Email Verification API

Validate email addresses and assess risk factors including deliverability, fraud detection, and domain reputation

The Beltic Email Verification API estimates deliverability rates by detecting invalid mailboxes as well as disposable and fraudulent email addresses, spam traps, bounced delivery, and honeypots via our simple-to-use Email Reputation API. Verify email addresses and identify abusive emails & invalid addresses in real-time with a reliable, low-latency API request.

Adding the Email Verification API to your registration and checkout pages allows you to validate email addresses in real-time as users interact with your site or app. This proactive approach helps prevent the creation of fake accounts, typos, bounces, invalid user data, and other forms of abuse.

What is an Email Verification API?

The Beltic email verification API validates email addresses through on-demand lookups to mailbox providers such as Gmail.com, Yahoo.com, and Hotmail.com. Append important data to any email address, including identity details, fraud scores, validation status, spam trap detection, and even disposable email detection.

How Does Email Verification Work?

Our email checker technology performs the email verification process through deep checks that look at an email address from all angles. It features advanced mailbox verification checks for issues like spam traps, catch-all domains, syntax errors, invalid addresses, and other types of incorrect email addresses.

Email Verification API Use Cases

Low-Quality Users: Identify duplicate user accounts, bogus user information, and fake registrations to automatically prevent low-quality users from hurting your ROI.

Hard Bounce: Prevent hard bounces by pre-screening email addresses before messaging them.

Disposable Email Services: Easily block disposable email addresses and temporary mail services that allow fraudsters to spawn new emails at any time.

Email Risk Analysis & Fraud Prevention

Analyze email address reputation in real-time with email risk analysis, including the email account creation date using an estimate of the email age based on when Beltic first discovered the account.

Beltic provides advanced email address fraud prevention to validate new users, logins, and payments. In addition to detecting disposable email services and parked domains, Beltic can also identify perfectly valid email addresses that have recently engaged in abusive behavior. Beltic can detect email addresses recently involved with chargebacks, fake account creation, account takeover, SPAM, trial abuse, and high-risk behavior through our honeypot threat network and partner feedback program.

Endpoint

POST https://api.beltic.com/v1/emails/risk

Parameters

ParameterTypeRequiredDescription
emailstringYesThe email address to validate (e.g., "user@example.com")

Authentication

Include your API key in the request header:

X-Api-Key: your_api_key_here

Example Request

curl --location 'https://api.beltic.com/v1/emails/risk' \
--header 'X-Api-Key: ApiKey' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "name@example.com"
}'

Example Response

{
    "email": {
        "sanitized_email": "name@example.com",
        "valid": true,
        "first_name": "Unknown",
        "generic": false,
        "common": true,
        "suggested_domain": null
    },
    "deliverability": {
        "deliverability": "high",
        "smtp_score": 3,
        "dns_valid": true,
        "catch_all": false,
        "timed_out": false
    },
    "risk": {
        "overall_score": 4,
        "fraud_score": 0,
        "recent_abuse": false,
        "suspect": false,
        "disposable": false,
        "leaked": true,
        "risky_tld": false,
        "spam_trap_score": "none",
        "frequent_complainer": false
    },
    "auth": {
        "spf_record": true,
        "dmarc_record": true
    },
    "records": {
        "mx_records": [
            "alt4.gmail-smtp-in.l.google.com",
            "alt2.gmail-smtp-in.l.google.com",
            "alt3.gmail-smtp-in.l.google.com",
            "alt1.gmail-smtp-in.l.google.com",
            "gmail-smtp-in.l.google.com"
        ],
        "a_records": [
            "142.250.73.69",
            "142.250.69.165"
        ]
    },
    "timeline": {
        "domain_age": "1995-08-13T00:00:00-04:00",
        "first_seen": "2017-01-01T01:01:01-05:00"
    }
}

Response Field Definitions

The Beltic Email Verification API returns comprehensive data with each lookup to help your development team make informed decisions in your business logic. The "Fraud Score" provides valuable insights to identify high-risk emails and mail providers. The "User Activity" signal estimates legitimate behavior associated with the email, such as purchases and account registrations. The "First Seen" date estimates how old the email address is, indicating newly created accounts.

Treat email addresses as valid when:

  • For email marketing and delivery analysis: valid is true, disposable is false, and spam_trap_score is not high
  • For stricter email marketing deliverability: Scrub records with spam_trap_score as medium. For even stricter filtering, scrub emails with frequent_complainer as true
  • For user quality analysis: valid is true, disposable is false, and fraud_score is less than 90

Fraud Scores can also be a good indicator of user quality, where scores 80+ are suspicious and 90+ are risky. To prevent against account takeover and credential stuffing, emails with "leaked" as true indicate user data recently compromised on the dark web.

Complete Field Reference

The API response is organized into the following main objects:

Email Object

FieldData TypesExplanation
sanitized_emailstringSanitized email address with all aliases and masking removed, such as multiple periods for Gmail.com.
validbooleanDoes this email address appear valid?
first_namestringSuspected first name based on email. Returns "CORPORATE" if the email is suspected of being a generic company email. Returns "UNKNOWN" if the first name was not determinable.
genericbooleanIs this email suspected as being a catch all or shared email for a domain? ("admin@", "webmaster@", "newsletter@", "sales@", "contact@", etc.)
commonbooleanIs this email from common free email providers? ("gmail.com", "yahoo.com", "hotmail.com", etc.)
suggested_domainstringDefault value is "N/A". Indicates if this email's domain should in fact be corrected to a popular mail service. This field is useful for catching user typos. For example, an email address with "gmai.com", would display a suggested domain of "gmail.com". This feature supports all major mail service providers.

Deliverability Object

FieldData TypesExplanation
deliverability"high", "medium", "low"How likely is this email to be delivered to the user and land in their mailbox.
smtp_score-1 to 3
-1 = invalid email address
0 = mail server exists, but is rejecting all mail
1 = mail server exists, but is showing a temporary error
2 = mail server exists, but accepts all email
3 = mail server exists and has verified the email address		Validity score of email server's SMTP setup.
dns_validbooleanDoes the email's hostname have valid DNS entries? Partial indication of a valid email.
catch_allbooleanIs this email likely to be a "catch all" where the mail server verifies all emails tested against it as valid? It is difficult to determine if the address is truly valid in these scenarios, since the email's server will not confirm the account's status.
timed_outbooleanDid the email verification connection to the mail service provider timeout during the verification? If so, we recommend increasing the "timeout" variable above the default 7 second value so more time can be spent during the mailbox verification request to mail servers. Lookups that timeout with a "valid" result as false are most likely false and should be not be trusted.

Risk Object

FieldData TypesExplanation
overall_score0 to 4
0 = invalid email address
1 = dns valid, unreachable mail server
2 = dns valid, temporary mail rejection error
3 = dns valid, accepts all mail
4 = dns valid, verified email exists		Overall email validity score.
fraud_scorefloatThe overall Fraud Score of the user based on the email's reputation and recent behavior across the Beltic threat network. Fraud Scores >= 80 are suspicious, but not necessarily fraudulent.
recent_abusebooleanThis value will indicate if there has been any recently verified abuse across our network for this email address. Abuse could be a confirmed chargeback, fake signup, compromised device, fake app install, or similar malicious behavior within the past few days.
suspectbooleanThis value indicates if the mail server is currently replying with a temporary mail server error or if the email verification system is unable to verify the email address due to a broken SMTP handshake. This status will also be true for "catch all" email addresses as defined below. If this value is true, then we suspect the "valid" result may be tainted and there is not a guarantee that the email address is truly valid. This status is rarely true for popular mailbox providers and typically only returns as true for a small percentage of business mail servers.
disposablebooleanIs this email suspected of belonging to a temporary or disposable mail service? Usually associated with fraudsters and scammers.
leakedbooleanWas this email address associated with a recent database leak from a third party? Leaked accounts pose a risk as they may have become compromised during a database breach.
risky_tldbooleanSignals that the domain belongs to a risky TLD extension frequently associated with malware, scams, abuse, or phishing.
spam_trap_score"high", "medium", "low", "none"Intelligent confidence level of the email address being an active SPAM trap. We recommend scrubbing emails with a "high" status, typically for any promotional mailings. This data is meant to provide a more accurate result for the "frequent_complainer" and "honeypot" data points, which collect data from spam complaints, spam traps, and similar techniques.
frequent_complainerbooleanIndicates if this email frequently unsubscribes from marketing lists or reports spam complaints.

Auth Object

FieldData TypesExplanation
spf_recordbooleanConfirms if the domain has a proper SPF DNS record.
dmarc_recordbooleanConfirms if the domain has a proper DMARC DNS record.

Records Object

FieldData TypesExplanation
mx_recordsarrayList of MX records associated with the email's domain name.
a_recordsarrayList of A records associated with the email's domain name.

Timeline Object

FieldData TypesExplanation
domain_agestringISO 8601 timestamp showing when the domain was first registered.
first_seenstringISO 8601 timestamp of when this email was first observed in our database.

Error Responses

400 Bad Request

{
    "error": "Invalid email format",
    "message": "Email address must be in valid format"
}

401 Unauthorized

{
    "error": "Unauthorized",
    "message": "Invalid or missing API key"
}

Authentication

Learn how to authenticate with the API using X-API-Key header

IP Risk API

Validate IP addresses and assess risk factors including fraud detection, network information, and anonymity indicators

On this page

What is an Email Verification API?How Does Email Verification Work?Email Verification API Use CasesEmail Risk Analysis & Fraud PreventionEndpointParametersAuthenticationExample RequestExample ResponseResponse Field DefinitionsRecommended Logic for API ResultsComplete Field ReferenceEmail ObjectDeliverability ObjectRisk ObjectAuth ObjectRecords ObjectTimeline ObjectError Responses400 Bad Request401 Unauthorized