What is email validation?

Email validation is the process of verifying whether an email address is real, deliverable, and safe to send to. It checks syntax, domain records, MX servers, catch-all configuration, and performs SMTP mailbox verification to confirm the mailbox exists.

What is SMTP mailbox verification?

SMTP mailbox verification connects directly to the recipient mail server and checks whether a specific email address exists — without sending any email. It is the most reliable method of email validation and confirms deliverability at the mailbox level.

How much does BounceProtect cost?

BounceProtect offers a free plan with 100 validation credits. Paid plans start at $29/month for 10,000 validations (Pro), $99/month for 50,000 (Agency), and $199/month for 200,000 (Scale). Credit packs are also available for one-time use.

Is BounceProtect an alternative to NeverBounce or ZeroBounce?

Yes. BounceProtect offers real-time SMTP mailbox verification, deliverability scoring, spam risk analysis, catch-all detection, and company intelligence matching — comparable to NeverBounce and ZeroBounce, with a modern API and competitive pricing.

BounceProtect

Clean your email lists before you send

API Documentation

Integrate BounceProtect email validation into your app with our simple REST API. Each validation costs 1 credit.

Not a developer? You can validate email lists without writing any code using our upload dashboard. The API is for teams who want to integrate validation directly into their apps or workflows.

Quickstart

Validate your first email in under 60 seconds. Get your API key from the dashboard.

bash

curl -X POST https://www.bounceprotect.com/api/v1/validate/email \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"email": "john.doe@company.com"}'

json

{
  "email": "john.doe@company.com",
  "status": "valid",
  "status_reason": "valid_domain_with_mx",
  "status_explanation": "Domain mail servers detected",
  "deliverability_score": 92,
  "signals": {
    "is_disposable": false,
    "is_role_account": false,
    "is_free_provider": false,
    "is_possible_typo": false,
    "suggested_domain": null,
    "has_mx": true,
    "has_spf": true,
    "has_dmarc": true
  },
  "send_recommendation": "SEND",
  "credits_remaining": 4999
}

Authentication

All API requests must include your API key in the Authorization header using the Bearer scheme.

bash

Authorization: Bearer bp_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Generate and manage your API keys in the API Keys dashboard. Never expose your API key in client-side code.

Validate email

POST/api/v1/validate/email

Validate a single email address. Costs 1 credit.

Request body

Parameter	Type	Description
`email`required	`string`	The email address to validate.

Example

bash

curl -X POST https://www.bounceprotect.com/api/v1/validate/email \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"email": "sarah@acmecorp.com"}'

Validate bulk

POST/api/v1/validate/bulk

Validate up to 100 emails in a single request. Costs 1 credit per email.

Request body

Parameter	Type	Description
`emails`required	`string[]`	Array of email addresses to validate. Maximum 100 per request.

Example

bash

curl -X POST https://www.bounceprotect.com/api/v1/validate/bulk \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"emails": ["sarah@company.com", "noreply@brand.com", "test@gmail.com"]}'

Account balance

GET/api/v1/account/balance

Returns your current credit balance.

bash

curl https://www.bounceprotect.com/api/v1/account/balance \
  -H "Authorization: Bearer YOUR_API_KEY"

Response fields

Field	Type	Description
`status`	`string`	"valid" \| "risky" \| "invalid" \| "unknown"
`status_reason`	`string`	Machine-readable reason code e.g. free_email_provider, disposable_domain, invalid_syntax
`status_explanation`	`string`	Plain-English explanation of the status.
`deliverability_score`	`number`	0-100 score. Higher is better. 90+ is safe to send, below 40 is high risk.
`signals.is_disposable`	`boolean`	Temporary or disposable email provider detected.
`signals.is_role_account`	`boolean`	Role-based address detected (info@, noreply@, etc).
`signals.is_free_provider`	`boolean`	Free email provider detected (Gmail, Yahoo, etc).
`signals.is_possible_typo`	`boolean`	Possible domain typo detected.
`signals.suggested_domain`	`string \| null`	Suggested corrected domain if a typo was detected.
`signals.has_mx`	`boolean \| null`	Domain has valid MX records.
`signals.has_spf`	`boolean \| null`	Domain has SPF record configured.
`signals.has_dmarc`	`boolean \| null`	Domain has DMARC record configured.
`signals.is_catch_all`	`boolean`	True if the domain accepts email to any address. Emails may be delivered but could go unmonitored.
`send_recommendation`	`string`	"SEND" \| "SEND_WITH_CAUTION" \| "REVIEW" \| "DO_NOT_SEND" — our recommendation based on all signals combined. The fastest way to action results without building your own scoring logic.
`credits_remaining`	`number`	Your remaining credit balance after this request.

Response codes

Status	Code	Meaning
`400`	`Bad Request`	Missing or invalid request body. Check that email is a valid string.
`401`	`Unauthorized`	Missing, invalid, or revoked API key.
`402`	`Payment Required`	Insufficient credits. Top up at bounceprotect.com/dashboard/usage.
`429`	`Too Many Requests`	Rate limit exceeded. Slow down your requests.
`500`	`Server Error`	Something went wrong on our end. Try again.

Best practices

When to block vs allow at point of entry

When validating emails at signup or form submission, we recommend this approach:

Status	Recommendation	Reason
`valid`	`Allow`	Safe to proceed. Domain has mail servers and passed all checks.
`risky`	`Allow with caution`	Review the signals. Free providers and catch-alls are often legitimate. Block disposable and role accounts if your use case requires it.
`invalid`	`Block`	Email will bounce. Do not send to invalid addresses.
`unknown`	`Allow`	Could not be verified. Treat as valid and monitor bounce rates.

Deliverability score guide

Score	Rating	Action
`90-100`	`Excellent`	Safe to send. High confidence this is a real, active inbox.
`70-89`	`Good`	Generally safe. May be a free provider or have minor signals.
`40-69`	`Moderate`	Review before sending. Catch-all, new domain, or role account.
`1-39`	`High risk`	Avoid sending. Disposable, invalid syntax, or no mail servers.
`0`	`Invalid`	Do not send. Email is definitively invalid.

Rate limits

Plan	Requests/second	Bulk limit
`Pro`	`10 req/s`	Up to 100 emails per bulk request.
`Agency`	`50 req/s`	Up to 100 emails per bulk request.
`Scale`	`200 req/s`	Up to 100 emails per bulk request.

Rate limit headers are included in every response. If you exceed the limit you will receive a 429 response. Implement exponential backoff in your client.

Changelog

April 2026

Added send_recommendation to all API responses
Added signals.is_catch_all to all API responses
Added signals.has_spf and signals.has_dmarc to bulk API responses
Company intelligence now available via Deep Analysis dashboard

v1.0

March 2026 — Initial release

Single email validation endpoint
Bulk validation up to 100 emails per request
Account balance endpoint
API key management dashboard
Deliverability scoring (0-100)
Multi-signal detection: disposable, role accounts, domain typos, SPF/DMARC