.NET 9 Email Validation API — RFC 5322, DNS/MX, Disposable Detection (No Paid APIs)

Validate emails accurately without paying for third-party APIs.
This .NET 9 Web API performs RFC 5322 format validation, DNS/MX lookups, and detects disposable/temporary email domains from a curated 100K+ list. It ships with rate limiting, Swagger, and zero external dependencies—so you can run it on-prem or in the cloud with predictable costs.

Live Demo: emailvalidator.runasp.net/swagger/index.html

Why developers choose this

• Accurate: RFC-compliant parsing + MX verification for real deliverability signals.
• Practical: Blocks disposable/temp domains to cut fraud and fake signups.
• Cost-controlled: No paid API calls or vendor lock-in—host it yourself.
• Fast to use: Swagger docs for instant testing, clean JSON responses.
• Secure by default: Rate limiting & middleware to protect your endpoints.

Core Features (✅ implemented)

• RFC 5322 email format validation
• DNS/MX record verification
• 100K+ disposable domain detection
• Real-time domain blacklist updates (self-hosted refresh with no paid services)
• Typo detection & suggestions (e.g., gamil.com → gmail.com)
• Rate limiting & API protection
• Swagger/OpenAPI documentation
• Zero external dependencies / API costs

Endpoints

• POST /api/validate — Validate email, perform RFC + MX checks, disposable detection
• GET /api/disposable/{domain} — Check if a domain is disposable
• POST /api/refresh — Trigger blacklist refresh (protected)
• GET /api/health — Health check

Typical response

{
  "email": "user@example.com",
  "isValidFormat": true,
  "hasMx": true,
  "isDisposable": false,
  "suggestion": null,
  "reasons": []
}

Config highlights

• RateLimiting: requests per window, window length
• Dns: custom resolvers (optional)
• DisposableList: path to bundled list + refresh settings

How Disposable Detection Works (at a glance)

• Ships with a curated 100K+ domain list (bundled).
• Includes a self-hosted refresh job so you can update from your own trusted sources (no paid services).
• MX checks + heuristics reduce false positives.

Who It’s For

• SaaS & product teams battling fake signups and burner emails
• Security-minded backends that need on-prem validation
• .NET developers who want reliable, cost-predictable email verification

What’s Included

• Complete .NET 9 source code (clean architecture)
• Swagger/OpenAPI docs
• Rate limiting middleware
• Typo-suggestion provider (common domains)
• Disposable blacklist + refresh job
• MIT License — commercial use permitted
• README with setup & deployment notes

FAQ ()

Does this guarantee deliverability?
No service can guarantee inbox delivery. This API validates format, MX presence, and disposable domains—the strongest low-cost checks before sending email.

How do updates work without paid APIs?
You run the refresh job yourself to pull from sources you control (public lists or internal feeds). No per-request charges.

Will MX checks slow things down?
DNS queries are cached and the API is designed to be efficient. Add your own caching (e.g., Redis) if you expect heavy traffic.

Can I extend typo suggestions?
Yes—add or tune common providers (gmail, outlook, yahoo…) and localized domains.

Is it safe for production?
Yes. Includes rate limiting, health checks, and clean layering. Add HTTPS, secrets management, and observability for your environment.