The Mailosaur Node library lets you integrate email and SMS testing into your continuous integration process.

Usage no npm install needed!

<script type="module">
  import mailosaur from '';


Mailosaur - Node.js library ·

Mailosaur lets you automate email and SMS tests as part of software development and QA.

  • Unlimited test email addresses for all - every account gives users an unlimited number of test email addresses to test with.
  • End-to-end (e2e) email and SMS testing Allowing you to set up end-to-end tests for password reset emails, account verification processes and MFA/one-time passcodes sent via text message.
  • Fake SMTP servers Mailosaur also provides dummy SMTP servers to test with; allowing you to catch email in staging environments - preventing email being sent to customers by mistake.

Get Started

This guide provides several key sections:

You can find the full Mailosaur documentation on the website.

If you get stuck, just contact us at


Install the Mailosaur Node.js library via npm:

npm install mailosaur --save-dev

Then import the library into your code. The value for YOUR_API_KEY is covered in the next step (creating an account):

const MailosaurClient = require('mailosaur')
const mailosaur = new MailosaurClient('YOUR_API_KEY')

API Reference

This library is powered by the Mailosaur email & SMS testing API. You can easily check out the API itself by looking at our API reference documentation or via our Postman or Insomnia collections:

Run in Postman Run in Insomnia}

Creating an account

Create a free trial account for Mailosaur via the website.

Once you have this, navigate to the API tab to find the following values:

  • Server ID - Servers act like projects, which group your tests together. You need this ID whenever you interact with a server via the API.
  • Server Domain - Every server has its own domain name. You'll need this to send email to your server.
  • API Key - You can create an API key per server (recommended), or an account-level API key to use across your whole account. Learn more about API keys.

Test email addresses with Mailosaur

Mailosaur gives you an unlimited number of test email addresses - with no setup or coding required!

Here's how it works:

  • When you create an account, you are given a server.
  • Every server has its own Server Domain name (e.g.
  • Any email address that ends with @{YOUR_SERVER_DOMAIN} will work with Mailosaur without any special setup. For example:
  • You can create more servers when you need them. Each one will have its own domain name.

Can't use test email addresses? You can also use SMTP to test email. By connecting your product or website to Mailosaur via SMTP, Mailosaur will catch all email your application sends, regardless of the email address.

Find an email

In automated tests you will want to wait for a new email to arrive. This library makes that easy with the messages.get method. Here's how you use it:

(async () => {
  const MailosaurClient = require('mailosaur')
  const mailosaur = new MailosaurClient('API_KEY')

  // See
  const serverId = 'abc123'
  const serverDomain = ''

  const searchCriteria = {
    sentTo: 'anything@' + serverDomain
  const message = await mailosaur.messages.get(serverId, searchCriteria)

  console.log(message.subject) // "Hello world!"

What is this code doing?

  1. Sets up an instance of MailosaurClient with your API key.
  2. Waits for an email to arrive at the server with ID abc123.
  3. Outputs the subject line of the email.

My email wasn't found

First, check that the email you sent is visible in the Mailosaur Dashboard.

If it is, the likely reason is that by default, messages.get only searches emails received by Mailosaur in the last 1 hour. You can override this behavior (see the receivedAfter option below), however we only recommend doing this during setup, as your tests will generally run faster with the default settings:

const email = await mailosaur.messages.get(
  // Override receivedAfter to search all messages since Jan 1st
  { receivedAfter: new Date(2021, 01, 01) }

Find an SMS message

Important: Trial accounts do not automatically have SMS access. Please contact our support team to enable a trial of SMS functionality.

If your account has SMS testing enabled, you can reserve phone numbers to test with, then use the Mailosaur API in a very similar way to when testing email:

(async () => {
  const MailosaurClient = require('mailosaur')
  const mailosaur = new MailosaurClient('API_KEY')

  const serverId = 'abc123'

  const searchCriteria = {
    sentTo: '4471235554444'
  const sms = await mailosaur.messages.get(serverId, searchCriteria)


Testing plain text content

Most emails, and all SMS messages, should have a plain text body. Mailosaur exposes this content via the text.body property on an email or SMS message:

console.log(message.text.body) // "Hi Jason, ..."

if (message.text.body.indexOf('Jason') > -1) {
  console.log('Email contains "Jason"')

Extracting verification codes from plain text

You may have an email or SMS message that contains an account verification code, or some other one-time passcode. You can extract content like this using a simple regex.

Here is how to extract a 6-digit numeric code:

console.log(message.text.body) // "Your access code is 243546."

const regEx = new RegExp('([0-9]{6})')
const matches = regEx.exec(message.text.body)

console.log(matches[0]) // "243546"

Read more

Testing HTML content

Most emails also have an HTML body, as well as the plain text content. You can access HTML content in a very similar way to plain text:

console.log(message.html.body) // "<html><head ..."

Working with HTML using JSDOM

If you need to traverse the HTML content of an email. For example, finding an element via a CSS selector, you can use the JSDOM library.

npm install jsdom --save-dev
const { JSDOM } = require('jsdom')

// ...

const dom = new JSDOM(message.html.body);

const el = dom.window.document.querySelector('.verification-code');
const verificationCode = el.textContent; // "542163"

Read more

Working with hyperlinks

When an email is sent with an HTML body, Mailosaur automatically extracts any hyperlinks found within anchor (<a>) and area (<area>) elements and makes these viable via the html.links array.

Each link has a text property, representing the display text of the hyperlink within the body, and an href property containing the target URL:

// How many links?
console.log(message.html.links.length) // 2

const firstLink = message.html.links[0]
console.log(firstLink.text) // "Google Search"
console.log(firstLink.href) // ""

Important: To ensure you always have valid emails. Mailosaur only extracts links that have been correctly marked up with <a> or <area> tags.

Links in plain text (including SMS messages)

Mailosaur auto-detects links in plain text content too, which is especially useful for SMS testing:

// How many links?
console.log(message.text.links.length) // 2

const firstLink = message.text.links[0]
console.log(firstLink.href) // ""

Working with attachments

If your email includes attachments, you can access these via the attachments property:

// How many attachments?
console.log(message.attachments.length) // 2

Each attachment contains metadata on the file name and content type:

const firstAttachment = message.attachments[0]
console.log(firstAttachment.fileName) // "contract.pdf"
console.log(firstAttachment.contentType) // "application/pdf"

The length property returns the size of the attached file (in bytes):

const firstAttachment = message.attachments[0]
console.log(firstAttachment.length) // 4028

Writing an attachment to disk

const fs = require('fs')

// ...

const firstAttachment = message.attachments[1]

const fileBytes = await mailosaur.files.getAttachment(
fs.writeFileSync(firstAttachment.fileName, fileBytes)

Working with images and web beacons

The html.images property of a message contains an array of images found within the HTML content of an email. The length of this array corresponds to the number of images found within an email:

// How many images in the email?
console.log(message.html.images.length) // 1

Remotely-hosted images

Emails will often contain many images that are hosted elsewhere, such as on your website or product. It is recommended to check that these images are accessible by your recipients.

All images should have an alternative text description, which can be checked using the alt attribute.

const image = message.html.images[0]
console.log(image.alt) // "Hot air balloon"

Triggering web beacons

A web beacon is a small image that can be used to track whether an email has been opened by a recipient.

Because a web beacon is simply another form of remotely-hosted image, you can use the src attribute to perform an HTTP request to that address:

const https = require('https')

// ...

const image = message.html.images[0]
console.log(image.src) // ""

// Make an HTTP call to trigger the web beacon
https.get(image.src, r => console.log(r.statusCode)) // 200

Spam checking

You can perform a SpamAssassin check against an email. The structure returned matches the spam test object:

const result = await mailosaur.analysis.spam(

console.log(result.score) // 0.5

result.spamFilterResults.spamAssassin.forEach(r => {


If you'd like to contribute to this library, here is how to set it up locally.

Install all development dependencies:

npm i

The test suite requires the following environment variables to be set:

export MAILOSAUR_API_KEY=your_api_key
export MAILOSAUR_SERVER=server_id

Run all tests:

npm test

Contacting us

You can get us at