Skip to content
a list of disposable and temporary email address domains
Branch: master
Clone or download
martenson Merge pull request #202 from dziaineka/patch-1,,,
Latest commit 9716872 Mar 7, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
.travis.yml add check for public suffix Feb 5, 2018
allowlist.conf use neutral language for naming and describing assets in this repo Oct 8, 2018
disposable_email_blocklist.conf,,, Mar 7, 2019
requirements.txt use the altest version of PSL database Feb 5, 2018 use neutral language for naming and describing assets in this repo Oct 8, 2018

List of disposable email domains

Licensed under CC0

This repo contains a list of disposable and temporary email address domains often used to register dummy users in order to spam/abuse some services.

Originally collected to filter new user registration at and later merged with other lists found online. I cannot guarantee all of these can still be considered disposable but they probably were at one point in time.


The file allowlist.conf gathers email domains that are often identified as disposable but in fact are not.

Example Usage


blocklist = ('disposable_email_blocklist.conf')
blocklist_content = [line.rstrip() for line in blocklist.readlines()]
if email.split('@')[1] in blocklist_content:
    message = "Please enter your permanent email address."
    return (False, message)
    return True

Available as PyPI module thanks to @di

>>> from disposable_email_domains import blocklist
>>> '' in blocklist

PHP contributed by @txt3rob, @deguif, @pjebs and @Wruczek

  1. Make sure the passed email is valid. You can check that with filter_var
  2. Make sure you have the mbstring extension installed on your server
function isDisposableEmail($email, $blocklist_path = null) {
    if (!$blocklist_path) $blocklist_path = __DIR__ . '/disposable_email_blocklist.conf';
    $disposable_domains = file($blocklist_path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
    $domain = mb_strtolower(explode('@', trim($email))[1]);
    return in_array($domain, $disposable_domains);

Ruby on Rails contributed by @MitsunChieh

In resource model, usually it is user.rb

before_validation :reject_email_blocklist

def reject_email_blocklist
  blocklist ='config/disposable_email_blocklist.conf').split("\n")

  if blocklist.include?(email.split('@')[1])
    errors[:email] << 'invalid email'
    return false
    return true

NodeJs contributed by @martin-fogelman

'use strict';

const readline = require('readline'),
  fs = require('fs');

const input = fs.createReadStream('./disposable_email_blocklist.conf'),
  output = [],
  rl = readline.createInterface({input});

rl.on('line', (line) => {
  console.log(`Processing line ${output.length}`);

rl.on('close', () => {
  try {
    const json = JSON.stringify(output);
    fs.writeFile('disposable_email_blocklist.json', json, () => console.log('--- FINISHED ---'));
  } catch (e) {


private static readonly Lazy<HashSet<string>> _emailBlockList = new Lazy<HashSet<string>>(() =>
  var lines = File.ReadLines("disposable_email_blocklist.conf")
    .Where(line => !string.IsNullOrWhiteSpace(line) && !line.TrimStart().StartsWith("//"));
  return new HashSet<string>(lines, StringComparer.OrdinalIgnoreCase);

private static bool IsBlocklisted(string domain) => _emailBlockList.Value.Contains(domain);


var addr = new MailAddress(email);
if (IsBlocklisted(addr.Host)))
  throw new ApplicationException("Email is blocklisted.");


Feel free to create PR with additions or request removal of some domain (with reasons).


$ cat disposable_email_blocklist.conf your_file | tr '[:upper:]' '[:lower:]' | sort -f | uniq -i > new_file.conf

$ comm -23 new_file.conf allowlist.conf > disposable_email_blocklist.conf

to add contents of another file in the same format (only second level domains on new line without @). It also converts uppercase to lowercase, sorts, removes duplicates and removes allowlisted domains.


  • 7/31/17 @deguif joined as a core maintainer of this project. Thanks!

  • 12/6/16 - Available as PyPI module thanks to @di

  • 7/27/16 - Converted all domains to the second level. This means that starting from this commit the implementers should take care of matching the second level domain names properly i.e. @xxx.yyy.zzz should match yyy.zzz in blocklist more info in #46

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.