Pricing

from $1.50 / 1,000 websites

Email Domain Blacklist Checker

Check any domain against email blacklists (Spamhaus, SURBL, SpamCop, Barracuda, and more) and validate SPF, DMARC, and MX records in seconds, with no API keys required. Essential for who need to know whether a domain is clean before sending email from it, migrating to it, or purchasing it.

Pricing

from $1.50 / 1,000 websites

Rating

0.0

(0)

Developer

Trove Vault

Actor stats

Bookmarked

Total users

Monthly active users

7 days ago

Last modified

What does Email Domain Blacklist Checker check?

Domain-based blacklists

Domain blacklists check the domain name itself — used by spam filters to block known spam and phishing sources at the URL level.

List	Description
SURBL Multi	Aggregated spam URL intelligence used by Postfix, SpamAssassin, and major cloud email providers.
URIBL Multi	Broad-coverage spam domain list integrated into many spam filtering systems.
NordSpam DBL	Domain block list maintained by NordSpam, focused on spam-sourced domains.
MSRBL Phishing	Phishing-specific domain list sourced from Microsoft Research threat intelligence.
MSRBL Spam	Spam-specific domain list sourced from Microsoft Research threat intelligence.

IP-based blacklists

The actor resolves the domain to its IP address(es), then checks each IP independently against 8 blacklists. A single IP can appear on multiple lists.

List	Description
SpamCop	Crowd-sourced spam reporting network. Listings are based on user reports of spam received.
SORBS	Spam and Open Relay Blocking System. Multi-zone list covering spam sources, open relays, and proxies.
Barracuda	Barracuda Networks reputation database. Used by Barracuda email security appliances deployed in thousands of businesses.
UCEProtect L1	Individual IP-level spam blacklist. L1 is the most targeted and specific level.
Blocklist.de	Aggregates brute-force attack reports, spam relays, and abuse reports from honeypots and community sensors.
PSBL	Passive Spam Block List — uses spam traps to identify actively spamming IPs.
Manitu	German-based spam blacklist with strong adoption in European mail infrastructure.
SPFBL	SPF-based block list that flags IPs actively violating their own SPF policy.

Email authentication records

Beyond blacklists, the actor validates four key email authentication records checked by receiving mail servers before deciding whether to deliver, quarantine, or reject your message.

Record	What it validates
MX	Does the domain have a mail server configured? Without MX records, a domain cannot receive email.
SPF	Is the domain authorised to send email? Missing or misconfigured SPF causes many servers to treat messages with suspicion.
DMARC	Is the domain protected against email spoofing and impersonation? A missing or `none` policy leaves the domain open to phishing abuse.
PTR / rDNS	Does each sending IP reverse-resolve to a hostname? Many mail servers require valid PTR records and will soft-reject IPs that fail this check.

What can I do with Email Domain Blacklist Checker?

Before sending a cold email campaign

A single blacklist listing on SURBL or Barracuda can cause your entire campaign to land in spam — or get rejected outright. Run this actor against your sending domain before any outreach. If it returns isClean: false, investigate and request delisting before sending.

Buying an expired domain for email

Expired domains are often sold after their previous owners used them for spam. Run this actor before purchasing any domain you plan to send email from. Check not just the domain blacklists but also the SPF and DMARC configuration — a domain with suspicious existing DNS records may have been abused recently.

Email deliverability audit

Unexplained drops in email open rates are often caused by blacklisting that went unnoticed. Run this actor against all your active sending domains to catch new listings before they compound into major deliverability problems.

Benchmarking competitors' email infrastructure

Run this actor across a list of competitor domains to see how they've configured SPF, DMARC, and PTR records. Useful for understanding industry best practices or identifying competitors with weak email security posture.

Sysadmin and postmaster monitoring

Schedule the actor on a weekly cadence against your company's mail domain. Early detection of a blacklisting means you can act — request delisting, investigate a compromised account, or rotate IPs — before the problem impacts deliverability. Weekly scheduling is recommended for active sending domains.

Domain migration

Before migrating email infrastructure to a new domain or a new IP range, verify both are clean and correctly configured. A new domain that is already on a blacklist from a previous owner's abuse can take weeks to get delisted.

Why use Email Domain Blacklist Checker instead of alternatives?

Feature	MXToolbox / mail-tester.com	Email Domain Blacklist Checker
Bulk checking	One domain at a time	Any number of domains in one run
API access	Web UI only or paid tier	Full Apify API access, webhooks, scheduling
Authentication checks	Partial	SPF, DMARC, MX, and PTR in one result
Export formats	Web UI only	JSON, CSV, Excel
Scheduling	Manual	Automated via Apify Scheduler
Cost	Free tier limited, paid for bulk	Near-zero cost (pure DNS queries)

How to use Email Domain Blacklist Checker

Add one or more domains in the Domains to Check input — any format works (example.com, https://example.com, www.example.com)
Click Start
Results appear in the dataset within seconds — all 13 blacklist checks run in parallel

No API keys. No proxy needed. No browser — pure DNS queries.

How much will it cost?

Email Domain Blacklist Checker uses only parallel DNS queries — no browser, no proxy, no external API fees.

Typical costs:

1–10 domains: < $0.01
100 domains: < $0.05
1,000 domains in a single run: < $0.20

Cost tips:

Run on a weekly schedule to stay current without significant accumulated cost
No proxy is ever needed — DNS queries work from any IP

See the Apify pricing page for full pricing details.

How does Email Domain Blacklist Checker work?

All 13 blacklist checks run as parallel DNS queries using Node's built-in DNS resolver — no third-party APIs, no proxies, no browser.

Domain-based lookup: the actor constructs a DNS query in the form {domain}.{blacklist} and checks for an A record response. Any A record = listed. NXDOMAIN = not listed. A timeout or unreachable server returns null.

IP-based lookup: the actor first resolves the domain to its A records, then for each IP reverses the octets and queries {reversed-ip}.{blacklist}. For example, 1.2.3.4 becomes 4.3.2.1.bl.example.com.

Authentication records: standard DNS lookups for TXT records on the domain (_spf, _dmarc) and PTR lookups on each resolved IP.

All checks complete in under 10 seconds per domain because they run concurrently.

Output fields

Field	Description
`domain`	The domain checked
`isClean`	`true` if not found on any blacklist
`totalFlagged`	Number of blacklists that flagged this domain
`flaggedLists`	Names of all blacklists that returned a match
`resolvedIps`	IPv4 addresses the domain resolves to
`ptrRecords`	Reverse DNS (PTR) record per IP
`hasMx`	`true` if at least one MX record exists
`mx`	MX records with exchange and priority
`hasSpf`	`true` if a valid SPF record was found
`spf`	Full SPF record value
`hasDmarc`	`true` if a DMARC record exists
`dmarc`	Full DMARC record value
`dmarcPolicy`	Extracted DMARC policy: `none`, `quarantine`, or `reject`
`domainBlacklists`	Per-list result for domain-based checks
`domainBlacklistCount`	Number of domain-based blacklist hits
`ipBlacklists`	Per-IP, per-list result for IP-based checks
`ipBlacklistCount`	Total IP-based blacklist hits across all IPs

Understanding the results

What does `isClean: false` mean?

Being listed on a blacklist does not always mean your emails will be blocked. The impact depends on which list and which mail servers your recipients use:

SURBL / URIBL — used in content-based filters by SpamAssassin and major cloud providers. May cause spam folder placement or outright rejection.
Barracuda / SORBS — widely deployed in corporate environments. Affects B2B email more than consumer addresses.
SpamCop — crowd-sourced reporting. Listings expire automatically once reports stop, but active listings affect deliverability with many providers.
UCEProtect L1 / PSBL / Manitu — more conservative lists with lower universal adoption. Impact depends heavily on recipient infrastructure.

DMARC policy levels

none — monitoring only. No enforcement. Emails from unauthorised senders are not rejected. The domain is vulnerable to spoofing.
quarantine — suspicious emails are sent to the spam folder.
reject — suspicious emails are rejected outright. Strongest protection against domain impersonation.

`null` values in blacklist results

A null result for a specific list means the server was unreachable or timed out during the check — not that the domain is listed or clean. This is common for some smaller lists. Retry the run if you need a definitive answer for that specific list.

Frequently asked questions

How do I get my domain removed from a blacklist? Each blacklist has its own delisting process. SpamCop listings expire automatically within 24–48 hours of inactivity. Barracuda has a free self-service delisting form. For others, fix the root cause (compromised account, open relay, etc.) before submitting a delisting request.

How long does it take to get delisted? SpamCop listings expire automatically within 24–48 hours of inactivity. Some smaller lists like UCEProtect may require payment for expedited removal. Always fix the root cause before requesting removal.

My domain is clean but emails still go to spam — why? Blacklist status is one factor. Others include low sender reputation at the specific provider, missing DKIM, sending to stale addresses that trigger spam traps, or low engagement rates. Use the Domain Security Scanner to rule out active malware or phishing associations.

Can I check multiple domains at once? Yes. Add as many domains as needed to the Domains to Check input. All 13 checks per domain run in parallel, and domains are processed sequentially.

Does this check DKIM? No. DKIM uses a selector-based DNS query ({selector}._domainkey.{domain}) and requires knowing the selector in advance, which varies by email provider. This actor checks SPF and DMARC, which are standardised and selector-independent.

Does this actor send any test emails? No. All checks are passive DNS queries and do not involve any email sending or SMTP connections.

How often should I schedule this actor? Weekly for active sending domains. If you've recently recovered from a spam incident, run it daily for 2–4 weeks to confirm delisting has held. For domain acquisition research, run it once per candidate domain.

Can I use Email Domain Blacklist Checker via the Apify API? Yes. Use the Run Actor endpoint with your actor ID and input JSON. Combine with webhooks to alert your team automatically when isClean: false is detected.

Can I use Email Domain Blacklist Checker through an MCP Server? Yes. Via the Apify MCP server, you can call this actor from any MCP-compatible AI assistant (Claude, ChatGPT, etc.) to check domains in real time from a conversation.

Is checking email blacklists legal? Yes. All checks are passive DNS queries against public blacklist databases — the same method used by every mail server on the internet. No data is sent to the checked domains.

Domain Security Scanner — scans for active threats in real time: URLHaus malware, ThreatFox IOCs (last 30 days), PhishTank phishing database, and Sucuri multi-vendor blacklist scan
Domain History Checker — full historical footprint: RDAP registration data, Wayback Machine history, URLHaus and ThreatFox malware/IOC records, and risk scoring
Domain Ownership Checker — bulk RDAP lookup: registration date, expiry, registrar, availability, and lifecycle status flags

Changelog

2026-03-05 — v0.1.4

Removed Spamhaus DBL (domain) and Spamhaus ZEN (IP) — both return positive results for all domains when queried from unauthorized datacenter IPs (anti-harvesting measure), causing false positives on every run
Now checks 13 lists (5 domain-based, 8 IP-based) — all verified to work correctly without paid authorization

2026-03-05 — v0.1.0

Initial release
13 blacklist checks via native DNS queries — no API keys required
All checks run in parallel — full results in under 10 seconds per domain
SPF, DMARC, MX, and PTR record validation included
Advisory warnings logged for missing SPF, missing DMARC, and DMARC none policy

Your feedback

Found a bug or have a feature request? Open an issue or contact us through the Apify platform. Your feedback helps improve this actor for everyone.

Domain History Checker

trovevault/domain-history-checker

Research the full history of any domain: how old it is, what content it used to host, whether it was ever used for malware or spam, and whether it has any blacklist flags. Essential for domain buyers, SEO professionals, and more who need to do due diligence before acquiring an expired domain.

Trove Vault

Email List Hygiene

trovevault/email-list-hygiene

Validate and clean email lists before sending campaigns. Checks format validity, MX records, disposable domains, role-based addresses, and domain blacklists — with one record per email and full breakdown of every check performed.

Trove Vault

Domain Lookup Tool

cerebral_aluminum/domain-lookup

Bulk DNS analysis. A records, MX, nameservers, hosting provider, email provider, SPF/DMARC status for any domain.

Benny

Email Address Checker

powerai/email-address-checker

Validate and assess email addresses. Check format, domain MX records, SMTP validity, and get deliverability status.

PowerAI

Supernet Domain Health - Email Reputation Audit

superlativetech/supernet-domain-health

Email authentication and deliverability audit for any domain. Checks SPF, DKIM, DMARC, MX, blacklists, SSL, WHOIS, BIMI, MTA-STS — returns a 0-100 health score with actionable fixes. Sending or receiving mode. Batch thousands or query one via instant API.

Superlative

Domain Lookup

greip/domain-lookup

Lookup and analyze domain names and retrieve detailed information including security status, email authentication records (SPF, DMARC, DKIM, MX, BIMI), creation date, and risk assessment. Perfect for domain verification, fraud prevention, and security analysis.

Greip

DNS Record Lookup - MX, A, TXT, DMARC & SPF Check

ryanclinton/dns-record-lookup

Look up DNS records for any domain in bulk -- A, AAAA, MX, NS, TXT, CNAME, and SOA -- with built-in email security analysis for SPF, DMARC, and DKIM. Process hundreds of domains in parallel, get structured JSON output, and integrate results into any pipeline via the Apify API.

ryan clinton

Bulk Domain Checker

kawsar/bulk-domain-checker

Bulk domain checker that extracts domain availability status across 80+ extensions so you can find unregistered names fast. A powerful domain finder tool that helps you secure the best domain for your business or personal website.