The UK-native email verification API.

Q: How do I authenticate API requests?

Create an API key in the dashboard, then send Authorization: Bearer mv_live_… on each request. Full examples are in the docs.

Q: Do you keep the email addresses I verify?

We do not use your data to build marketing lists. We never cache or persist verification results — only a short-lived Redis job queue entry until your result is returned, then it is cleared. See our Privacy policy.

Fast, GDPR-compliant, ICO registered, GB infrastructure only, plain JSON.

POST an address, get back result, mx_host, and smtp_code in one round trip.

Get your free API key25 free credits /mo Read the docs

Paid from £49 for 50k credits /mo · £99 unlimited /mo

+ VAT where applicable.

CRM friendly

Works with the stacks sales teams already live in

Verified emails drop into HubSpot, Salesforce, Pipedrive, Zoho, Odoo, Zapier, n8n, or anything that speaks HTTP. Same JSON whether you paste in the browser or call the API from a workflow.

POST /v1/verify · Bearer auth · JSON body

request

curl -s https://api.mailverify.co.uk/v1/verify \
  -H "Authorization: Bearer mv_live_xxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"email":"[email protected]"}'

ICO Registered

ZC112021

UK Data Processor

GB infrastructure only

GB Servers

All traffic stays in the UK

GDPR-native

Built for it, not bolted on

Workflow

POST → classify → act.

One POST, one answer. Send us an email address and get back a clear verdict: valid, invalid, catch-all, or disposable.

POST /v1/verify

Bearer token in the Authorization header, email address in the JSON body. No SDK, no queue, no client library.

We resolve and probe

MX lookup, SMTP probe, disposable blocklist check, catch-all detection. Synchronous, in one round trip.

Read result + flags

result is the verdict. is_catch_all, is_disposable, is_role, is_free_email, did_you_mean, mx_host, and smtp_code give you everything to decide what to do next.

Request Example

curl -X POST https://api.mailverify.co.uk/v1/verify \
  -H "Authorization: Bearer mv_live_xxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"email":"[email protected]"}'

Response Example

{
  "job_id": "3f2a1b4c-...",
  "email": "[email protected]",
  "result": "valid",
  "is_catch_all": false,
  "is_disposable": false,
  "is_role": false,
  "is_free_email": false,
  "did_you_mean": null,
  "mx_host": "aspmx.l.google.com",
  "smtp_code": 250,
  "checked_at": "2026-04-05T14:22:00.000Z",
  "server_region": "GB"
}

Use Cases

Built for every flow.

Whether you’re stopping typos at checkout or cleaning a massive legacy CRM list, we’ve got you covered.

Signup & auth flows

Call on form submit or server-side before account creation. Reject disposable inboxes, warn on risky ones, block undeliverable outright.

[email protected]

Disposable address blocked.

Checkout & transactional email

Validate the billing email at the point of sale. One undeliverable address = a missed receipt and a support ticket.

[email protected]

Did you mean [email protected]?

CRM ingestion & lead scoring

Run inbound leads through the API before they sync. Tag by status, filter catch-alls, keep your segments clean from day one.

Valid

Alex Smith

[email protected]

Bulk list hygiene

POST /v1/verify for one address at a time, or POST /v1/verify/bulk for thousands per request. Scale plans also get CSV upload in the dashboard.

contacts.csv

4k/5k

Try it live

Paste an address and see the real JSON response.

Type any email address and get an instant result. 3 free checks per day.

Response Fields

What comes back in the JSON.

Everything you need to make a routing decision, bundled into a single synchronous response.

View full documentation →

result

valid, invalid, catch_all, disposable, role, or unknown. Ready to branch on in your signup or CRM logic.

mx_host

The highest-priority MX we resolved. Useful for routing decisions or spotting domains with no mail infrastructure.

is_catch_all

True when the domain accepts mail for any local part. Warn users or lower trust scores without rejecting the address outright.

is_disposable

Matched against a live blocklist of throwaway inbox providers. Block them at signup, or just log them. Up to you.

is_free_email

True for consumer providers like Gmail, Yahoo, Hotmail, iCloud, and 4,700+ others. Filter personal addresses from business-only signups in one check.

did_you_mean

Catches common typos — gmal.com, hotmail.con, outlok.com — and returns the likely intended address. Show a prompt and save the lead.

smtp_code

The SMTP RCPT TO response from our probe. Concrete signal alongside the rolled-up result.

GB egress, GDPR-native

Every request routes through UK infrastructure. We don't store your lists. ICO registered, DPA available on request.

Pricing

Simple pricing, no surprises.

Starter

Free

Kick the tyres. Full API access on the free tier. No card, no commitment.

25 free verifications / month
Dashboard access
API access included
Community support

Get started free

Scale

£49/ mo

Full API access and 50,000 verifications a month. Everything you need to ship to production.

50,000 verifications / month
Up to 5 API keys
Bulk CSV upload
Webhooks
Email support (UK hours)

Get started

Unlimited

£99/ mo

No caps, no surprises. Verify as many addresses as you need every month.

Unlimited verifications
Up to 10 API keys
Bulk CSV upload
Webhooks
Priority support (UK hours)

Get started

Prices exclude VAT; UK VAT (20%) is added at checkout where applicable.

Free Tools

Free email deliverability tools.

Weird bounce rates or inbox placement tanking? Nine times out of ten it's DNS, a blacklist or something odd in the headers. These tools help you narrow it down - no account, nothing stored.

All tools →

Email Auth Checker

Pulls live DNS records for any domain and tells you what's wrong with your SPF, DKIM, DMARC and MX setup - with specific steps to fix it.

Use free tool →

Blacklist Checker

One Spamhaus listing can tank your inbox rates overnight. Run your domain or IP against 16 RBLs and get removal links for anything that comes up.

Use free tool →

Header Analyser

Paste raw headers from any email client and see the full relay path, SPF/DKIM/DMARC results, spam score and anything suspicious. Runs in your browser - nothing leaves your device.

Use free tool →

View all tools →

UK Email Guidance

UK email law, in plain English.

PECR, UK GDPR, ICO registration — most businesses sending email in the UK are tripping over at least one of these. We wrote the guides we wish existed.

All articles →

Dan Bruce·April 2026·6 min read

Why ICO Registration Matters for UK Email Senders

Every UK business that processes personal data must register with the ICO. Here's what it means, why it matters, and what happens if you skip it.

Read article →

Dan Bruce·April 2026·8 min read

UK Email Marketing Law: PECR, UK GDPR, and What They Mean for You

Two separate laws govern commercial email in the UK. A plain-English breakdown of consent, the soft opt-in rule, and what enforcement actually looks like.

Read article →

Dan Bruce·April 2026·9 min read

UK GDPR and Email Compliance: A Practical Guide for 2026

Lawful basis, data minimisation, retention schedules, individual rights, and breach response — everything UK businesses need to handle email data correctly.

Read article →

View all articles →

FAQ

Common questions.

Quick answers about the API, UK hosting, and plans. For billing, limits, and troubleshooting, see Help & FAQ.

What does MailVerify do?

MailVerify is a REST API that checks whether an email address is deliverable and surfaces risk signals in one request: result, mx_host, catch-all and disposable flags, and the SMTP response code. No queue — you get JSON back synchronously.

Do I need an SDK?

No. Send HTTPS POST requests with a JSON body and a Bearer token from any language or stack. If you can call an HTTP API, you can use MailVerify.

Where is my data processed?

All API traffic is handled on infrastructure in the United Kingdom. We’re ICO registered (ZC112021) and built with UK GDPR in mind. See our Security and server locations pages for detail.

What’s on the free plan?

The Starter tier includes 25 verification credits per month, dashboard access, and API access — enough to integrate and test before you scale. Paid plans add higher volumes, bulk CSV, webhooks, and more keys.

How do I authenticate API requests?

Create an API key in the dashboard, then send Authorization: Bearer mv_live_… on each request. Full examples are in the docs.

Single verify vs bulk — what’s the difference?

POST /v1/verify checks one address and returns immediately. POST /v1/verify/bulk accepts large batches and completes asynchronously, with webhooks or polling for results — ideal for list imports and backfills.

Do you keep the email addresses I verify?

We don’t use your data to build marketing lists. We never cache or persist verification results — only a short-lived Redis job queue entry until your result is returned, then it is cleared. See our Privacy policy.