Email Validation API: Stop Bounce Rates Before They Kill Your Deliverability
title: "Email Validation API: Stop Bounce Rates Before They Kill Your Deliverability" slug: email-validation-api-bounce-rates excerpt: "High bounce rates destroy email deliverability. Learn how to validate emails programmatically before sending, using an Email Validation API." meta_description: "Learn how to use an Email Validation API to reduce bounce rates, protect sender reputation, and improve email deliverability. Code examples in Node.js, Python, and PHP." meta_keywords: "email validation api, email verification api, reduce bounce rate, email deliverability, validate email programmatically, check email exists"
Email Validation API: Stop Bounce Rates Before They Kill Your Deliverability
Email marketing and transactional email are only as good as the list you're sending to. A 5% bounce rate can get your domain blacklisted. A 10% bounce rate will get your account suspended by any major ESP. And the worst part? Most of those bounces are preventable.
The solution is simple: validate emails before they enter your system. In this guide, we'll walk through how to use an Email Validation API to clean your list in real time — at signup, at import, or in bulk.
Why Email Bounce Rates Destroy Deliverability
When you send email to an address that doesn't exist, the receiving mail server returns a bounce. There are two types:
- Hard bounces: The address doesn't exist, the domain doesn't accept email, or the mailbox is permanently unavailable
- Soft bounces: Temporary issues — full mailbox, server down, etc.
Hard bounces are the dangerous ones. ISPs like Gmail, Outlook, and Yahoo track your bounce rate. Once you cross ~2%, they start filtering your emails to spam. At 5%+, they may block you entirely.
Most email service providers (Mailchimp, SendGrid, Postmark) will suspend your account if your bounce rate gets too high. Recovering a damaged sender reputation takes months.
What Does an Email Validation API Check?
A proper email validation API goes beyond just checking if an email has an @ sign. Here's what it actually validates:
| Check | What it does |
|-------|-------------|
| Syntax validation | Is the email format valid? |
| Domain check | Does the domain exist and have MX records? |
| Disposable detection | Is it a throwaway address (Mailinator, Guerrilla Mail, etc.)? |
| Role-based detection | Is it a generic address like admin@, noreply@, info@? |
| SMTP verification | Does the mailbox actually exist on the mail server? |
The SMTP verification is the most powerful — it pings the mail server directly and asks "does this mailbox exist?" without actually sending a message.
Using ToolCenter's Email Validation API
ToolCenter's Email Validation API handles all of the above in a single request. Here's how to use it:
Basic Request
curl -X POST "https://api.toolcenter.dev/v1/email-validate" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email": "[email protected]"}'
Response
{
"email": "[email protected]",
"valid": true,
"format_valid": true,
"domain_valid": true,
"mx_found": true,
"disposable": false,
"role_based": false,
"smtp_valid": true,
"score": 98,
"suggestion": null
}
The score field (0–100) gives you a confidence rating. We recommend rejecting anything below 50 and flagging anything between 50–80 for review.
The suggestion field catches typos — if someone types [email protected], you'll get "suggestion": "[email protected]" so you can prompt them to correct it.
Real-World Integration Examples
Node.js — Validate at Signup
const response = await fetch('https://api.toolcenter.dev/v1/email-validate', {
method: 'POST',
headers: {
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
},
body: JSON.stringify({ email: req.body.email })
});
const result = await response.json();
if (!result.valid || result.disposable) {
return res.status(400).json({
error: result.disposable
? 'Disposable email addresses are not allowed.'
: 'Please enter a valid email address.',
suggestion: result.suggestion
});
}
// Safe to proceed with registration
await createUser(req.body.email);
Python — Bulk List Cleaning
import requests
import csv
API_KEY = "YOUR_API_KEY"
URL = "https://api.toolcenter.dev/v1/email-validate"
valid_emails = []
invalid_emails = []
with open("email_list.csv") as f:
reader = csv.reader(f)
for row in reader:
email = row[0].strip()
response = requests.post(URL,
headers={"Authorization": f"Bearer {API_KEY}"},
json={"email": email}
)
result = response.json()
if result["valid"] and not result["disposable"] and result["score"] >= 70:
valid_emails.append(email)
else:
invalid_emails.append({
"email": email,
"reason": "disposable" if result["disposable"] else "invalid",
"score": result["score"]
})
print(f"Valid: {len(valid_emails)}, Removed: {len(invalid_emails)}")
PHP — Laravel Form Validation
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;
public function register(Request $request)
{
$request->validate([
'email' => 'required|email',
'name' => 'required|string',
]);
$validation = Http::withToken(config('services.toolcenter.key'))
->post('https://api.toolcenter.dev/v1/email-validate', [
'email' => $request->email
])->json();
if (!$validation['valid'] || $validation['disposable']) {
return back()->withErrors([
'email' => $validation['suggestion']
? "Did you mean {$validation['suggestion']}?"
: 'Please provide a valid email address.'
]);
}
// Proceed with user creation...
}
When to Validate: A Decision Framework
Validate in real time (at signup/input):
- Registration forms
- Newsletter subscriptions
- Lead capture forms
- Checkout email fields
Validate in bulk (before campaigns):
- Imported lists from old databases
- Lists from lead gen tools
- Lists you haven't emailed in 6+ months
- Any list you purchased (please don't buy lists)
Skip validation (low risk):
- Internal company tools where you control the user base
- Forms where users are already authenticated
The ROI of Email Validation
Let's put some numbers on this. Assume you have a list of 50,000 emails and you're paying $0.001/email to send (typical for SendGrid/Postmark):
| Scenario | Bounces | Cost | Deliverability | |---------|---------|------|----------------| | No validation | 5,000 (10%) | $50 + reputation damage | Degraded | | With validation | ~200 (0.4%) | $50 + $15 validation cost | Healthy |
You save your sender reputation — which is worth far more than the $15 validation cost. Once your domain is blacklisted, you're looking at weeks of recovery, new domain setup, and lost revenue from emails that go to spam.
Handling Edge Cases
Role-based addresses
admin@, info@, support@, noreply@ are valid addresses but they're often not read by a real person. Whether you accept them depends on your use case:
- B2B lead gen: You probably want them
- Newsletter signups: Skip them — they rarely engage
if (result.role_based && useCase === 'newsletter') {
return { error: 'Please use your personal email address.' };
}
Catch-all domains
Some domains accept all email regardless of whether the mailbox exists (they "catch all" undeliverable mail). This makes SMTP verification impossible. The API flags these with "catch_all": true. For catch-all domains, fall back to domain and syntax validation only.
International email addresses
The API handles internationalized domain names (IDN) like user@münchen.de and non-ASCII local parts. Just pass them through as UTF-8.
Best Practices
- Validate at entry, not at send time — the earlier you catch bad emails, the cheaper it is
- Show typo suggestions —
gmial.com→gmail.comrecovers legitimate signups you'd otherwise lose - Don't block role-based emails unconditionally — context matters
- Re-validate old lists — email addresses go stale. A list that was 95% deliverable 2 years ago might be 80% deliverable today
- Monitor your bounce rate continuously — even with validation, some bad addresses will slip through
Getting Started
Email Validation is available on all ToolCenter plans including the free tier (100 requests/month). The API response is fast — typically under 300ms for syntax/domain checks, up to 2 seconds when SMTP verification is included.
View the Email Validation API docs →
Start with your signup form. That's where 80% of bad emails enter your system, and it's the easiest place to add a single API call that protects your entire deliverability infrastructure.