Trumailo
v0.4 · open source · free during beta

Eight checks.
Ten milliseconds.

Trumailo runs every signal that decides whether your email arrives, then tells you what it learned and how confident it is. Real SMTP handshake. Catch-all probe. Provider mapping. Cached responses under ten milliseconds.

Get an API key Read the source
< 10ms
cached p95
8signals
per address
30kdomains
disposable list
trumailo · verify
live
$trumailo verify
// returns 8 signals in single-digit ms, JSON ready to gate your send
// 5 free verifications per hour per IP
kowalski@stripe.com·deliverable8ms
lana.tisdale@anthropic.com·deliverable11ms
info@vercel.com·role address14ms
asad@temp-mail.org·disposable6ms
elena.ivanov@yandex.ru·deliverable142ms
rajesh@catchall-domain.net·catch-all89ms
ops@signaltech.io·deliverable9ms
bilal@gnail.com·did you mean gmail?4ms
noreply@n0tarealdomain.dev·undeliverable32ms
marcus@duolingo.com·deliverable7ms
claire@protonmail.com·deliverable24ms
alex@127.0.0.1·invalid format1ms
kowalski@stripe.com·deliverable8ms
lana.tisdale@anthropic.com·deliverable11ms
info@vercel.com·role address14ms
asad@temp-mail.org·disposable6ms
elena.ivanov@yandex.ru·deliverable142ms
rajesh@catchall-domain.net·catch-all89ms
ops@signaltech.io·deliverable9ms
bilal@gnail.com·did you mean gmail?4ms
noreply@n0tarealdomain.dev·undeliverable32ms
marcus@duolingo.com·deliverable7ms
claire@protonmail.com·deliverable24ms
alex@127.0.0.1·invalid format1ms
Deliverability signals

Every signal that decides
whether you bounce.

Most verifiers stop at format and MX. We go all the way to the recipient’s SMTP server, then surface the verdict, the reason, and the confidence in one flat JSON envelope.

  • Format and RFC-correctness checks
  • MX lookup, cached per domain
  • Real SMTP RCPT TO handshake to the recipient server
  • Catch-all probe with a single canary address
  • Role detection (admin@, info@, noreply@…)
  • Disposable provider list, 30k+ domains, refreshed daily
  • Provider mapping from the MX chain (Google, Microsoft 365, Yahoo, Zoho, Proton)
  • Levenshtein typo suggestions for the long tail of fat-fingered domains
response.json200 OK
{
"email": "casey@anthropic.com",
"status": "deliverable",
"quality_score": 96,
"confidence": 0.98,
"response_ms": 9,
"provider": "Google Workspace",
"checks":: {
"syntax":yes
"mx":yes
"smtp":yes
"catch_all":no
"disposable":no
"role":no
},
"reason": "verified via real SMTP handshake"
}
Speed budget

Single digits or
it’s a bug.

Three layers, optimised for the path most requests actually take. Cached lookups complete in single-digit milliseconds. Heavy SMTP work runs async on a NATS queue without blocking your response. Result hashes get stored, never the raw addresses.

layer 01< 1ms

Validate

Regex, MX, disposable list, role detection

Pure in-memory checks. Returns instantly. No network calls.

layer 02< 10ms

Cache

MX, provider, reputation lookups

Redis-backed. 6 to 24 hour TTLs per signal class. Sub-10ms p95.

layer 030.5–3s

Deep verify

Real SMTP RCPT TO, catch-all probe

Async via NATS. Webhook fires when the verdict is ready.

Drop-in

One header.
One POST.

Sits in front of every outbound send. Any language, any framework, any queue. Provider-agnostic — works alongside Resend, Postmark, SendGrid, SES, Mailgun, and anything else that takes an SMTP address.

Try the playground Read the API reference 
curl -X POST https://api.trumailo.com/v1/verify \
  -H "Authorization: Bearer tm_•••" \
  -H "Content-Type: application/json" \
  -d '{"email": "you@launch-day.com"}'
Plugs in alongside the email stack you already runprovider-agnostic · 7 + ESP integrations
ResendPostmarkSendGridAWS SESMailgunLoopsCustomer.io
Honest answers

The questions
everyone asks.

Plus a few we wish more people would. Ask us anything.

What checks do you actually run?

Eight per address. Syntax, MX, SMTP RCPT TO handshake, catch-all probe via canary, role detection, disposable list, provider mapping, and Levenshtein typo suggestions. Cached responses are sub-10ms; full SMTP is async.

Is it really free?

During public beta, yes. 100 requests per minute per account. We'll announce paid tiers before charging anyone, with at least 30 days' notice.

What happens to the emails I verify?

We hash addresses with SHA-256 before storing them for analytics. Raw addresses live in memory only during the verification request itself, never on disk.

Can I self-host it?

Yes. The full stack is open source: Go API + worker, Next.js dashboard, Postgres + Redis + NATS. Spin it up with Docker Compose on any VPS. Cloud is for convenience, not lock-in.

What's the SLA?

99.95% target uptime during beta. Cached responses run sub-10ms p95. SMTP responses depend on the recipient server, but typically resolve in 1 to 3 seconds.

Does it work with Resend / Postmark / SendGrid?

Yes. Trumailo is provider-agnostic. Call our API before any outbound send, regardless of which email platform actually ships the mail.

$ Pricing

Cheaper than every benchmark.
By a lot.

7-day free trialon every paid plan when you sign up. No card required. We don’t run countdown timers — prices below what the rest of the market charges, and more credits at every tier. Annual billing trades you two months for paying upfront.

Enterprise

5M+ verifications, 99.99% SLA, dedicated customer success, custom data residency. Quote in 24h.

Talk to us
30-day money-back, no questions.

If you don't love it inside 30 days, email us and we'll refund the full charge. No countdown timers, no “limited time” pressure — this offer holds while we're in public beta.

Start sending cleaner

Catch the bad sends
before you make them.

Free during beta. 100 requests per minute. No card. Drop us a line when you outgrow it and we’ll find a price that fits.

terminal · launch dayready
$ curl trumailo.com/v1/verify \
-H "Authorization: Bearer tm_•••" \
-d '{"email":"you@launch-day.com"}'
{ "status": "deliverable", "score": 96, "response_ms": 8 }
Create your account I have an account