This is completely ignoring the useful use cases of "disposable" emails like privacy. I have a domain that I specifically use as a catch all, so anytime I sign up for a website I use the domain as the username, like news.ycombinator.com@forward.to.me.com
This helps protect me in many ways. If my email is sold or leaked, not a big issue, I can just add that specific email to a blacklist and I never need to get spam from it again. Or if I cancel and keep getting spam about rejoining, blacklisted. It makes it easy to keep my spam and newsletters to a minimal.
It has the built in advantage that I can always sign up for new trials if I want, just do thatdomain.com1@ thatdomain.com2@ and so on. Although I don't do this often, I have had to do it for various reasons.
I've hit on occasion websites that block their domain from being in the email address, likely a poorly implemented security check because their software might say anyone with a "@service.com" email is an admin or something. In that case, I enter some random crap. I never have to remember the emails, since I can just search my email history for the address the service sent the registration confirmation to.
However, the downside is privacy. I use my own domain, which contains my full name, so when I sign up to some services and want to do so without giving my name, I still rely on a disposable email service such as hidemyass.com; and I do this for many online services. I am not a believer that everything I sign up for needs to know my full name, address, and email - often services ask for this information for no reason.
So attempting to block these types of services, that have valid and useful benefits to users, simply harms your users. You can avoid spam users with a captcha, and for trail abusers you already can't do much because @gmail.com already allows for a lot of aliases to work like @googlemail.com, or user.@gmail.com or u.s.e.r@gmail.com etc, or user+whatevertheywant@gmail.com
I disagree. I run a SaaS product and disposable emails are a bane to my existence. I get thousands of signups a day from people all around the world using disposable email addresses trying to milk the free tier of the product.
You have no idea the lengths people will go to.
If all you wanted to do was test a product out, create a real email address even if it's full of bogus details.
If you won't try my product without a real address then you're a customer I don't want and don't need.
Not to be an asshole but I absolutely loathe this... these sort of things are why I'm forced to give my email address to organizations I don't trust. This is offensive to my sense of privacy and I wish people would stop doing it.
Too often now sites/app want a login for no benefit other than to SPAM me with newsletters and crap I never wanted. That's why I use disposable email addresses, you're providing me no real value, at least sight unseen, but I must give you something I know is valuable-- my contact information.
I add the name of whomever I'm mailing whenever I enter my address, like "cryptarch+microsoft@gmail.com".
If they remove the "+microsoft" portion mailing me, that email is sent to my spambox and reported to spamcop, because I did not sign up with that address; the address I signed up with has the +etc infix.
Eventually I figure companies will get wise to this and I'll have to set up my own server which does the same trick with an underscore instead of the "+" sign.
If they're not providing you with any value, then don't give them your email address.
If it's just a Regex check then you can just use dslfkjsdlfj@fdsjfs.com. If it requires you to click on a verification link in the email then that is quite a high bar for you to go through to obtain something of `no value`.
I think the mistake was using the word "block". A general purpose "email type classifier" might be useful.
No need to block the temporary email, but you might use that information for other purposes, like having it be some weight to a fraud detection system. Note, not calling it out as fraud outright, but using it as one data point among others.
I created it as a side project to stop fake registrations with disposable email addresses, like emails from mailinator, email-fake.com, temp-mail.org, etc.
It has a public API, no registration required, accepts up to 10 checks per minute. A WordPress plugin and a simple PHP library are also included.
There's a reason I'm using a disposable address for your service. A much better user experience would be for you to allow me the option to try out your service before giving you my email.
Disposable email addresses exists precisely because we don't plan on returning. Some websites tried to block disposable addresses already, I just went somewhere else.
It classifies things like gmail, yahoo mail, hotmail as "Consumer" addresses.
So, there might be some additional markets for you if you can identify "consumer" emails vs "business". Also, some niche areas like isEduEmail(), for things like student discounts (fyi, not as simple as it seems at first glance).
If you consider using this, please for the privacy of your users make sure to only check the domain, not the full mail address (so not like the first two API request examples).
This is such a bad idea. 99 out of a 100 times the use case for such a service is because the developer wants to make sure it can spam a real email address.
But, I hope this doesn't take off because there are valid reasons for using fake email addresses. E.g. I don't trust the site not to sell my email, or leak it inadvertently through a security exposure.
I really don't like this service at all. It destroys value, like the ability to be anonymous, and enables abuse by companies - the 90% use case is by companies who use it for sending marketing junk as we all know perfectly.
While the service mentions blocking them, this API can be used just for that. All it does is take an email and tell you if it's a temp email. What you do with that info after is up to you.
I really hope this doesn't see adoption in many cases. I can see it being okay in places where abuse is an issue, but I use different disposable email services specifically because I don't want spam or my actual email exposed in the endless stream of breaches.
I don't want Best Buy Rewards, etc. having my email to sell.
Can someone provide examples of temp mail abuse that makes this necessary? I sometimes use these service to avoid being subscribed to ceaseless email marketing rings or get at information (in my opinion) needlessly siloed in things like forums.
Seems also like a user-hostile escalation in this kind of arms race that will eventually be overcome anyway.
If you ask somebody their phone number and they give you a fake one - they don't trust you and think you are an asshole. Same with e-mail. When you feel you need to protect yourself from "disposable emails" then your problem is elsewhere.
I don't quite understand why this service is attempting to charge for what is basically an email list, when email lists with more domains have been public for quite some time.
Ones can create multiple email addresses, and disposable them in an instant. It's just another disposable email service that is easily abused by spammers.
I store and track "disposable email address service provider", so I want to abbreviate that name. Anyway, I removed the "DEA provider" counter and the acronym :-)
> Disposable Email Address (DEA) services are tools for spamming, fake registration, free trial abusing, etc.
And we hate them!
Gloves are a tool for criminals! Knives are a tool for murderers! Cameras are a tool for terrorists and pedophiles!
Like these other tools, email addresses have legitimate uses. If you find yourself getting a lot of disposable addresses, there are other ways to ensure you get a valid email address, like only asking for one when your users are actually going to want to receive your emails.
This got me thinking of a tangential business idea: a user-hostile site blocker.
You take a quick quiz of stuff you personally consider unacceptable from a site (such as blocking disposable emails), and then it comes up with an autoupdated blocklist.
If I have no incentive login again, you should probably not ask my email. This service is a nuisance just like all those sites that require an email for no good reason.
This sucks. I hate it. VERY few "services" are worth the exposure of my real email address. I made this mistake with yahoo, bigfoot.com and amazon.
It would not hurt my feelings if the developer of this "service" became allergic to pizza. And if the service were to close... The allergy is reversed, gradually.
xvolter|9 years ago
This helps protect me in many ways. If my email is sold or leaked, not a big issue, I can just add that specific email to a blacklist and I never need to get spam from it again. Or if I cancel and keep getting spam about rejoining, blacklisted. It makes it easy to keep my spam and newsletters to a minimal.
It has the built in advantage that I can always sign up for new trials if I want, just do thatdomain.com1@ thatdomain.com2@ and so on. Although I don't do this often, I have had to do it for various reasons.
I've hit on occasion websites that block their domain from being in the email address, likely a poorly implemented security check because their software might say anyone with a "@service.com" email is an admin or something. In that case, I enter some random crap. I never have to remember the emails, since I can just search my email history for the address the service sent the registration confirmation to.
However, the downside is privacy. I use my own domain, which contains my full name, so when I sign up to some services and want to do so without giving my name, I still rely on a disposable email service such as hidemyass.com; and I do this for many online services. I am not a believer that everything I sign up for needs to know my full name, address, and email - often services ask for this information for no reason.
So attempting to block these types of services, that have valid and useful benefits to users, simply harms your users. You can avoid spam users with a captcha, and for trail abusers you already can't do much because @gmail.com already allows for a lot of aliases to work like @googlemail.com, or user.@gmail.com or u.s.e.r@gmail.com etc, or user+whatevertheywant@gmail.com
Don't harm your users with useless validations.
sadasd21asda|9 years ago
You have no idea the lengths people will go to.
If all you wanted to do was test a product out, create a real email address even if it's full of bogus details.
If you won't try my product without a real address then you're a customer I don't want and don't need.
rubyn00bie|9 years ago
Too often now sites/app want a login for no benefit other than to SPAM me with newsletters and crap I never wanted. That's why I use disposable email addresses, you're providing me no real value, at least sight unseen, but I must give you something I know is valuable-- my contact information.
cryptarch|9 years ago
If they remove the "+microsoft" portion mailing me, that email is sent to my spambox and reported to spamcop, because I did not sign up with that address; the address I signed up with has the +etc infix.
Eventually I figure companies will get wise to this and I'll have to set up my own server which does the same trick with an underscore instead of the "+" sign.
aembleton|9 years ago
If it's just a Regex check then you can just use dslfkjsdlfj@fdsjfs.com. If it requires you to click on a verification link in the email then that is quite a high bar for you to go through to obtain something of `no value`.
mike-cardwell|9 years ago
2017-03-30@tmp.grepular.com
I didn't have to click a button or anything to create it. It just exists, thanks to the pattern. Here's how I did it:
https://www.grepular.com/Automatically_Expiring_Email_Addres...
Exuma|9 years ago
https://www.guerrillamail.com/
tyingq|9 years ago
No need to block the temporary email, but you might use that information for other purposes, like having it be some weight to a fraud detection system. Note, not calling it out as fraud outright, but using it as one data point among others.
hatsunearu|9 years ago
otterpro|9 years ago
clusterman|9 years ago
It has a public API, no registration required, accepts up to 10 checks per minute. A WordPress plugin and a simple PHP library are also included.
Check it out :-)
ithinkso|9 years ago
jakebasile|9 years ago
XNOVRJ|9 years ago
ythn|9 years ago
erelde|9 years ago
lloydatkinson|9 years ago
tyingq|9 years ago
https://flow.microsoft.com/providers/Internal.User/users/joe...
https://flow.microsoft.com/providers/Internal.User/users/joe...
It classifies things like gmail, yahoo mail, hotmail as "Consumer" addresses.
So, there might be some additional markets for you if you can identify "consumer" emails vs "business". Also, some niche areas like isEduEmail(), for things like student discounts (fyi, not as simple as it seems at first glance).
GordonS|9 years ago
mschulze|9 years ago
clusterman|9 years ago
basdp|9 years ago
maciekmm|9 years ago
Gets the job done.
clusterman|9 years ago
josho|9 years ago
But, I hope this doesn't take off because there are valid reasons for using fake email addresses. E.g. I don't trust the site not to sell my email, or leak it inadvertently through a security exposure.
sklivvz1971|9 years ago
o_____________o|9 years ago
unknown|9 years ago
[deleted]
jpalomaki|9 years ago
joshmanders|9 years ago
alphabettsy|9 years ago
I don't want Best Buy Rewards, etc. having my email to sell.
alphonsegaston|9 years ago
Seems also like a user-hostile escalation in this kind of arms race that will eventually be overcome anyway.
sklivvz1971|9 years ago
E.g. you register an actual account with temp-mail, this makes anybody able to reset the password.
I totally agree though that this service is user-hostile.
al_chemist|9 years ago
sgehly|9 years ago
homero|9 years ago
kip_|9 years ago
I'd argue that those emails aren't disposable. I use ThrottleHQ to track when service providers resell my email to other lists.
clusterman|9 years ago
GordonS|9 years ago
Is that acronym even a thing?
clusterman|9 years ago
hayleox|9 years ago
Veratyr|9 years ago
Gloves are a tool for criminals! Knives are a tool for murderers! Cameras are a tool for terrorists and pedophiles!
Like these other tools, email addresses have legitimate uses. If you find yourself getting a lot of disposable addresses, there are other ways to ensure you get a valid email address, like only asking for one when your users are actually going to want to receive your emails.
cryptarch|9 years ago
avaer|9 years ago
You take a quick quiz of stuff you personally consider unacceptable from a site (such as blocking disposable emails), and then it comes up with an autoupdated blocklist.
Does this exist?
jpambrun|9 years ago
fredsanford|9 years ago
It would not hurt my feelings if the developer of this "service" became allergic to pizza. And if the service were to close... The allergy is reversed, gradually.