One API call answers the question your agent is actually asking: send, review, or avoid — with confidence, evidence, and honest unknowns. Built for AI agents via REST and MCP.
No free tier. No sales call. Key in your inbox ~2 minutes after checkout.
$ curl -X POST https://api.inboxpolicy.com/v1/decide \ -H "x-api-key: ip_live_..." \ -d '{"email": "vp.sales@prospect.com"}' { "action": "send", "confidence": 95, "reason": "Verified mailbox with acceptable risk.", "signals": { "catch_all": false, "disposable": false }, "from_cache": false, "cost": { "credits": 1 } // re-check within 72h: 0 }
TL;DR: InboxPolicy is an email verification API that returns a send decision — send, send_with_caution, review, retry_later, or avoid — instead of raw status fields. It costs $5 per 1,000 fresh verifications, re-verifying the same address within 72 hours is free, malformed input is rejected locally at no charge, and AI agents can call it natively through its MCP server.
Syntax, MX, and live SMTP checks run against our own verification engine — then a deliverability policy turns the evidence into one action your code can branch on.
POST /v1/decide with an email address. Idempotency keys make retries safe — the same key never bills twice, guaranteed at the database layer.
Five possible verdicts, each with a reason, confidence score, and the SMTP signals behind it. Unknowns stay honest — we say review, we don't guess "safe".
1 credit per fresh verification. Cache hits within 72h: 0 credits. Malformed emails: 0 credits, rejected before they touch SMTP. Batches dedupe automatically.
Every verification maps to one of five actions. This is the vocabulary your agent branches on — designed to be safe by default and explicit about uncertainty.
| Action | Meaning | Typical cause | What your agent should do |
|---|---|---|---|
| send | Mailbox verified, acceptable risk | SMTP confirmed, confidence ≥ 70 | Send now |
| send_with_caution | Deliverable but moderate confidence | Confidence 50–70, or catch-all under aggressive policy | Send if the campaign tolerates some bounces |
| review | Cannot confirm the mailbox | Catch-all domain, protective gateway, unknown | Queue for human review or enrichment |
| retry_later | Temporary SMTP condition | Greylisting, transient server issues | Re-check later — the re-check is usually free |
| avoid | Do not send | Invalid mailbox, bad syntax, disposable domain | Drop the address |
InboxPolicy ships a native MCP (Model Context Protocol) server. Your agent gets decide_send, verify_email, batch tools, and live usage as first-class tools — no SDK, no glue code. Add it to any MCP-capable client:
{
"mcpServers": {
"inboxpolicy": {
"url": "https://mcp.inboxpolicy.com",
"headers": { "x-api-key": "ip_live_..." }
}
}
}
The agent asks "should I email vp.sales@prospect.com?" and gets back an action, a confidence score, the SMTP evidence behind it, and what it cost — in one tool call. Decisions your agent can branch on, priced so loops don't hurt: repeats inside the 72-hour window are free.
InboxPolicy supports the x402 payment protocol: an agent with a wallet can call POST /v1/decide with no account at all. The API responds 402 Payment Required with machine-readable payment requirements; the agent pays $0.01 in USDC on Base per call via the X-PAYMENT header and gets its decision plus an on-chain settlement receipt. Zero signup, zero key management — credit packs stay cheaper ($0.005/check) for sustained volume.
Prepaid credit packs. 1 credit = 1 fresh verification (single or batch, verify or decide — same price). The smallest pack is the trial.
No card, no account? Agents can pay per call with x402 — $0.01 USDC on Base, straight from a wallet. Packs stay cheaper for volume.
Always free for customers: cache re-verification within 72 hours, malformed-email rejection, and idempotent retries. Hard budget guarantee: credit checks are enforced atomically at billing time — concurrent requests cannot overdraw your balance, ever. Checkout is by card via Stripe; your API key arrives by email within ~2 minutes.
Real numbers, July 2026. Different tools win different jobs — here's where each one actually wins.
| InboxPolicy | ZeroBounce | Kickbox | MillionVerifier | |
|---|---|---|---|---|
| Entry price / 1k | $5.00 | $8.00 | $10.00 | ~$0.59–2.50 |
| Output | Decision + evidence | Status fields | Status + Sendex score | Status fields |
| Re-verification cost | $0 within 72h | Full price | Full price | Full price |
| Malformed input | Free, rejected locally | Billed | Billed | Billed |
| Agent-native (MCP) | Yes, first-class | No | No | No |
| Pay-per-call, no account (x402) | Yes — $0.01 USDC | No | No | No |
| Honest unknowns | Preserved + explained | Scored | Scored | Resolved aggressively |
| Spam-trap database | No | Yes | No | No |
| Free tier | No — $5 pack is the trial | 100/mo | One-time credits | Yes |
We'd rather you buy the right tool than churn off the wrong one.
You want the cheapest bulk status check and don't need decisions. MillionVerifier is the budget king for that job.
That requires a decade-scale curated trap database. ZeroBounce is the specialist there.
We're an API with an emailed key — deliberately. If your team lives in dashboards and CSV uploads, Kickbox or Emailable will feel more at home.
A send-decision API verifies an email address and returns an explicit action — send, send_with_caution, review, retry_later, or avoid — instead of raw status fields. InboxPolicy runs syntax, MX, and SMTP checks, applies a deliverability policy, and answers the question agents actually ask: should I send to this address right now?
Traditional verifiers return statuses like valid or catch-all and leave the decision logic to you — and they charge for every lookup, including repeats. InboxPolicy returns a decision with confidence and evidence, re-verification within the 72-hour cache window costs 0 credits, and it ships an MCP server so AI agents can call it as a native tool.
A catch-all domain accepts mail for any address, so SMTP verification cannot confirm the specific mailbox exists. InboxPolicy marks these honestly — action review (or send_with_caution under an aggressive policy) with the catch_all flag set — instead of guessing. Roughly 30–40% of B2B addresses sit on catch-all domains, which is why the honest handling matters.
Free verification tiers attract list-cleaning abuse, which damages probe infrastructure and quietly subsidizes spammers. InboxPolicy keys exist only through purchase — the $5 starter pack is the trial. What's always free for customers: cache re-verification within 72 hours and malformed-input rejection.
Every fresh verification is cached for 72 hours. Re-checking the same address inside that window returns the cached result — marked from_cache: true in the evidence — and costs 0 credits. Agents that re-validate lists before each send pay only for genuinely new lookups.
InboxPolicy ships an MCP (Model Context Protocol) server exposing decide_send, verify_email, batch tools, and usage. An agent asks for a decision on an address and receives a machine-readable action with confidence, cost, and evidence in one tool call. The REST API with idempotency keys and per-item batch results covers everything else.
Unknown means the SMTP conversation couldn't confidently confirm or deny the mailbox — commonly greylisting, a protective mail gateway, or a catch-all domain. InboxPolicy preserves unknown as a first-class state and maps it to review rather than over-promoting it to safe. Unknowns can optionally escalate to a wholesale fallback verifier automatically.
No. Addresses are processed to produce your result, cached for 72 hours to make your re-verification free, and subject to retention limits. They are never sold, shared, or used to build lists.
$5 gets you 1,000 decisions and a key in your inbox in about two minutes.
Get your API key