All systems operational status.ollavpn.com
Trust · Resources · Contact
FREE TOOL · LIVE CHECK · NO SIGNUP

Email Verifier

Check whether an email address is real, deliverable, disposable, or a catch-all. Syntax check, MX lookup, SMTP probe, disposable-domain check, and catch-all detection — all in one request.

Don't trust an address before you email it. Pair this check with double opt-in for the cleanest list.

Try OllaVPN Free
TL;DR

Email verification combines five quick checks — syntax, MX records, SMTP handshake, disposable-domain detection, and catch-all detection — into one confidence score.

A score above 0.8 is generally safe to email. Below 0.4 is risky. The grey zone in between usually means the domain is a catch-all and there's no way to tell whether the specific mailbox really exists.

This tool is good for spot-checks and harder sign-up flows. For bulk list cleaning, use the underlying API directly with proper batching and rate limits.

What email verification actually checks

Five layers, each catching a different category of bad address.

Syntax check — does the address match RFC 5322 well enough that a mail server would accept it? Catches typos like missing @ signs or invalid characters. Cheap and definitive.

MX record lookup — does the domain actually have mail servers configured? If not, no email can be delivered there. Catches dead domains and ones never set up for mail.

SMTP probe — connect to the domain's mail server and run a partial handshake. Most servers tell you whether the specific mailbox exists without you ever sending a real message. Some servers refuse to answer or always say yes, in which case this signal is weaker.

Disposable-domain check — compare the domain against a maintained list of temporary-mail services (Mailinator, Guerrilla Mail, TempMail, and many others). Catches sign-ups that aren't worth keeping.

Catch-all check — try a random address at the domain and see whether the server accepts it. If it does, the domain accepts every address and the SMTP probe is no longer reliable.

Why catch-all addresses are tricky

A catch-all domain accepts every address by default, so traditional verification can't tell real from fake.

Catch-all configurations are common at small businesses and many corporates. The setup forwards every email to a central inbox so misdirected mail (typos, old aliases, bounces) doesn't go missing. From a verification perspective, this means the SMTP probe always returns "yes" — even for completely made-up addresses.

Sophisticated verifiers detect catch-all behaviour by probing a deliberately random address first. If the server accepts [email protected], it's a catch-all. The specific address you're checking might still be real, but the verifier can't confirm — it returns "unknown" or a middle-range score rather than guessing.

Disposable emails and why people use them

Most disposable addresses come from people who want a free trial without giving you their real address — not fraudsters.

Temporary-mail services have existed for two decades and serve a legitimate purpose: signing up for things you don't fully trust. If a blog asks for an email before letting you read an article, a disposable address is the polite way to comply. If a forum requires registration but you only want to read, same thing.

Detecting them is straightforward — a list of known disposable domains catches 95 percent of them. The remaining 5 percent come and go too quickly to track. Whether to block them is a product decision: hard sign-up flows (banking, payments) should block. Soft sign-up flows (newsletters, free content) probably shouldn't.

How to interpret the confidence score

Think of it as the chance that mail will land in a real human's inbox.

Scores above 0.8 generally mean the address is real, has working MX records, isn't disposable, and the SMTP probe accepted it. Safe to email for transactional purposes (signup confirmation, password reset).

Scores between 0.5 and 0.8 usually mean the address is on a catch-all domain or the SMTP probe couldn't get a definitive answer. The address might be real; you just can't be sure from here. Use double opt-in.

Scores below 0.4 mean something is wrong — invalid syntax, no MX records, hard SMTP rejection, or known disposable domain. Don't waste sender reputation emailing these.

When verification helps (and when it doesn't)

Helps a lot at sign-up; helps less for cold outreach; doesn't help at all for guessing addresses you don't have.

At sign-up time, verification catches typos, mistakes, and disposable addresses before they enter your database. The cost of verifying one address is tiny; the cost of an undeliverable address sitting in your list for years is much bigger (sender reputation, send costs, false metrics). This is the highest-ROI use case.

For cleaning an existing list, verification helps but isn't magic. Catch-all domains are unresolvable. SMTP probes get rate-limited or blocked by big providers (Google, Microsoft) in ways that look like fail-fast rejects. The right approach is verify-then-send-with-double-opt-in rather than verify-once-and-trust-forever.

For cold outreach where you guessed at addresses ([email protected]), verification helps you avoid wasting sends on guesses that didn't land — but it doesn't help you find the right address in the first place.

Frequently asked questions

What does an email verifier actually check?

Three things: the syntax is valid (matches RFC 5322), the domain has MX records pointing at real mail servers, and the address responds to an SMTP probe. Some verifiers also detect known disposable-email services and catch-all configurations where every address at a domain is accepted regardless.

What is a catch-all email address?

A domain configured to accept mail to any address. [email protected], [email protected], and [email protected] all get accepted because the mail server doesn't actually validate the local part. Catch-all domains are common at companies that want every misdirected email forwarded to a central inbox.

What is a disposable email address?

An email address from a temporary-mail service like Mailinator, Guerrilla Mail, 10MinuteMail, or TempMail. Users sign up for things with these to avoid putting their real address into a database they don't trust.

Why do verifiers return a score instead of yes or no?

Because some checks are definitive (syntax is wrong: no) and some are probabilistic (catch-all domain: maybe, can't tell). A score combines all the signals into one number you can threshold against. Scores below 0.4 are usually unsafe to email; scores above 0.8 are usually fine.

Can I use this to clean a mailing list?

For a few addresses, yes. For thousands, it's not the right shape — you want a proper bulk verifier with API rate limits, list segmentation, and reporting. Use this tool for spot-checks: an address you're about to email manually, or a sign-up flow you want to harden.

Will the verifier send a real email to the address?

No. The SMTP check goes through the handshake — HELO, MAIL FROM, RCPT TO — and then disconnects before sending any message. The owner of the address doesn't see anything in their inbox.

Why does the verifier sometimes say 'unknown'?

Catch-all domains return 'accept' for every address, so we can't tell whether the specific mailbox exists. Some servers also throttle or deny SMTP probes for privacy reasons. In both cases the address might be real or might be made up — we can't distinguish.

Do you log the addresses I check?

Standard web-server access logs are kept briefly for security and abuse detection, then rotated. We don't tie checks to your identity, don't sell or share the data, and don't track you across sessions.

Related