection — probe with a random local-part; if the server accepts it too, any 250 is inconclusive.
Spam-trap / complainer lists — flag addresses known to have complained at major ISPs.

Code sample — verify a single email via API

curl https://kaijuverifier.com/api/v1/verify-single \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"email":"alice@example.com"}'

→ 200 OK
{
  "email": "alice@example.com",
  "status": "valid",
  "is_disposable": false,
  "is_role": false,
  "is_catchall": false,
  "score": 0.98
}

See the full API documentation for PHP, Python and Node examples.

When to verify vs when to skip

Always verify at signup forms (real-time API) and before bulk campaigns (CSV upload).
Skip for transactional mail to existing customers whose address is already engaged.
Re-verify older subscribers every 6-12 months — mailboxes die silently.

FAQ

How do I verify an email address without sending an email?

Use the SMTP handshake described in Step 3. You issue RCPT TO and close the connection before DATA — nothing is delivered to the recipient.

Can I verify an email for free?

Yes — KaijuVerifier includes 200 free checks/month, renewing monthly. No credit card required.

How accurate is email verification?

98% on representative lists. Catch-all domains are the hard ceiling.

How do I verify emails in bulk?

Upload a CSV to the bulk cleaner. 10k emails take about 10 minutes and you download an enriched CSV.

What does "catch-all" mean?

A domain that accepts every recipient address, real or invented. SMTP returns 250 regardless, so the verdict is "risky" rather than "valid".

Verify your first 200 emails free.

Real-time API, bulk CSV, 98% accuracy. No credit card.

Get started free