ONLINE
Bento
OpenAI
Using Cursor, Claude, or Codex?Copy a ready-made prompt for your AI agent so it can start implementing Bento, fast.
View .md

Spam API Overview

Bento's Spam API is designed to stop obviously low-quality or risky signups before they make it into your audience. It is opinionated by design: the goal is not just to answer "is this syntactically valid?" but "does this look like a real person we actually want in the database?"

If you want the endpoint reference and request examples, see the Spam API reference.

Why An Email Might Be Blocked

At a high level, Bento may reject a signup when the address, mailbox, domain, or accompanying signup data matches patterns that strongly correlate with fake signups, spam, abuse, or poor deliverability.

1. The email address is malformed or undeliverable

The checker first makes sure the address looks real and can pass normal email validation checks. Depending on the domain, Bento may also verify MX records.

Examples of addresses that may fail:

  • malformed email syntax
  • domains with no valid MX setup
  • domains with invalid or suspicious TLDs
  • domains that repeat TLD fragments like .com.com

2. The address uses a disposable or temporary inbox

Bento blocks many disposable email providers because these signups rarely belong to durable, reachable contacts.

This includes temporary inbox services and many throwaway providers. Some specific exceptions exist internally for a few legitimate privacy-forward providers, but the overall behavior is intentionally strict.

3. The domain looks like a typo or fake domain

One of the most common sources of bad data is a mistyped provider domain. Bento checks for many common typo patterns and suspicious domain shapes.

Examples include:

  • misspellings of major providers like gamil.com
  • domains ending in typo-like suffixes such as .cmo or .ocm
  • provider domains with numbers stuffed into them
  • provider-like domains that are unusually long or padded
  • domains known to be common catch-all or typo destinations

4. The mailbox name looks synthetic, spammy, or operational

Even if the domain is valid, Bento may reject the local part of the address when it looks fake or risky.

Examples include mailboxes containing words like:

  • spam, fake, example, or troll
  • abuse, report, postmaster, sysadmin, or customerservice
  • noreply, no-reply, donotreply, or similar operational inboxes

It can also reject addresses when:

  • the mailbox exceeds normal length limits
  • the plus-tag is only digits
  • the plus-tag contains values like test
  • the mailbox contains a UUID-like token
  • the mailbox normalizes to obvious synthetic values like test, testing, demo, example, or staging

5. The domain belongs to a blocked or suspicious class

Some domains are rejected because they are associated with patterns Bento does not want in normal signup flows.

Examples include:

  • SMS-to-email gateway domains
  • certain provider families that are frequently abused in signup spam
  • hosting or infrastructure-related domains
  • domains matching internal restricted-domain lists

6. The associated name looks fake or malicious

When you pass a name, Bento also checks whether it looks like real profile data or a spam payload.

Names may be rejected when they:

  • contain digits
  • include HTML-like markup such as <script> patterns
  • look like link injection
  • resemble crypto spam or attack payloads
  • look like random-string spam rather than a person name

7. The address is flagged by Bento's internal firewall

The standard validation flow also runs the address through Bento's internal email firewall. This is separate from syntax checking and helps catch addresses that are technically valid but still considered unsafe.

This could be because an email bounced on our network previously or has been reporting other Bento customers for spam.

Why Bento Is Opinionated

The checker is tuned for list quality and deliverability, not just RFC correctness. A technically valid address can still be a poor subscriber if it is disposable, typoed, operational, or obviously synthetic.

That tradeoff helps with:

  • cleaner subscriber lists
  • fewer fake form submissions
  • better deliverability over time
  • fewer workflows triggered by junk contacts

When A Real User Might Still Get Flagged

No spam checker is perfect. A legitimate user can occasionally be blocked if they:

  • use an unusual private email setup
  • sign up with a role-based mailbox
  • have a typo in their domain
  • use a privacy-focused provider that resembles a disposable one
  • submit a name that looks machine-generated
If you hard-block signups with the Spam API, log failures and give users a fallback path. A simple "contact support if this is a mistake" flow is usually enough.

Reporting Issues

If you have issues with the Spam API or find legitimate signups being blocked when they should pass, please reach out to support@bentonow.com.