Blocking Temporary Email Domains Isn't Enough

So you want to stop temporary emails from signing up to your Saas? Simply blocking temporary email domains won’t cut it.

Sure, there are block lists online, but they are a best effort attempt at keeping the well known domains out of circulation. Sites like temp-mail.org get around 9 million views a month, which could earn them anywhere from $500,000 to $1,000,000 a year.

temp-mail.org page views They evidently have the funds to keep buying new domains, and its in their best interests to offer a reliable service so that users keep coming back. The more views they get, the more they make. That’s how ads work after all. So disposable emails are here to stay.

Why are temporary emails damaging?

Temporary Emails aren’t harmful by themselves. They’re a great way to stay private online and break the link between your online self and your real self. Sometimes, users will just want to try your service with no obligation - and that’s also fine. If it’s good, they’ll eventually convert.

The problem comes about when users start using temporary emails to get around free usage allowances. It’s not uncommon for services to allow users to “try before they buy”, but it’s when those users then keep signing up with multiple accounts that issues arise.

Services naturally cost money to operate, and with AI consuming so much energy as well as processing power, each image or task has a real cost associated to it. So preventing temporary email service suddenly becomes interesting to services.

So why is blocking temporary email domains not enough?

It might work for a short time, but ultimately new domains are bought and you’re relying on free block lists to keep you protected. It’s not a pro-active approach to preventing service abuse, and it won’t be as effective as using an up to date database which analyses each domain it is provided.

By using a free block list you also won’t have real time blocking available to you. All it takes is for one person to create - or automate - multiple accounts to abuse your service in a short period of time. By using a constantly updating database, you stay one step ahead of the attackers, and allow our database to stand in the way of abusive accounts.

How can Temp Mail Detector help?

The Temp Mail Detector API offers a simple way to analyse new signups. We don’t need the email, but rather the domain, as from this we are able to analyse and detect whether a service is likely to be a temporary email provider or not.

This also relieves you of having to deal with the complexities of GDPR, as you will never provide us with a full email address. Only the domain name. By not providing us the full email, you don’t need to worry about the misuse of your users’ data, nor does your cybersecurity or risk department.

What sort of data can I expect from your API?

We could go into a lot of detail here, but why not simply show you? Below you will find an example output of a genuine temporary email provider. You can choose how you wish to interpret this data.

{
  "domain": "20minutemail.it",
  "score": 100,
  "meta": {
    "block_list": true,
    "domain_age": 0,
    "website_resolves": false,
    "accepts_all_addresses": false,
    "valid_email_security": true
  }
}

Certain users may decide that a non-resolving websites is a bad signal and couple that with our block_list value to make their decision. Others might like to rely on our scoring system which takes various factors into account to produce a final score between 0 and 100.

Ultimately the choice is yours, and coupling our API with features such as IP rate limiting and fingerprinting will result in the best possible result.

By using our community fed based database of providers, you have the tools available to help prevent abuse on your service. What’s more, we also offer 200 free credits a month for all users, so you can get started now completely risk-free.

Stop fraudulent signups