Pricing

from $4.25 / 1,000 results

Domain Deliverability Checker SPF DKIM DMARC Blacklist Clay

Audit a domain's email deliverability: SPF, DKIM, DMARC and policy, MX and mail provider, catch-all and blacklist checks, domain age, and a 0 to 100 health score. Flat JSON, Clay ready.

Pricing

from $4.25 / 1,000 results

Rating

0.0

(0)

Developer

Mamba Labs

Actor stats

Bookmarked

Total users

Monthly active users

2 days ago

Last modified

Domain Deliverability Checker: SPF, DKIM, DMARC, MX, Blacklist

Audit a domain's email deliverability and DNS health in one call. Give it a domain and get back SPF, DKIM, and DMARC authentication with policy, MX records and mail provider, DNS blacklist status, catch-all detection, domain age, and a single 0 to 100 health score. Flat JSON, one row per domain, ready to drop into a Clay table. Pure DNS and SMTP: no browser, no proxy, no paid third-party APIs.

Built for outbound agencies, sales operations teams, and Clay users who need to check domain health before sending cold email. Where most Apify actors check only one slice (just DNS, or just blacklists, or just DMARC), this one returns the complete deliverability verdict in a single flat row.

Features

Full email authentication audit. SPF record and qualifier policy, DMARC record and policy (none, quarantine, reject), and DKIM presence across the common provider selectors.
Mail provider detection. Identifies Google Workspace, Microsoft 365, Zoho, Proofpoint, Mimecast, Amazon SES, and more from the MX records.
DNS blacklist checks. Tests the domain's mail server IP against a curated set of DNSBL zones and reports listed, clean, or unknown.
Catch-all detection. SMTP RCPT probe to flag accept-all domains. Off by default because the Apify platform blocks outbound port 25; see Limitations.
Domain age. Registration date via RDAP, the modern registry protocol that survives GDPR redaction, with a DNS SOA fallback.
Spam-trap risk heuristics. Advisory flags for young domains, mail without authentication, and blacklisted infrastructure.
0 to 100 deliverability score. A single transparent verdict with a low, medium, or high risk level.
Batch and cache. Pass a domains array for bulk runs; results are cached for 24 hours to make repeat lookups free.

Input

Field	Type	Required	Default	Description
`domain`	string	no	stripe.com	Bare domain without https:// or trailing slash.
`domains`	array	no	none	List of bare domains for batch processing. Takes precedence over `domain`. One output row per domain.
`batchSize`	integer	no	5	Domains audited concurrently per wave in batch mode. Maximum 10.
`skipCache`	boolean	no	false	Force a fresh audit and ignore any cached result.
`attempt_catch_all`	boolean	no	false	Run the SMTP catch-all probe. Off by default because the Apify platform blocks port 25; enable only on a runner that allows port 25 egress.

Provide either domain or domains.

Output

One flat row per domain. Every field is always present; absent values are null.

Field	Type	Description	Example
`domain`	string	Normalized input domain	`stripe.com`
`spf_record`	string	Raw SPF TXT record, or null	`v=spf1 include:_spf.google.com ~all`
`spf_valid`	boolean	A valid v=spf1 record is present	`true`
`spf_policy`	string	Qualifier on all: fail, softfail, neutral, pass, or null	`softfail`
`dkim_selectors_found`	array	Common selectors that returned a key	`["google","s1","s2"]`
`dkim_present`	boolean	At least one common selector found	`true`
`dmarc_record`	string	Raw DMARC TXT record, or null	`v=DMARC1; p=reject;`
`dmarc_policy`	string	none, quarantine, reject, or null	`reject`
`dmarc_valid`	boolean	A valid v=DMARC1 record is present	`true`
`mx_records`	array	MX hosts with priority	`[{"host":"aspmx.l.google.com","priority":10}]`
`has_mx`	boolean	Domain has at least one MX	`true`
`mail_provider`	string	Detected provider, or null	`Google Workspace`
`catch_all`	boolean	SMTP accepts a random address, or null when unknown	`null`
`catch_all_status`	string	catch_all, not_catch_all, or unknown	`unknown`
`blacklisted`	boolean	Listed on any checked DNSBL	`false`
`blacklists_listed`	array	Zones that returned a listing	`[]`
`blacklists_checked`	array	Zones queried this run	`["bl.spamcop.net", ...]`
`blacklist_status`	string	listed, clean, or unknown	`clean`
`spam_trap_risk`	string	low, medium, or high heuristic	`low`
`spam_trap_flags`	array	Triggered heuristics	`[]`
`domain_age_days`	integer	Days since registration, or null	`11238`
`domain_age_source`	string	rdap, soa, or null	`rdap`
`has_website`	boolean	Domain has an A or AAAA record	`true`
`deliverability_score`	integer	0 to 100 composite verdict	`95`
`risk_level`	string	low, medium, or high	`low`
`run_date`	string	ISO timestamp of the run	`2026-06-19T08:10:59Z`

Score model: has MX +20; valid SPF +20 (hard -all +5); DKIM present +15; valid DMARC +15 (quarantine +5, reject +10); blacklist clean +15 (unknown +7); catch-all not detected +5 (detected -10). Capped 0 to 100. Risk: 80 or more low, 50 to 79 medium, under 50 high.

Pricing

Tier	Discount	Per result	Per 1K results
Free (no plan)	0%	$0.005	$5.00
Starter (Bronze)	~5%	$0.00475	$4.75
Scale (Silver)	~10%	$0.0045	$4.50
Business (Gold)	~15%	$0.00425	$4.25

Free tier: 50 results per month included, resets monthly. Cached repeat lookups within 24 hours are free.

Usage Examples

Apify Console / API

curl -X POST "https://api.apify.com/v2/acts/0tVgxI7A6o9jMlxmc/run-sync-get-dataset-items?token=YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"domain":"stripe.com"}'

Batch:

{ "domains": ["stripe.com", "github.com", "mailchimp.com"], "batchSize": 5 }

Clay Integration

Add an Enrichment column of type HTTP API, or use the Apify integration.
Call this actor with domain mapped to your domain column.
Map the returned fields to columns: deliverability_score, risk_level, spf_valid, dmarc_policy, blacklist_status, mail_provider.
Gate downstream sends on a formula like deliverability_score >= 70 to skip risky domains before they enter a sequence.

The output is flat and one row per domain, so every field maps directly to a Clay column with no JSON unwrapping.

MCP Integration

$npm install @mambalabsdev/mcp-domain-deliverability-checker

{
  "mcpServers": {
    "domain-deliverability": {
      "command": "npx",
      "args": ["-y", "@mambalabsdev/mcp-domain-deliverability-checker"],
      "env": { "APIFY_TOKEN": "YOUR_TOKEN" }
    }
  }
}

Tool: check_domain_deliverability with { "domain": "stripe.com" }.

Error Handling

Condition	Behavior	Output
Empty or invalid domain	Empty record pushed, run continues	all checks null or false, score 0
No MX or NXDOMAIN	Row emitted, blacklist and SMTP skipped	`has_mx:false`, not treated as an error
Port 25 blocked or SMTP timeout	Catch-all reported as unknown	`catch_all:null, catch_all_status:"unknown"`
DNSBL zone blocks or errors	That zone dropped to unknown, others continue	`blacklist_status` may be `unknown`
RDAP unavailable	Falls back to SOA serial, then null	`domain_age_source:"soa"` or null
One domain throws in a batch	Caught per domain, empty record pushed	other rows unaffected

Limitations

Catch-all is off by default. The Apify platform blocks outbound SMTP on port 25, so the catch-all probe returns unknown here. Enable attempt_catch_all only when running this actor on infrastructure that permits port 25 egress.
DNS blacklist coverage is best-effort. Spamhaus and Barracuda block queries from cloud IPs and public resolvers without a paid data-query key, so some zones return unknown. A clean result means clean on the zones that answered, not an authoritative all-clear.
DKIM uses common-selector probing. DKIM selectors cannot be enumerated from DNS, so the actor checks a fixed list of provider selectors. An empty result means not found on a common selector, not a guarantee that DKIM is absent.
Domain age depends on the registry. RDAP returns the registration date for most TLDs; some registries omit or redact it, in which case the value is null or an approximate SOA-based fallback.
Data freshness. Results are cached for 24 hours. Pass skipCache: true for a live audit.

Part of the Mamba Labs GTM Intelligence Suite

Actor	Actor ID
GTM Hiring Signal Scraper	D7O1SA2EqwHGsGr1P
GTM Tech Stack Signal Enrichment	qyd7nNyqFPelQViBx
GTM Signals Aggregator	xKdRfnfFNkdMpFuNs
Job Board Keyword Signal Scanner	4DvqpvhMR74NLcDDY
Domain to LinkedIn URL Resolver	3HtnSaqPHOg1Qg5gx
ICP Fit Scorer	W161DT8W4kW55dMFh

npm: @mambalabsdev/ats-scrapers

Built by Mamba Labs.

Email Verifier & Finder - Mailbox Exists, SPF/DKIM/DMARC

apivault_labs/email-deliverability-checker

Verify if an email exists (live mailbox check: accepted/rejected/catch-all) AND find emails by name + company domain. Plus MX, SPF, DKIM, DMARC, disposable, typo and a 0-100 score. You only pay for definitive results. No login, no keys.

Apivault Labs

Supernet Domain Health - Email Reputation Audit

superlativetech/supernet-domain-health

Email authentication and deliverability audit for any domain. Checks SPF, DKIM, DMARC, MX, blacklists, SSL, WHOIS, BIMI, MTA-STS — returns a 0-100 health score with actionable fixes. Sending or receiving mode. Batch thousands or query one via instant API.

Superlative

📋 Email DMARC Auditor — SPF/DKIM/DMARC Bulk Check

nexgendata/email-dmarc-auditor

Bulk email authentication audit. Parses SPF, DMARC, and DKIM records, returns deliverability score (0-100), and step-by-step remediation actions per domain.

NexGenData

📧 Email RBL Bulk Checker — MXToolbox Alternative

nexgendata/email-rbl-checker

Bulk DNS blacklist checker for IPs and domains. Queries 30+ RBLs (Spamhaus, Barracuda, SORBS, UCEPROTECT, SpamCop). Returns reputation score, listing evidence, remediation action.

NexGenData

🌐 DNS Propagation Checker — Global Resolver Bulk Tool

nexgendata/dns-propagation-checker

Check DNS propagation across 15 global resolvers (Google, Cloudflare, Quad9, OpenDNS, Verisign, Yandex). Detects inconsistency, reports by-region variance, returns TTL and full record data.

NexGenData

Email Domain Blacklist Checker

trovevault/email-domain-blacklist-checker

Check any domain against 15 email blacklists (Spamhaus, SURBL, SpamCop, Barracuda and more) and validate SPF, DMARC and MX records. No API keys required. Export data, run via API, schedule and monitor runs, or integrate with other tools.

Trove Vault

✉️ Bulk Email Validator

taroyamada/email-deliverability-checker

Verify email addresses using live DNS MX lookups and RFC syntax validation. Identify disposable providers and extract a 0-100 health score for any list.

naoki anzai

Bulk SMTP Email Verifier — Mailbox & Catch-All Checker

automation-lab/smtp-email-verifier

Deep-verify lead emails with SMTP RCPT checks before campaign upload. Classify valid, invalid, catch-all, disposable, unknown, and risky mailboxes; no email is sent and no third-party verification API is required.

Stas Persiianenko

Bulk Email Verifier — MX, SMTP & Disposable Detection at Scale

ryanclinton/bulk-email-verifier

Verify email deliverability in bulk — MX records, live SMTP mailbox checks, disposable domain detection (55,000+ domains), role-based flagging, catch-all detection, and confidence scores. $0.005/email, no subscription.

Ryan Clinton

274

WHOIS / WhoisXML Replacement — RDAP-Powered Lookup

nexgendata/whois-replacement

WhoisXML is gated. Here's the RDAP-powered drop-in that works on any TLD. Unified JSON schema, RDAP-first with legacy WHOIS fallback.

NexGenData

🌐 DNS Lookup — Bulk A, MX, CNAME & TXT Records

nexgendata/dns-records-lookup

Bulk DNS record lookups — A, AAAA, MX, CNAME, TXT, NS, SOA, SPF, DMARC. MXToolbox & DNSChecker alternative for SREs and security teams: monitor zones, verify email auth, audit domains. Pay $0.01 per lookup, no monthly fee.

NexGenData