A safe email sandbox for every test you send
Maildog gives every developer a private email sandbox — a virtual SMTP inbox that captures every message your application sends. Point your app at Maildog and inspect rendered HTML, raw source, headers, and SPF/DKIM/DMARC in seconds. Nothing ever leaves the sandbox.
Testing email without a sandbox is risky
Without an email sandbox, every test send is a chance to email a real person or ship a broken template.
You email real users from staging
A seed script, a forgotten loop, or a misconfigured BCC and suddenly thousands of customers get a test message — or a password-reset link — from your test database. That damages trust and can get your domain blocklisted.
You can't see what you sent
Once an email leaves your app it's a black box. There's no easy way to inspect the rendered HTML, the raw MIME source, or the headers your mailer actually produced.
Real inboxes get polluted
QA engineers create dozens of throwaway Gmail accounts, share passwords, and drown in test mail. CI can't assert on email because there's no programmatic inbox to read from.
Deliverability is a guess
You don't find out that SPF, DKIM, or DMARC is misconfigured until messages land in spam — or bounce — in production.
What an email sandbox does
An email sandbox is a virtual SMTP inbox that accepts mail exactly like a real server but captures it instead of delivering it. Point your app's SMTP credentials at Maildog and every message is stored, rendered, and analysed — and nothing reaches a real recipient.
Get sandbox SMTP credentials. Each inbox has a unique host, port, username, and password, shown on the inbox's Integration tab in the panel.
Point your app at the sandbox. Swap your SMTP host to mail.maildog.io on port 2525 (STARTTLS) or 587 — a config change, not a code rewrite.
Maildog captures everything. Every MAIL FROM, every RCPT TO recipient, the full MIME body, attachments, and headers are stored and rendered.
Inspect and automate. Read messages in the web inbox or pull them through the API to assert on subject, body, headers, and authentication results in CI.
Key features
Fake SMTP server (catch-all)
A standards-compliant SMTP server that speaks STARTTLS and SSL, supports AUTH LOGIN/PLAIN, and accepts every recipient — so you never need real mailboxes.
Deep email inspection
Every message is rendered as a pixel-accurate HTML preview, a plain-text alternative, and raw MIME source, with a header inspector for Message-ID, Reply-To, List-Unsubscribe, and custom X- headers.
SPF, DKIM & DMARC validation
Maildog checks SPF alignment, DKIM signatures, and DMARC policy on every captured message so you confirm authentication is correct before going live.
Developer-friendly API
Create disposable inboxes, list captured messages, fetch a specific email by recipient or subject, read its HTML and headers, and tear the inbox down — all from your test suite.
Multiple inboxes per environment
Spin up isolated sandboxes for local dev, CI, and staging so test traffic never collides and every environment has its own credentials.
Team sharing
Inboxes are shareable, so a QA engineer can reproduce an issue and a developer opens the exact captured message — same HTML, same headers, same auth results.
Point your app at the sandbox
Using the sandbox is a configuration change. Replace your SMTP settings with the credentials shown on your Maildog inbox.
SMTP_HOST=mail.maildog.io
SMTP_PORT=2525 # STARTTLS (587 also supported)
SMTP_USER=your_sandbox_username
SMTP_PASS=your_sandbox_password
SMTP_FROM=no-reply@example.comimport os, smtplib
from email.message import EmailMessage
msg = EmailMessage()
msg["From"] = os.environ["SMTP_FROM"]
msg["To"] = "test-user@example.com" # never delivered — captured by the sandbox
msg["Subject"] = "Welcome to Acme"
msg.set_content("Thanks for signing up!")
with smtplib.SMTP(os.environ["SMTP_HOST"], int(os.environ["SMTP_PORT"])) as server:
server.starttls()
server.login(os.environ["SMTP_USER"], os.environ["SMTP_PASS"])
server.send_message(msg)
print("Sent — open your Maildog inbox to inspect it.")Why developers choose Maildog
Faster debugging
See the exact HTML, headers, and authentication results for every send, so broken merge tags and malformed multipart bodies are obvious instantly.
Safe email testing
Nothing leaves the sandbox. Test signup flows, password resets, and receipts without ever risking a real recipient.
Better deliverability
Validate SPF, DKIM, and DMARC and catch spam triggers before production, so your real mail lands in the inbox.
Improved developer workflow
Turn email into a deterministic, automated test instead of a manual spot-check, and share captured messages across the team.
Email sandbox vs the alternatives
How a hosted sandbox compares to sending real test mail or running a local-only tool.
| Capability | Maildog Sandbox | Real Test Emails | Mailhog / Mailpit |
|---|---|---|---|
| Captures mail safely (nothing delivered) | |||
| HTML, raw source & header inspection | Partial | ||
| SPF / DKIM / DMARC validation | |||
| Reachable from cloud CI & remote teams | |||
| Automation API | Limited | ||
| Hosted, zero ops |
Frequently asked questions
What is an email sandbox?
An email sandbox is a virtual SMTP inbox that captures the messages your application sends instead of delivering them. It lets developers inspect and test emails — HTML, headers, and authentication — without ever emailing a real recipient.
How do I connect my app to the Maildog sandbox?
Copy the SMTP host, port, username, and password from your Maildog inbox and set them as your app's SMTP variables. Use mail.maildog.io on port 2525 (STARTTLS) or 587. No code changes are required if your app already sends over SMTP.
Does the sandbox validate SPF, DKIM, and DMARC?
Yes. Maildog validates SPF alignment, DKIM signatures, and DMARC policy on every captured message, so you can confirm authentication is correct before going live. Pair it with our DNS security tools to validate the underlying records.
Can I use the sandbox in automated tests and CI?
Absolutely. The Maildog API lets your pipeline create disposable inboxes, send mail through the sandbox, fetch the captured message, and assert on its subject, body, headers, or authentication results — then clean up.
Will any test email reach real users?
No. Every message is captured and stored in your sandbox inbox. Even if your code addresses real-looking recipients, nothing is relayed to the outside world.
What frameworks and languages work with the sandbox?
Any language or framework that can send SMTP — Python, Node.js, Ruby, PHP, Go, Java, Laravel, Django, Rails, and more. There is no SDK lock-in; if your code sends email, it works with Maildog.
How is this different from Mailhog or Mailpit?
Mailhog and Mailpit are local-only capture tools bound to localhost. A hosted email sandbox like Maildog is reachable from cloud CI and your whole team, and adds SPF/DKIM/DMARC validation and an automation API that local tools don't provide.
Is there a free way to try it?
Yes — you can launch a sandbox and start capturing email for free. See the pricing page for usage limits and paid plans.
Keep exploring
Start testing email the safe way
Spin up an email sandbox and capture your first message in seconds.
Launch a free sandbox