Easy-to-implement code to validate emails, in YOUR choice of language!

We have listed sample code for verifying email addresses via our free API in some of the most common programming languages out there.

Your favorite language isn't listed? Worry not! It's just a simple HTTP GET-request, so it can be implemented in any language!

Relaxed programmer

Sample code to validate email addresses

Select which language you want sample code for!

API response description

Here is a detailed breakdown of the API response values


   "valid": true, // is the domain valid?
   "block": true, // should this be blocked?
   "disposable": true, // is it disposable?
   "domain": "dxamail.net", // domain in request
   "text": "Disposable \/ temporary domain", // text description of result
   "reason": "Disposable", // possibly more information about result
   "risk": 91, // combined risk score of the domain
   "mx_host": "dxamail.net", // the domain's MX host
   "possible_typo": [], // any possible typos?
   "mx_ip": "", // the IP of the MX host
   "mx_info": "Using MX pointer dxamail.net from DNS with priority: 0", // information about chosen MX host
   "last_changed_at": "2020-06-11T09:56:02+02:00" // when did the risk score change last?
valid: true / false

The "valid" boolean indicates if the requested domain or e-mail is valid. Non-existing domains or invalid data will set this flag as false. Please note that disposable e-mail domains are still valid to receive e-mails, so they also have this value set to true.

block: true / false

The "block" boolean is the most important part of the response. This indicates if the API suggests you should block this e-mail / sign-up. Block is set to "true" for invalid domains, disposable domains, or domains / e-mails by spam bots or automated signups. This is usually the only flag you need to look at.

disposable: true / false

The "disposable" boolean indicates if we suspect this to be a disposable or temporary e-mail address. Some new domains are blocked based on their anomalies before we know if it's disposable or not.

text: string

The "text" string response contains a description of the result of the API lookup. The "text" and "reason" results are meant for manual analysis, and are not fit to present to end users directly.

reason: string

The "reason" string response contains a slightly more technical indication of why this result was reached. The "text" and "reason" results are meant for manual analysis, and are not fit to present to end users directly.

risk: integer 0-100

This API combines many heuristic analyses and threat feeds into a single result. The "risk" integer is a numerical representation of the anomalies detected. Regular domains usually have a risk score of 0-30.

possible_typo: array of strings

This variable can contain an array of strings with possible domains that the user really meant to type. "exaample.com" could have "example.com" listed as a possibly typo string.

mx_host: string

The "mx_host" value represents the detected MX host for the domain. It can be either a domain name or IP-address or null.

mx_ip: string

The "mx_ip" value is the IP address of the detected MX host. It can be null if no valid MX is detected.

mx_info: string

The "mx_info" value contains details about how the MX host was detected or chosen.

last_changed_at: string

The "last_changed_at" string contains a ISO 8601 formatted date and time for when the risk score, or block suggestion was last changed for this domain or e-mail. If a domain was previously okay, but we notice that it's being used with malicious intent, the "block" flag will be set to true, and the last_changed_at updated. If this domain or e-mail didn't previously have a risk score calculated, it is set to the current date and time of the API request.