Features

Checks built for real list-cleaning workflows.

Use MailSift when you need more than a regex and less hand-holding than an enterprise implementation project. The product is shaped for developers, revops teams, and operators who need fast answers at batch scale.

The verification pipeline

15+ checks. Every request.

Each call runs a comprehensive pipeline that goes far beyond basic syntax and MX validation.

Syntax & normalization

RFC-compliant local part and domain checks plus provider-aware normalization for Gmail-style aliases.

"syntax": true

MX lookup

Pull live MX records and ignore null-MX domains so undeliverable hosts never enter your funnel.

"mx": true

Disposable detection

Catch throwaway addresses from 500k+ known providers. MX heuristics detect new ones automatically.

"disposable": false

Relay & forwarding

Unmask SimpleLogin, AnonAddy, Apple Hide My Email, and Firefox Relay that hide the real sender.

"relay": false

Domain intelligence

Check domain age, MX provider, and whether the domain is routable, disposable, or parked.

"domain_age_days": 4823

Typo correction

Suggest corrections for common domain typos like gmial.com — before they turn into hard bounces.

"did_you_mean": "gmail.com"

SPF & DMARC

Validate SPF and DMARC records to confirm the domain has proper email security configuration.

"spf": true, "dmarc": true

Role-based detection

Flag info@, sales@, and other inboxes that route to teams instead of a single human.

"role": false

Free provider check

Identify gmail, yahoo, outlook, and other free providers for clean segmentation downstream.

"free": true

Catch-all detection

Spot domains that accept every address so you can route catch-all hits to a separate workflow.

"catch_all": false

MX provider attribution

Map every domain to its hosting provider — Google, Microsoft, Proofpoint, Mimecast, and more.

"mx_provider": "Google"

Blocklist signal

Cross-reference public blocklists for sending domains so risky senders surface immediately.

"is_blacklisted": false

Local-part anomalies

Detect synthetic patterns like long-digit prefixes that often slip past basic regex validators.

"score": 82

Trust scoring

All 15+ signals combine into a single 0-100 score. Route by risk, not guesswork. Tune per environment.

"score": 95

Normalized email

Canonical address form for deduplication — strips plus-aliases, dots, and provider-specific noise.

"normalized_email": "[email protected]"
Built for shipping

Three surfaces, one platform.

Pick the right entry point for the job — call us inline, run a batch, or listen for events.

Real-time API

Single-call verification

A single GET request returns disposable status, domain reputation, risk score, and 15+ checks. Sub-second median response times in every region.

  • GET /verify with one URL parameter
  • Per-API-key rate limits, predictable quotas
  • Cached results for repeat hits inside a window
  • JSON response includes full check breakdown
Bulk CSV

Stream millions of rows

Upload a CSV, get a job id back instantly, and stream progress over SSE. Read parsed rows for in-app filtering or download the finalized output.

  • Multipart upload up to 32MB per job
  • SSE progress stream for live dashboards
  • Paginated parsed rows for filtering
  • Final CSV download when the job completes
Webhooks

Push results into your stack

Signed webhooks deliver job and verification events to your endpoints so you can wire them into a CRM, queue, or warehouse without polling.

  • HMAC-SHA256 signature on every payload
  • Webhook secret available from /account
  • Retries with exponential backoff
  • Stable event schema versioned with the API
Drop-in API

One request. Complete intelligence.

Choose your language. The request shape stays the same in every SDK.

curl -H "X-API-Key: msk_..." \
  https://mailsift.dev/api/v1/[email protected]
Ready when you are

Ship cleaner lists in a single afternoon.

Sign up, generate a key, and run your first verification in under five minutes. Credits never expire.