UserCheck
Pricing API Docs Sign up Log in

Updated: February 13, 2025

How to Block Disposable Email Addresses (Tutorial)

In this article, I'll show you how to block temporary email addresses from your platform. We'll explore DIY methods, free GitHub lists, and how you can use a solution like UserCheck to save time and improve lead quality.

Disposable email services like Temp Mail, 10MinuteMail, and EmailOnDeck are designed to let users create temporary email addresses to bypass email verification. These services are commonly used by spammers, bots, or people looking to avoid using their real email address. For businesses, this means wasted resources, fake leads, and potential security risks. So, how do we block these fake emails?

If you prefer to learn via a video format, here's a YouTube video we recorded covering the same content:

Option 1: Using an API (UserCheck)

The first and most effective option is to use an API, like UserCheck, which is specifically designed to block disposable email addresses.

Here's why this is a better approach:

  1. Always Up-to-Date: UserCheck maintains a database of disposable email domains and automatically updates it, so you don't have to.
  2. Simple Integration: With just one API call, you can verify whether an email is temporary or valid.
  3. Freemium Tier: UserCheck offers 1,000 free requests per month, so you can try it out without any upfront cost.
  4. Comprehensive Support: Access to detailed documentation and customer support to help with integration.

Example request:

curl  https://api.usercheck.com/email/[email protected]

Example response:

{
    "status":200,
    "email":"[email protected]",
    "domain":"example.com",
    "mx":false,
    "disposable":false,
    "public_domain":false,
    "relay_domain":false,
    "alias":false,
    "role_account":true,
    "did_you_mean":null
}

The response will tell you whether the email is disposable, giving you the power to block fake signups instantly. UserCheck's email validation API also offers a variety of other email verification features you might find useful.

How to integrate UserCheck into your system:

  1. Go to UserCheck.com and sign up for a free account.
  2. Get your API key from the dashboard.
  3. Use the documentation to add the API to your signup flow. Most teams can set it up in under 10 minutes.
  4. Test it out using your free 1,000 requests.

Option 2: The DIY Approach

Next is a simple option: a DIY approach.

You can manually create a basic domains list of disposable email providers that you find on fake email generator websites. Then use it to block these domains in your signup flow. For example, you could write a basic script in Python or JavaScript to compare email domains against your blocklist.

# Latest domains from temp-mail.org
disposable_domains = [
    "venfee.com",
    "xoroda.com",
    "walshun.com",
    "vmmod.com",
    "nozamas.com",
    "kazvi.com",
    "gitted.com",
    "kimasoft.com",
    "exoular.com",
    "cashbn.com",
    "cpaurl.com",
]

def is_valid_email(email):
    domain = email.split('@')[-1]
    return domain not in disposable_domains

email = "[email protected]"
print(is_valid_email(email))  # Output: False

This approach works, but it has major downsides:

  1. You need to constantly monitor and update your blocklist, as new disposable email providers pop up every day.
  2. It's time-consuming and not scalable if you're running a business.

Option 3: Using Free GitHub Lists

GitHub

The final option is to use a free blocklist from GitHub. There are open-source repositories that maintain updated lists of disposable email domains. You can integrate these into your project for free.

Here are the most popular ones:

And here's a Python script to fetch the domains from disposable-email-domains/disposable-email-domains:

import requests

# GitHub API URL for the raw file content
url = "https://api.github.com/repos/disposable-email-domains/disposable-email-domains/contents/disposable_email_blocklist.conf"

# Optional: Add a GitHub token if you have rate limit issues
headers = {
    # "Authorization": "token YOUR_GITHUB_PERSONAL_ACCESS_TOKEN"  # Uncomment and add your token if needed
}

try:
    # Send GET request to GitHub API
    response = requests.get(url, headers=headers)
    response.raise_for_status()  # Raise an error for HTTP issues
    
    # Get the content of the file
    blocklist_content = response.text
    
    # Parse each line of the file
    blocklist_domains = [line.strip() for line in blocklist_content.splitlines() if line.strip()]
    
    # Print the parsed list
    for domain in blocklist_domains:
        print(domain)
except requests.exceptions.RequestException as e:
    print(f"An error occurred: {e}")

While this is more scalable than DIY, it has its own challenges:

  • You'll need to periodically update the list manually or set up automated updates.
  • These lists are often incomplete or outdated, with updates typically occurring every few weeks.
  • They lack professional verification because they depend on volunteers to submit new domains.

Conclusion

So, to recap:

  • If you're just starting out, a DIY approach might work, but it requires constant maintenance.
  • GitHub lists are a good step up, but they can be incomplete and still require effort to integrate.
  • An API like UserCheck is the easiest and most reliable way to block disposable email address services without wasting time.
Thomas Petracco

Article by

Thomas Petracco

Thomas is the founder of UserCheck with 10 years of experience building APIs. After founding several companies and consistently needing a reliable way to block fake users, he founded UserCheck in 2016 to help other founders protect their businesses from abuse.

Block Fake Users

Use the best email verification API to protect your business from unwanted users.

Get API Key