Bulk Email Verifier

Bulk email verification that checks every address through seven independent layers — syntax, DNS MX records, disposable domain detection, role-based flagging, free provider identification, live SMTP mailbox probing, and catch-all detection — then scores each result from 0 to 95. Built for sales teams, email marketers, and developers who need clean lists without paying per-credit SaaS fees. At $0.005 per email, you get SMTP-depth verification for a fraction of what NeverBounce or ZeroBounce charge.

Drop in your list, pick a verification level, and the actor returns a structured result for every address: a five-category status verdict, a numeric confidence score, a full check-by-check breakdown, the MX hostname, and a plain-English reason for every failure. Runs process in parallel with domain-level MX caching, so a list of 10,000 addresses at the same company only performs one DNS lookup.

What data can you extract?

Data Point	Source	Example
📧 Email address	Input (normalized)	sarah.chen@pinnacleventures.com
✅ Verification status	Multi-layer pipeline	valid
📊 Confidence score	Deterministic scoring	95
🔍 Syntax check	RFC 5322 regex	true
🗑️ Disposable flag	MailChecker (55,000+ domains)	false
👤 Role-based flag	64 prefix list	false
🆓 Free provider flag	60+ provider list	false
📡 MX records found	DNS resolution	true
📬 SMTP mailbox check	Live SMTP probe	true
🕵️ Catch-all domain	Dual random-address probe	false
🛡️ SPF record	DNS TXT lookup	true
🔐 DKIM record	DNS TXT lookup (6 selectors)	true
📋 DMARC policy	DNS TXT lookup	true
🖥️ MX hostname	DNS lookup	mx1.pinnacleventures.com
⚠️ Failure reason	Logic engine	null
🕐 Verified at	Timestamp	2026-03-19T09:14:33.012Z

Why use Bulk Email Verifier?

Manually checking email lists is not a workflow — it is a fire drill. A 10,000-contact export from your CRM will have a 15-25% invalid rate after 12 months of natural churn. Sending to that dirty list tanks your sender reputation, triggers spam filters, and burns your domain's deliverability for months. Dedicated SaaS tools like NeverBounce charge $0.008 per email and require a monthly subscription commitment. ZeroBounce starts at $0.004/email but adds platform fees on top.

This actor charges $0.005 per email, all-in, with no subscription and no monthly minimum. A team processing 50,000 emails per month pays $250 — compared to $400+ on NeverBounce. And because it runs on Apify, you get the full platform around it:

• Scheduling — run weekly list-cleaning jobs automatically; keep your CRM perpetually clean without manual effort
• API access — trigger verification from Python, JavaScript, or any HTTP client; slot it into any pipeline
• Monitoring — get Slack or email alerts when verification runs fail or produce unexpected output ratios
• Integrations — connect results to Zapier, Make, Google Sheets, HubSpot, or custom webhooks in minutes

Features

• Three verification levels — Basic (syntax + MX, ~30 seconds per 1,000 emails), Standard (+ disposable/role/free detection, same speed), and Deep (+ live SMTP probe + catch-all test, 5-15 minutes per 1,000 emails)
• SMTP mailbox probing via dedicated relay — the actor routes SMTP checks through the apifyforge.com relay server (IONOS hosting with port 25 open), bypassing Apify cloud's outbound port-25 block that breaks most self-hosted SMTP verifiers
• Catch-all domain detection with dual probe — sends two randomized nonexistent addresses to the MX host for higher accuracy; if both are accepted, the domain is flagged catch-all and all its addresses are marked unknown to prevent false positives
• Domain health scoring (SPF/DKIM/DMARC) — checks DNS TXT records for SPF, DKIM (6 common selectors), and DMARC policies on every verified domain. No other Apify email verifier does this. Tells you whether the domain follows email authentication best practices before you send.
• Disposable email detection via MailChecker — compares against a continuously updated database of 55,000+ temporary and throwaway email domains (Mailinator, Guerrilla Mail, Temp Mail, etc.)
• 64 role-based prefix patterns with compound matching — flags functional addresses (info@, admin@, support@, noreply@, billing@, careers@, webmaster@, donotreply@, and more) including compound formats like info.chicago@, sales+crm@, and us.support@ that simpler verifiers miss
• 60+ free provider domains — identifies Gmail, Yahoo, Outlook, ProtonMail, Tutanota, Yandex, and 55+ more so you can separate personal from corporate email in one pass
• Deterministic confidence scoring — scores are rule-based, not ML-based: 95 for SMTP-confirmed + not catch-all, 80 for SMTP-confirmed + catch-all unknown, 50 for catch-all domain, 70 for MX-only (no SMTP), 20 for disposable, 10 for SMTP-rejected, 5 for no MX records, 0 for invalid syntax
• Domain-level MX caching — emails are grouped by domain before processing; DNS MX records are fetched once and reused for every address at that domain, making enterprise lists dramatically faster
• Domain-level catch-all caching — the catch-all test runs once per domain and is shared across all addresses on that domain
• Automatic deduplication and normalization — input emails are lowercased, trimmed, and deduplicated before the pipeline starts; you do not need to clean your input
• Configurable concurrency — run 1-10 emails in parallel; lower settings (2-3) protect against SMTP rate limiting on Deep mode
• Spending limit enforcement — the actor stops dispatching new verifications the moment your per-run budget is reached, so a large list never overruns your cost ceiling. Results verified before the limit are kept.
• Live progress updates — the Apify console status bar shows real-time progress (Verified 450/1000 emails...) so you always know the run is working
• Summary stats in Key-Value Store — aggregate counts (valid, invalid, disposable, average confidence) saved to the SUMMARY key for downstream consumption
• Batch size cap — set maxEmails to limit how many addresses are processed per run, preventing Deep mode from exceeding the timeout on large lists
• Pay-per-event pricing — no charge for failed runs or errors; you are charged only for successfully completed email verifications

Use cases for bulk email verification

Sales prospecting list cleaning

SDRs and BDRs building outreach sequences from scraped or purchased contact lists routinely start with 20-30% bad addresses. Running a list of 5,000 prospects through Deep verification before loading it into Outreach or Salesloft eliminates bounce-backs that damage domain reputation. At $0.005/email, cleaning a 5,000-contact list costs $25 — less than one hour of an SDR's time.

Email marketing campaign hygiene

Email marketers preparing campaigns on Mailchimp, Klaviyo, or ActiveCampaign face hard bounce thresholds around 2%. A single campaign to a dirty list can get the account suspended. Schedule this actor to run weekly against your full subscriber list, filter out invalid and disposable statuses, and export clean segments directly to Google Sheets before each send.

CRM data quality maintenance

Marketing operations teams managing HubSpot or Salesforce databases accumulate invalid contacts at 2-3% per month through natural attrition. Pair this actor with HubSpot Lead Pusher to run monthly verification sweeps and automatically flag or suppress stale contacts before they affect campaign metrics.

Lead generation pipeline validation

Teams using Website Contact Scraper or Google Maps Email Extractor to build lead databases can plug this actor in as the final stage. Every scraped address gets verified before it reaches the CRM or outreach tool, so only deliverable contacts enter the pipeline.

SaaS signup quality filtering

Developers building SaaS products can call this actor via API at signup time to flag disposable and role-based email registrations before they enter the user database. A new signup with test@guerrillamail.com returns disposable status in under two seconds on Standard mode — enough to block the registration or require a second verification step.

Data enrichment quality control

Teams running Waterfall Contact Enrichment or Email Pattern Finder need a final deliverability gate. Use this actor to verify every predicted or enriched email address before the record is marked complete and sent downstream.

How to verify emails in bulk

1. Enter your email list — paste addresses into the "Email addresses" field, one per line. You can add hundreds or thousands. The actor automatically removes duplicates and normalizes capitalization.
2. Choose a verification level — select Standard for most use cases (catches disposables, role addresses, and dead domains in seconds). Choose Deep only when you need SMTP-level mailbox confirmation for a smaller, high-value list.
3. Click Start — the actor runs on Apify's cloud. Standard mode processes 1,000 emails in roughly 30 seconds. Deep mode takes 5-15 minutes per 1,000 emails depending on mail server response times.
4. Download results — open the Dataset tab when the run finishes. Export as CSV for Excel, JSON for your pipeline, or connect directly to Google Sheets. Filter by status column to extract just the valid addresses.

Input parameters

Parameter	Type	Required	Default	Description
emails	string[]	Yes	—	Email addresses to verify. Duplicates and blank entries are removed automatically.
verificationLevel	string	No	standard	basic = syntax + MX only. standard = adds disposable, role-based, free provider checks. deep = adds live SMTP mailbox check and catch-all detection.
maxEmails	integer	No	0 (no limit)	Cap the number of emails processed per run. Set to 0 for unlimited. Useful for Deep mode to stay within timeout. Range: 0-100,000.
smtpTimeout	integer	No	10	Seconds to wait for SMTP server response before marking result as unknown. Range: 3-30. Only applies in Deep mode.
maxConcurrency	integer	No	5	Emails verified simultaneously. Lower values reduce SMTP rate-limit risk in Deep mode. Range: 1-10.

Input examples

Standard verification for a marketing list:

{
    "emails": [
        "james.whitfield@pinnacleventures.com",
        "sarah.chen@acmecorp.io",
        "info@betaindustries.net",
        "test@mailinator.com",
        "cfo@nonexistent-domain-xyz.com"
    ],
    "verificationLevel": "standard"
}

Deep SMTP verification for a high-value sales list:

{
    "emails": [
        "ceo@meridianlogistics.com",
        "procurement@globalfabrics.co.uk",
        "diana.okafor@syntheticai.io"
    ],
    "verificationLevel": "deep",
    "smtpTimeout": 15,
    "maxConcurrency": 3,
    "maxEmails": 2000
}

Fast syntax and MX sweep for a large import:

{
    "emails": ["addr1@company.com", "addr2@company.com"],
    "verificationLevel": "basic",
    "maxConcurrency": 10
}

Input tips

• Start with Standard mode — it catches 80% of bad addresses (disposables, dead domains, role inboxes) in the same time as Basic, with no SMTP overhead. Reserve Deep mode for lists under 2,000 addresses.
• Set concurrency to 2-3 for Deep mode — higher concurrency triggers rate limiting on mail servers, producing more unknown results. Slower but more accurate.
• Increase SMTP timeout for international domains — mail servers in Asia-Pacific or South America sometimes need 15-20 seconds to respond. Raise smtpTimeout to 20 if you see high unknown rates on Deep mode.
• Batch large lists by domain — if your list is 50,000 addresses from the same company, the domain-level MX cache makes this actor extremely fast. Mix of many domains is still efficient but benefits less from caching.
• Do not pre-deduplicate your input — the actor handles deduplication internally. Sending duplicates does not incur double charges.

Output example

{
    "email": "james.whitfield@pinnacleventures.com",
    "status": "valid",
    "confidence": 95,
    "checks": {
        "syntax": true,
        "disposable": false,
        "roleAddress": false,
        "freeProvider": false,
        "mxRecords": true,
        "smtpCheck": true,
        "catchAll": false
    },
    "domainHealth": {
        "spf": true,
        "dkim": true,
        "dmarc": true
    },
    "mxHost": "mx1.pinnacleventures.com",
    "reason": null,
    "verifiedAt": "2026-03-25T09:14:33.012Z"
}

For a disposable address:

{
    "email": "test@mailinator.com",
    "status": "disposable",
    "confidence": 20,
    "checks": {
        "syntax": true,
        "disposable": true,
        "roleAddress": false,
        "freeProvider": false,
        "mxRecords": true,
        "smtpCheck": null,
        "catchAll": null
    },
    "mxHost": "mail.mailinator.com",
    "reason": "Disposable/temporary email provider",
    "verifiedAt": "2026-03-19T09:14:34.207Z"
}

For a dead domain:

{
    "email": "cfo@nonexistent-domain-xyz.com",
    "status": "invalid",
    "confidence": 5,
    "checks": {
        "syntax": true,
        "disposable": false,
        "roleAddress": false,
        "freeProvider": false,
        "mxRecords": false,
        "smtpCheck": null,
        "catchAll": null
    },
    "mxHost": null,
    "reason": "Domain has no MX records (cannot receive email)",
    "verifiedAt": "2026-03-19T09:14:35.441Z"
}

Output fields

Field	Type	Description
email	string	Normalized (lowercase, trimmed) email address
status	string	Final verdict: valid, invalid, risky, disposable, or unknown
confidence	number	Score from 0 (certainly invalid) to 95 (SMTP-confirmed, not catch-all)
checks.syntax	boolean	Passes RFC 5322 simplified regex validation
checks.disposable	boolean / null	Domain is in the MailChecker 55,000+ disposable provider list (null = not checked)
checks.roleAddress	boolean / null	Local part matches one of 59 role-based prefixes (null = not checked)
checks.freeProvider	boolean / null	Domain is a known free email provider (null = not checked)
checks.mxRecords	boolean	Domain returned at least one valid MX record in DNS
checks.smtpCheck	boolean / null	SMTP server accepted the RCPT TO command (null = not attempted or timed out)
checks.catchAll	boolean / null	Domain accepted a random nonexistent address — individual mailbox existence unconfirmable (null = not tested)
domainHealth.spf	boolean	Domain has a valid SPF record
domainHealth.dkim	boolean	Domain has a DKIM record (checks 6 common selectors)
domainHealth.dmarc	boolean	Domain has a DMARC policy
mxHost	string / null	Primary MX server hostname (lowest priority value)
reason	string / null	Human-readable explanation including informational flags (role-based, free provider) even for valid results
verifiedAt	string	ISO 8601 timestamp of verification

How much does it cost to verify emails?

Bulk Email Verifier uses pay-per-event pricing — you pay $0.005 per email verified. Platform compute costs are included in that price.

Scenario	Emails	Cost per email	Total cost
Quick test	10	$0.005	$0.05
Small list	500	$0.005	$2.50
Medium batch	5,000	$0.005	$25.00
Large batch	25,000	$0.005	$125.00
Monthly enterprise	100,000	$0.005	$500.00

You can set a maximum spending limit per run in your Apify account to control costs. The actor stops cleanly when your budget ceiling is reached — no surprise overruns.

Compare this to NeverBounce at $0.008/email ($800 for 100,000) or ZeroBounce at $0.004-$0.008/email with subscription tiers. With Bulk Email Verifier, most teams spend $25-125/month with no subscription commitment and no minimum volume.

Verify emails using the API

Python

from apify_client import ApifyClient

client = ApifyClient("YOUR_API_TOKEN")

run = client.actor("ryanclinton/bulk-email-verifier").call(run_input={
    "emails": [
        "james.whitfield@pinnacleventures.com",
        "sarah.chen@acmecorp.io",
        "test@mailinator.com",
        "info@betaindustries.net",
    ],
    "verificationLevel": "standard",
})

for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    status = item["status"]
    score = item["confidence"]
    print(f"{item['email']}: {status} ({score}% confidence)")
    if item.get("reason"):
        print(f"  Reason: {item['reason']}")

JavaScript

import { ApifyClient } from "apify-client";

const client = new ApifyClient({ token: "YOUR_API_TOKEN" });

const run = await client.actor("ryanclinton/bulk-email-verifier").call({
    emails: [
        "james.whitfield@pinnacleventures.com",
        "sarah.chen@acmecorp.io",
        "test@mailinator.com",
        "info@betaindustries.net",
    ],
    verificationLevel: "standard",
});

const { items } = await client.dataset(run.defaultDatasetId).listItems();
for (const item of items) {
    console.log(`${item.email}: ${item.status} (${item.confidence}% confidence)`);
    if (item.reason) {
        console.log(`  Reason: ${item.reason}`);
    }
}

cURL

# Start the verification run
curl -X POST "https://api.apify.com/v2/acts/ryanclinton~bulk-email-verifier/runs?token=YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "emails": [
      "james.whitfield@pinnacleventures.com",
      "sarah.chen@acmecorp.io",
      "test@mailinator.com"
    ],
    "verificationLevel": "standard"
  }'

# Fetch results when run completes (replace DATASET_ID from the run response)
curl "https://api.apify.com/v2/datasets/DATASET_ID/items?token=YOUR_API_TOKEN&format=json"

How Bulk Email Verifier works

Stage 1: Input normalization and domain grouping

Before any network call, the actor deduplicates the input by converting every address to lowercase and trimming whitespace, then building a Set to eliminate duplicates. It then groups addresses by domain using a Map<string, string[]>. This grouping is the foundation for MX and catch-all caching — all addresses at company.com share the same DNS lookup result and catch-all test outcome, which cuts DNS queries dramatically for enterprise-format lists.

Stage 2: Static checks (Standard and Deep modes)

The actor runs three in-memory checks with no network calls: syntax validation against an RFC 5322 simplified regex, disposable domain detection via the MailChecker library (55,000+ domains, updated with each actor build), role-based prefix matching against 64 functional patterns, and free provider matching against 60+ consumer email services. These checks complete in microseconds and eliminate a large fraction of invalid addresses before any DNS or SMTP work begins.

Stage 3: DNS MX resolution and domain health scoring

The actor resolves MX records for each unique domain with a 10-second DNS timeout to prevent stalls on unresponsive nameservers. Records are sorted by priority (ascending), and the lowest-priority exchange becomes the mxHost for all subsequent SMTP work. Results are cached per domain so the lookup runs once regardless of how many addresses share it. Domains that return no records, timeout, or throw DNS errors receive mxRecords: false, a confidence score of 5, and invalid status immediately.

In parallel, the actor checks domain health by querying DNS TXT records for SPF, DMARC, and DKIM (testing 6 common DKIM selectors: google, default, selector1, selector2, k1, s1). Results are cached per domain and returned as the domainHealth object in the output.

Stage 4: SMTP mailbox probing via API relay (Deep mode only)

Because Apify cloud blocks outbound port 25, the actor offloads SMTP connections to a dedicated relay endpoint at apifyforge.com/api/smtp-verify. The relay server runs on IONOS infrastructure with port 25 open and a clean sending reputation. The actor POSTs { email, mxHost, timeoutSecs } with a bearer token and receives { result: "valid" | "invalid" | "unknown" }. The relay conducts a full SMTP handshake — EHLO, MAIL FROM, RCPT TO, QUIT — without transmitting any message body. A 250 response to RCPT TO maps to valid; a 5xx permanent rejection maps to invalid; anything else (timeout, 4xx greylisting, connection refused) maps to unknown.

Stage 5: Catch-all detection with per-domain caching (Deep mode only)

If the SMTP probe returns valid, the actor immediately tests whether the domain is catch-all by generating a random local part (verify-test- + 12 random alphanumeric characters) and running it through the same SMTP relay. If the server accepts this provably nonexistent address, the domain is flagged as catch-all and cached in a module-level Map. All addresses on a catch-all domain receive confidence 50 and status unknown. A 500ms delay separates the real address probe from the catch-all probe to avoid triggering connection-rate limits on the same MX server.

Stage 6: Confidence scoring and status classification

Confidence is a deterministic integer computed from the check results. The scoring table: invalid syntax → 0, no MX → 5, disposable → 20, SMTP rejected → 10, SMTP valid + catch-all domain → 50, SMTP valid + catch-all unknown → 80, SMTP valid + not catch-all → 95, MX exists no SMTP → 70 (minus 5 for role-based, minus 5 for free provider). Status thresholds: valid at confidence >= 70, risky at >= 30, invalid below 30. Special cases override thresholds: disposable status regardless of score, unknown status if catch-all is confirmed, invalid if SMTP explicitly rejected.

Tips for best results

1. Use Standard mode as your default. It identifies disposable domains (the biggest list-quality problem), role addresses, dead domains, and free providers in under 30 seconds per 1,000 emails. Switch to Deep only for lists under 2,000 addresses where individual mailbox confirmation matters.

2. Filter on confidence, not just status. A valid result with confidence 60 (MX exists, role-based free provider) is lower quality than a valid result with confidence 95 (SMTP confirmed). Use confidence >= 80 as your quality threshold for high-stakes outreach lists.

3. Watch for unknown status on catch-all domains. These are not invalid — the domain exists and accepts mail — but you cannot confirm the specific mailbox. Treat them as "send at your own risk" and segment them separately in your outreach tool.

4. Pair with Email Pattern Finder. Use Email Pattern Finder to predict addresses for target companies, then run those predictions through this actor to confirm deliverability before outreach. This two-step flow eliminates guesswork from cold email.

5. Schedule weekly for CRM hygiene. Set a recurring Apify schedule to export your CRM list monthly, run it through this actor, and flag contacts with invalid or disposable status. At $0.005/email, cleaning a 20,000-contact database monthly costs $100 — far cheaper than the deliverability damage from a single bad campaign.

6. Lower concurrency for mixed-domain enterprise lists. If your list contains many addresses at large corporate domains (Microsoft, Salesforce, etc.), those servers actively rate-limit SMTP probes. Set maxConcurrency to 2 and smtpTimeout to 20 to give these servers time to respond without triggering throttles.

7. Use maxEmails to cap Deep mode runs. Set maxEmails to 2,000-5,000 for Deep mode to stay within the default 30-minute timeout. The actor stops cleanly at the cap and all results up to that point are saved. Run multiple smaller batches rather than one massive Deep run.

Combine with other Apify actors

Actor	How to combine
Website Contact Scraper	Scrape emails from business websites, then pipe the output directly into this actor to verify every address before outreach
Email Pattern Finder	Discover a company's email naming pattern, generate candidate addresses, then verify which ones are deliverable
Google Maps Email Extractor	Extract local business contact emails from Google Maps listings, then verify deliverability before adding to CRM
Waterfall Contact Enrichment	Add a final verification gate after multi-source enrichment — only mark contacts as complete when the email passes verification
HubSpot Lead Pusher	Chain after verification — push only valid and risky (confidence >= 80) results into HubSpot; skip invalids and disposables
B2B Lead Gen Suite	Use as the final quality gate in the full B2B pipeline: scrape → enrich → verify → push
Website Tech Stack Detector	Identify companies using target technologies, find their emails via Website Contact Scraper, then verify before outreach
Lead Enrichment Pipeline	All-in-one Clay alternative: email discovery, verification, company research, and scoring in one run ($0.12/lead)
AI Outreach Personalizer	Generate personalized cold emails using your own OpenAI/Anthropic key — zero AI markup ($0.01/lead)
Intent Signal Tracker	Track buying signals: hiring, tech changes, funding, content updates. Prioritize outreach by intent score ($0.05/company)
Lead Data Quality Auditor	Audit lead data quality before outreach — email verification, phone validation, domain freshness ($0.005/record)

Limitations

• SMTP verification is probabilistic, not deterministic. Mail servers do not guarantee honest responses to RCPT TO probes. Some use greylisting (temporary rejection of first-contact senders), which causes valid mailboxes to return unknown. Sending servers like Gmail and Microsoft 365 often return 250 regardless of mailbox existence.
• Catch-all domains are unresolvable at the mailbox level. When a domain accepts all addresses (including random strings), this actor cannot confirm whether a specific mailbox exists. These addresses receive unknown status with confidence 50. The only way to confirm these is to attempt delivery.
• Large provider SMTP blocking. Gmail, Yahoo, and Microsoft actively block or mislead SMTP probes from cloud IP addresses. Standard mode (MX + disposable + provider detection) is often more reliable than Deep mode for addresses at these providers because SMTP results are unreliable.
• No email content delivery. The actor confirms deliverability at the protocol level but cannot confirm the inbox is monitored, the recipient reads email, or the address is actively used for business communication.
• No bulk file import. Input must be a JSON array of strings. To verify from a CSV file, convert the relevant column to a JSON array first using Excel, Google Sheets, or a simple script.
• Role-based prefix list is English-language only. The 59 detected prefixes (info@, admin@, support@, etc.) reflect English-language conventions. Non-English role addresses (comercial@, soporte@, atendimento@) are not flagged.
• Deep mode is slower by design. SMTP handshakes take 2-15 seconds per address depending on server response time. Processing 10,000 emails on Deep mode takes 90-150 minutes. Use Standard mode for large lists and Deep mode for targeted high-value prospects only.
• No historical deliverability data. Verification reflects the state of the mailbox at the moment the actor runs. An address verified as valid today may bounce next week if the mailbox is deactivated. Schedule periodic re-verification for lists older than 90 days.

Integrations

• Zapier — trigger a verification run when new contacts enter a spreadsheet or form, then route valid results to your CRM automatically
• Make — build multi-step scenarios that verify emails at signup and branch workflows based on status (valid → welcome sequence, disposable → block)
• Google Sheets — export verification results directly to a shared sheet for team review; use conditional formatting to highlight invalid and disposable addresses
• Apify API — integrate email verification into any backend: call the API at user registration, after lead scraping, or before CRM import
• Webhooks — receive a POST callback when a verification run completes so your pipeline continues automatically
• LangChain / LlamaIndex — use verified contact data as a clean, reliable input for AI agents building lead summaries or outreach drafts

Troubleshooting

• High unknown rate in Deep mode despite valid-looking addresses — This typically means the mail servers are using greylisting or returning ambiguous responses. Large corporate domains (Microsoft 365, Google Workspace) are especially prone to this. Lower maxConcurrency to 2 and increase smtpTimeout to 20. If unknown rates remain above 30%, use Standard mode instead — SMTP results from these providers are not reliable enough to justify the extra time.

• unknown status for what should be valid corporate email — The domain may be catch-all. Check checks.catchAll in the result. A true value means the server accepts all addresses, so individual mailbox existence cannot be confirmed. This is not an error — it is accurate behavior. The email may still be deliverable; you are just working without certainty.

• Run taking longer than expected for a large list in Deep mode — Deep mode is intentionally rate-limited with 200ms delays between SMTP checks per domain, plus up to 10 seconds of SMTP timeout per address. A list of 1,000 emails in Deep mode realistically takes 10-20 minutes. For speed, switch to Standard mode, which completes the same list in under 60 seconds.

• Empty results or run errors — Verify that your input JSON has an emails field containing a non-empty array of strings. The actor returns an error log entry and exits cleanly if emails is missing or empty. Check the run log for the specific error message.

• SMTP checks returning all unknown — This can occur if the SMTP relay endpoint is temporarily unavailable. The actor falls back to unknown status for all SMTP results in that case rather than failing. Check the run log for SMTP API call failed warnings. If you see these consistently, contact support through the Issues tab.

Responsible use

• This actor only probes publicly accessible SMTP servers using standard protocol commands that do not deliver any message content.
• Verify email addresses only for recipients who have some legitimate prior relationship or clear opt-in expectation. Email verification does not create permission to contact.
• Comply with GDPR, CAN-SPAM, CASL, and other applicable data protection regulations when using verified addresses for outreach. Verification does not substitute for consent.
• Do not use verified email lists for spam, phishing, or any form of unsolicited bulk communication.
• For guidance on data collection and web scraping legality, see Apify's guide on web scraping legality.

FAQ

How many emails can I verify in one run? There is no hard limit per run. In practice, Standard mode handles 50,000+ emails comfortably within the 30-minute default timeout. Deep mode should be limited to 2,000-5,000 emails per run due to SMTP handshake time. For larger lists in Deep mode, split into multiple runs or increase the run timeout in your actor settings.

How accurate is bulk email verification with SMTP? Deep mode SMTP verification is accurate for roughly 60-70% of addresses — those at small-to-medium corporate domains that respond honestly to RCPT TO probes. For addresses at Gmail, Microsoft 365, Yahoo, and other large providers, SMTP probes are unreliable because these servers intentionally obfuscate mailbox existence. Standard mode is more consistently accurate across all provider types because it relies on definitive data (MX records, the MailChecker database) rather than mail server cooperation.

Does bulk email verification send any emails? No. The actor never transmits an email message. In Deep mode, it opens a TCP connection to the mail server's port 25 and exchanges only SMTP protocol commands — EHLO, MAIL FROM, RCPT TO, QUIT — to check mailbox existence at the protocol level. No message body or headers are ever sent. The connection is closed immediately after the RCPT TO response.

How is this different from NeverBounce or ZeroBounce? NeverBounce charges $0.008/email and ZeroBounce charges $0.004-$0.008/email, both with subscription commitments. This actor charges $0.005/email with no monthly minimum — pay only for what you verify. Beyond pricing, this actor runs inside the Apify platform, which means you can chain it with lead scraping actors, schedule it automatically, and pipe results to any integration without leaving the platform or writing glue code.

What does a risky status mean and should I email those addresses? A risky status means the email passed all structural checks (valid syntax, working MX records, not disposable) but has flags that reduce confidence. In practice, risky results are addresses at free providers with role-based local parts — for example, info@gmail.com. These will likely deliver but are low-value for B2B outreach. Use your own judgment based on the reason field, but expect higher bounce rates than from valid addresses.

How does catch-all detection work and why does it matter? Catch-all detection sends a randomly generated address (like verify-test-k7m2xp9q@domain.com) to the same mail server. If the server accepts this provably nonexistent address, the domain is catch-all — it accepts all incoming mail regardless of whether the mailbox exists. This matters because without catch-all detection, every address at a catch-all domain would appear SMTP-valid even if the specific mailbox does not exist. The actor flags these as unknown (confidence 50) rather than valid (confidence 95) to prevent false positives.

Can I schedule bulk email verification to run periodically? Yes. Apify's built-in scheduler lets you set recurring runs on daily, weekly, or monthly intervals. Configure your email list as the actor input and connect results to Google Sheets or a webhook. This is the recommended approach for keeping CRM lists clean — a weekly Standard-mode sweep of your active contacts takes minutes and costs pennies.

Is it legal to verify someone's email address? Probing an email address's deliverability via SMTP uses the same protocol that all mail servers use to route messages. There is no content transmitted and no data collected beyond what the mail server publicly advertises. Email verification is standard practice in email marketing and is explicitly supported by major ESPs. That said, using verified addresses for unsolicited outreach may violate CAN-SPAM, GDPR, or CASL depending on your jurisdiction and the recipient relationship. Verification does not create permission to contact. See Apify's guide on web scraping legality for broader context on data collection practices.

What free email providers does this actor detect? The actor detects 60+ consumer and ISP email domains including Gmail, Yahoo (all regional variants), Outlook, Hotmail, Live, MSN, AOL, iCloud, ProtonMail, Tutanota, Zoho, Yandex, Mail.ru, GMX, Fastmail, Hey, and regional providers including 163.com, QQ.com, Naver, and Daum.

What happens if I hit my spending limit mid-run? The actor checks your spending limit after each successfully verified email. When the limit is reached, the actor logs a warning and stops cleanly — results for all emails verified up to that point are already saved to the dataset. No partial results are lost. You can increase your spending limit and re-run with only the unverified addresses.

Can I use this actor with my existing lead generation workflow? Yes. The actor accepts a JSON array of email addresses and returns structured JSON output. Any tool that can call an HTTP API can trigger it and consume the results. For no-code integration, Zapier and Make both have native Apify connectors. For developer workflows, use the Python or JavaScript SDK examples above. For pipeline chaining, connect the output directly from actors like Website Contact Scraper or Email Pattern Finder.

How long does a typical bulk email verification run take? Standard mode: approximately 30 seconds per 1,000 emails (dominated by DNS MX resolution, which is cached per domain). Basic mode: similar or slightly faster. Deep mode: 5-15 minutes per 1,000 emails depending on mail server response times, with SMTP timeouts of 10 seconds (default) per address and a 200ms inter-email delay for rate limiting.

Can I limit how many emails are verified in a single run? Yes. Set the maxEmails parameter to cap the number of emails processed. This is useful for Deep mode where large lists may exceed the run timeout. The actor stops cleanly at the cap and saves all results verified up to that point. Set to 0 (default) for no limit.

What is domain health scoring and why does it matter? Domain health scoring checks whether a domain has SPF, DKIM, and DMARC records configured. These are email authentication standards that legitimate businesses use to prevent spoofing. A domain missing all three is more likely to be abandoned, poorly maintained, or a temporary setup. For outreach teams, domain health is a signal of sender legitimacy — emailing someone at a domain with strong authentication is less likely to trigger spam filters on your end.

Where can I find summary statistics for a completed run? Aggregate counts (total verified, valid, invalid, disposable, average confidence) are saved to the run's Key-Value Store under the SUMMARY key. Access it via the API or the Storage tab in the Apify console. This is useful for monitoring verification quality over time or integrating summary metrics into dashboards.

Help us improve

If you encounter issues, you can help us debug faster by enabling run sharing in your Apify account:

1. Go to Account Settings > Privacy
2. Enable Share runs with public Actor creators

This lets us see your run details when something goes wrong, so we can fix issues faster. Your data is only visible to the actor developer, not publicly.

Support

Found a bug or have a feature request? Open an issue in the Issues tab on this actor's page. For custom solutions or enterprise integrations, reach out through the Apify platform.