Email Verification & Threat Removal API

Home
Integrations
Email Verification & Threat Removal API

Overview >
API Endpoint
Performance & Reliability
Configurable Processing
Authentication & Structure
Submission Guidance
Optional Parameters
Pass-Through Fields
Response Fields
Error Handling & Timeouts
Result Code Guidance
Support & Customization

Verification & Threat Removal API

The Impressionwise Verification & Threats API is designed for seamless integration into signup, onboarding, or transactional workflows. With a single request, the API delivers high-speed, real-time email verification to help ensure data quality, reduce risk, and protect sender reputation.

This service supports continuous data cleansing and validates individual email addresses using standard HTTP POST requests with JSON-formatted responses.

API Endpoint

The API is available via a secure HTTPS endpoint:

https://post.impressionwise.com/verifyme.aspx

For compatibility, HTTP access may also be supported; however, HTTPS is strongly recommended to ensure data encryption in transit and alignment with industry-standard security best practices.

Performance & Reliability

The API is hosted on a robust, load-balanced, redundant infrastructure designed for high availability and consistent performance. Automated monitoring and failover mechanisms minimize downtime and ensure reliable handling of variable traffic volumes.

Configurable Processing Level

The Verification & Threats API allows you to balance processing speed and verification depth using the configurable TIMEOUT parameter. This flexibility enables optimization based on your use case—whether prioritizing low-latency responses during real-time signups or deeper analysis for higher-risk or batch data processing.

Lower timeout values return results more quickly but may rely on partial signals, while higher timeout values allow for more comprehensive validation when mail hosts require additional response time.

For guidance on selecting the optimal balance between speed and accuracy, refer to:
https://impressionwise.com/blog/API-Speed-vs-Accuracy.html

Authentication & Request Structure

All API requests require authentication. To obtain your API credentials, please visit your account portal. Once you have your credentials, you can choose between two authentication models: Basic / Simple Authentication or Secure API Key Authentication.

Basic / Simple Authentication (Legacy Integration)

This method uses a Client ID and Password for authentication. Credentials can be transmitted either via request headers (recommended) or URL query parameters (less secure).

Submission Request Header Example (Recommended)

GET /verifyme.aspx?EMAIL=user@example.com HTTP/1.1
Host: post.impressionwise.com
Variables: CODE (000001), PWD (XXXXXX), and EMAIL (user@example.com)

URL Submission Example

Submission Request URL: https://post.impressionwise.com/verifyme.aspx?CODE=000001&PWD=password1&EMAIL=user@example.com

Response: code=000001&pwd=XXXXXX&email=user@example.com&result=CERTDOM&NPD=NA&CC=US&TTP=0.47

Required Parameters

Parameter	Description
CODE	6-digit alpha-numeric account code (case sensitive) as provided within your account portal. Can be transmitted within the request header or URL
PWD	Alphanumeric security password as provided within your account portal.
EMAIL	Email address submitted to be verified

While simple authentication supports legacy integrations, transmitting credentials via request headers is strongly recommended to maintain security and protect sensitive account information.

Secure API Key Authentication

This method uses a user-configurable API Key instead of a password. The API Key is managed within your account portal and can be rotated or revoked at any time for improved security. Benefits over use of the simple authentication include:

Credentials are not based on your account credentials.
Access can be scoped or limited if supported by the portal.
Key can be rotated or revoked without affecting other integrations.

Submission Request Header Example

GET /verifyme.aspx?EMAIL=user@example.com HTTP/1.1
Host: post.impressionwise.com
Header Key: Authorization (Note: This tells the server that you are sending credentials for authentication)
Header Key Value: Basic <KEY> (Note: Basic b8e9a21303598b63e72b8e51df673dae6 - this is the actual properly formatted credential)

Submission Example

Submission Request Header Only: CURL https://post.impressionwise.com/verifyme.aspx?email=user@example.com -H "Authorization: Basic b8e9a21303598b63e72b8e51df673dae6"

Response: email=user@example.com&result=CERTDOM&NPD=NA&CC=US&TTP=0.13

Required Parameters

Parameter	Description
KEY	A standard, cryptographically strong 32-character API key will be transmitted within the request header for authentication. An initial API key will be pre-assigned and made available within your account portal. The key can be rotated or revoked at any time by generating a new key through the portal.
EMAIL	Email address submitted to be verified

Using API Key authentication ensures secure, flexible access to the API while allowing credentials to be managed, rotated, or revoked without impacting other integrations.

Submission Guidance

The following guidelines explain how API request parameters can be submitted, the order in which they are processed, and recommended security practices to ensure safe transmission.

URL vs. Header: Parameters can be submitted either in the URL query string or in the request header is using the simple authentication yet only within the request header for use with the API authentication approach.
Precedence: The system first inspects the URL; if a required parameter or variable is missing, it then checks the header.
Security: Always use HTTPS for all requests to ensure credentials or API keys are protected during transmission.

Adhering to these guidelines helps ensure consistent request handling, improved reliability, and secure transmission of sensitive data.

Optional Parameters

In addition to required parameters, the API supports optional system parameters that can provide extra information or modify the request behavior.

Parameter	Description
JSONRESPONSE=1	Returns JSON data structure results for the email address
TIMEOUT	Maximum processing time in seconds (range: 2–15, default: 6)

Sample JSON

Below is an example of a complete API request along with a sample JSON response illustrating the returned data structure.

https://post.impressionwise.com/verifyme.aspx?CODE=000001&PWD=password1&EMAIL=user@example.com&JSONRESPONSE=1&TIMEOUT=10

Or using API key authentication approach.

CURL https://post.impressionwise.com/verifyme.aspx?email=user@example.com&JSONRESPONSE=1&TIMEOUT=10 -H "Authorization: Basic b8e9a21303598b63e72b8e51df673dae6"

Either version would be the following response:

{
"EMAIL": "noexist@testmelink.com",
"RESULT": "SUPPRESS",
"CLASS": "INVALID",
"TTP": 2.41
}

Optional Client Pass-Through Fields

Client-defined parameters may be passed through the request and returned in the response for correlation purposes.

Sample supported fields include:

fname, lname, addr1, addr2, city, state, zip, country,
phone, gender, optinsite, optindate, optinip,
other1 – other20

Note: A maximum of 20 other fields is supported.

Response Fields

Each API response includes the following fields, which describe the verification result, threat classification, and processing time associated with the submitted email address.

Field	Description
RESULT	High-level disposition of the email address
CLASS	Detailed classification sub-code
TTP	Time to process, in seconds

Error Handling & Timeouts

The API provides explicit error codes and timeout responses to indicate invalid credentials or delayed server replies, along with recommended steps for handling and retrying affected requests.

If invalid credentials are supplied, the API returns:

RESULT = ACCT_INVALID_CREDENTIALS

If account credential supplied are correct yet the account is set to inactive, the API returns:

RESULT = ACCT_INACTIVE

If missing required fields for processing, the API returns:

RESULT = MISSING_REQD_FIELDS

If processing more than 15 requests per second, the API returns:

RESULT = MAXATTEMPTS_REACH

In cases where a mail server does not respond within the specified timeout, the following response is returned:

{
"EMAIL": "noexist@testmelink.com",
"RESULT": "DISCRETIONARY",
"CLASS": "TIMEOUT",
"TTP": 1.33
}

Rate Limiting Controls

This API employ’s connection-level rate limiting controls to mitigate abuse and protect backend resources. Specifically, our system restricts the number of simultaneous open connections per client IP address to a maximum of 50 concurrent connections. If a client attempts to open a connection beyond this threshold (for example, the 51st simultaneous connection), the additional connection is rejected, and returns a 503 Service Temporarily Unavailable response.

This mechanism helps prevent denial-of-service conditions, safeguards backend infrastructure, and ensures fair resource usage across all clients. It operates transparently and does not impact normal traffic within the defined limits.

Timeout Handling Guidance

Continue submitting remaining records to completion
Retry affected records after processing completes
If timeouts persist, increase the TIMEOUT value for subsequent retries

If you receive any unexpected responses beyond those documented here, please contact Impressionwise Support.

Result Code Guidance

To simplify integration while preserving analytical depth, Impressionwise consolidates over 240 threat indicators into three intuitive result codes. This approach enables fast decision-making while supporting email best practices, improved inbox placement, and sender reputation protection.

Primary Result Codes

Result Code	Description	Recommended Action
SUPPRESS	Do Not Email. These addresses present significant deliverability or reputation risk and should be fully removed from active mailing lists. This group includes known threats such as traps, invalids, parked domains, bots, and other high-risk indicators.	Remove from mailing lists. Use as a suppression file within your ESP.
DISCRETIONARY	These addresses do not currently pose a direct reputation threat, but deliverability cannot be conclusively verified. Sub-classifications provide additional context such as Catch-All, Greylisting, or Timeout conditions.	Send cautiously. Test on a separate IP or domain before including in core campaigns.
CERTIFIED	Addresses with no known indicators of delivery failure or reputation risk.	Safe to send through primary sending infrastructure.

Classification Sub-Codes

Impressionwise provides detailed sub-classifications to help refine sending decisions based on risk profile and behavioral intelligence.

Certified & Conditional Classifications

Classification	Description	Guidance
Certified	Verified as safe to send from a reputation standpoint. Recipient-level bounce status may not be fully validated.	Send
Key	High-risk, machine-generated or non-human accounts historically associated with non-converting traffic.	Send only if organically acquired or recent purchase activity exists (≤90 days).
Role	Role-based addresses (e.g., admin@, sales@) not tied to an individual recipient.	Use discretion based on campaign type.
Disposable	Temporary email addresses designed for short-term use and abandonment.	Avoid for long-term engagement.

Discretionary Sub-Classifications

Classification	Description	Guidance
Catch-All	Domain accepts all mail regardless of recipient validity.	Test cautiously
Greylist	Temporary server deferral requesting retry.	Retry before main send
Indeterminate	Insufficient data for definitive delivery classification.	Test separately
Connection Timeout	Receiving server did not respond within acceptable limits.	Retry or test on separate IP

Suppression-Level Threats

Classification	Description	Guidance
Quarantine	Previously active traps that may reactivate within a 90-day window.	Suppress
Parked	Domains not configured for active email use; mail is inherently invalid.	Suppress
Seed	Third-party monitoring or oversight addresses used for enforcement or litigation.	Suppress
Bot / Proxy	Non-human, automated accounts associated with abuse patterns.	Suppress
Invalid	Address cannot receive mail per RFC standards.	Suppress
Mole	Addresses linked to anti-spam infrastructure or blacklist operators.	Suppress
Trap	Purpose-built spam traps or honeypots.	Suppress immediately

General Disclaimer. Every reasonable effort is made to identify known threat and delivery classifications. However, due to the constantly evolving nature of the online ecosystem, Impressionwise cannot guarantee results will be entirely free of all potential threats or delivery risks. While care has been taken to ensure accuracy, Impressionwise assumes no responsibility for losses arising from reliance on this information.

Support & Customization

For questions, interpretation guidance, or custom implementation strategies, Impressionwise Support is available to help ensure optimal results from your data cleansing workflows.

The recognized authority in email verification and threat removal services

Impressionwise empowers prospective clients to experience the value of our advanced list cleaning services firsthand. We offer a complimentary scan and detailed report on a sample of your data, allowing you to evaluate the impact our solutions can have on your email performance and data quality.