Instantly verify if an email address is real, disposable, or fake. Detect spoofed domains, throwaway accounts, invalid domains, and suspicious patterns.
The Fake Email Address Checker verifies whether an email address is syntactically valid, uses a real domain with MX records, and shows signs of being disposable or typosquatted.
Use it to validate signup forms, investigate suspicious senders, or check if an address is likely fraudulent.
Checks domain existence, MX records, SPF, and DMARC configuration.
Flags known throwaway and temporary email providers.
Detects domains that resemble major brands with small character changes.
Composite score from syntax, DNS, and reputation signals.
Paste the full address including the @domain portion.
Checks RFC-compliant format and extracts the domain.
Looks up MX, SPF, and DMARC for the domain.
Returns Likely Legitimate, Suspicious, or Likely Fake with per-check details.
Valid syntax, real domain with MX, not disposable, no typosquat signals.
Some checks failed or raised concerns, investigate further before trusting.
Invalid syntax, no MX, disposable provider, or strong typosquat match.
0-100 based on syntax, DNS, disposable, and typosquat checks.
Per-check Pass/Fail/Info rows with explanations.
MX hosts, SPF presence, and DMARC policy for the domain.
Reject signup attempts from known throwaway providers at the form level.
Addresses from paypal-secure.com-style domains are common in phishing.
Use the Email Header Analyzer for full authentication context on received mail.
A valid MX does not prove the specific mailbox exists, only that the domain accepts mail.
No. It checks domain-level DNS (MX, SPF, DMARC) but cannot confirm the specific user mailbox is active.
Temporary addresses from services like Mailinator used to bypass verification or hide identity.
Domains deliberately similar to brands (e.g., g00gle.com) used for phishing or fraud.
Individual checks may flag free providers in certain contexts, review the specific check rows.
SenderSignal monitors these signals continuously: 48 blacklists, SPF, DKIM, DMARC, TLS and more, with alerts in Slack, email and signed webhooks.