SaaS|Product Engineer / Growth Engineer

Email Address Validation & Risk Scoring

Validate email addresses at signup to reduce fraud, bounce rates, and fake accounts

Invalid and disposable email addresses cost businesses through fake signups, high bounce rates, and fraud. EdgeDNS validates email addresses at the DNS level — checking MX records, mail server health, domain age, and email authentication — to score risk before accounts are created.

The Challenge

Fake and disposable email signups inflict hidden costs: inflated user counts that mislead product metrics, high bounce rates that damage sender reputation, fraud from throwaway accounts, and wasted onboarding resources. Simple regex validation catches format errors but misses disposable domains, domains with no mail servers, and recently registered domains used for fraud.

The Solution

Use EdgeDNS email validation to perform deep DNS-level checks at the point of signup. Verify the domain has valid MX records, check mail server health and reachability, assess domain age and trust score, and validate email authentication setup — all in a single API call or composable pipeline.

Endpoints Used

Combine these EdgeDNS endpoints to build this solution.

GET

/v1/email/validateTry in Playground

Email Validate: Comprehensive email validation with DNS checks and risk scoring

GET

/v1/dns/mxTry in Playground

MX Records: Verify mail servers exist and identify the email provider

GET

/v1/dns/mx-healthTry in Playground

MX Health: Check mail server connectivity and redundancy

GET

/v1/score/emailTry in Playground

Email Score: Get overall email domain security grade (A-F)

GET

/v1/domain/whoisTry in Playground

WHOIS Lookup: Check domain age to flag newly registered throwaway domains

Results You Can Achieve

Disposable-email detection on signup

Block known disposable and recently-registered domains before they enter your CRM.

MX existence and TLS check per address

Hard-bounce risk avoidable when the recipient domain has no MX or no TLS — scored on every validation.

Composite risk score per address (0–100)

Domain age, MX validity, role-account heuristics, and reputation combine into a single risk score for signup-flow gating.

Code Example

Email validation at signup

javascript

async function validateSignupEmail(email) {
  const domain = email.split('@')[1];

  // Primary validation via email validate endpoint
  const validation = await fetch(
    `https://api.edgedns.dev/v1/email/validate?email=${email}`,
    { headers: { 'Authorization': 'Bearer YOUR_API_KEY' } }
  ).then(r => r.json());

  // If basic validation fails, reject immediately
  if (!validation.data.is_valid) {
    return { allowed: false, reason: validation.data.reason };
  }

  // Deep check: domain age and email security
  const [whois, emailScore] = await Promise.all([
    fetch(`https://api.edgedns.dev/v1/domain/whois?domain=${domain}`),
    fetch(`https://api.edgedns.dev/v1/score/email?domain=${domain}`),
  ].map(p => p.then(r => r.json())));

  const riskFactors = [];
  if (validation.data.is_disposable) riskFactors.push('Disposable email provider');
  if (whois.data.domain_age_days < 30) riskFactors.push('Domain registered < 30 days ago');
  if (validation.data.is_free_provider) riskFactors.push('Free email provider');

  const gradeRank = { 'A': 1, 'B': 2, 'C': 3, 'D': 4, 'F': 5 };
  if (gradeRank[emailScore.data.grade] > gradeRank['C']) {
    riskFactors.push('Poor email authentication');
  }

  return {
    allowed: riskFactors.length < 2,
    email,
    riskFactors,
    riskLevel: riskFactors.length === 0 ? 'low' : riskFactors.length < 2 ? 'medium' : 'high'
  };
}