Laravel Disposable Email Detection

Why You Need to Block Disposable Email Addresses

Disposable email addresses present a significant challenge for web applications. These temporary email services allow users to register with throwaway addresses that expire after a short time, often leading to:

  • Increased spam in your application
  • Fraudulent accounts that bypass verification
  • Lost communication with users when emails expire
  • Reduced quality of your user database

Fortunately, Laravel developers now have an elegant solution with the Laravel Disposable Email Detection package by Erag.

What Makes This Package Stand Out

The Laravel Disposable Email Detection package offers a robust solution with several impressive features:

  • Massive Database: Contains over 106,580 known disposable email domains
  • Multiple Integration Methods: Form validation, runtime checking, and Blade directives
  • Auto-Sync Capability: Keeps your blacklist updated from remote sources
  • Custom Blacklisting: Easily add your own domains to block
  • Zero Configuration: Works out of the box with sensible defaults
  • Laravel Compatibility: Works with Laravel 8, 9, 10, 11, and 12

Installation and Setup (Quick Start)

Getting started with the package is straightforward:

1. Install via Composer 

composer require erag/laravel-disposable-email

2. Publish the Configuration 

php artisan erag:install-disposable-email

This creates a config/disposable-email.php file where you can customize the package's behavior.

Implementation Methods (with Code Examples)

Method 1: Form Validation Rules

The package provides multiple ways to validate email addresses in your forms:

Using the Custom Rule Object: 

use EragLaravelDisposableEmail\Rules\DisposableEmailRule;

$request->validate([
    'email' => ['required', 'email', new DisposableEmailRule()],
]);

Using String-Based Validation: 

$request->validate([
    'email' => 'required|email|disposable_email',
]);

Method 2: Runtime Email Checking

You can programmatically check email domains anywhere in your application:

use EragLaravelDisposableEmail\Rules\DisposableEmailRule;

if (DisposableEmailRule::isDisposable('[email protected]')) {
    // This is a disposable email - handle accordingly
}

Or use the convenient facade:

use DisposableEmail;

if (DisposableEmail::isDisposable('temporarymail.org')) {
    // Block registration, show warning, etc.
}

Method 3: Blade Directive for Templates

The package includes a Blade directive for conditional rendering:

@disposableEmail('[email protected]')
    
        This appears to be a disposable email address. Please use your primary email.
    
@else
    
        Email address accepted!
    
@enddisposableEmail

Maintaining Your Disposable Email Database

Automatic Synchronization

Keep your disposable email list current by running:

php artisan erag:sync-disposable-email-list

This command fetches the latest known disposable domains from remote sources defined in your config file.

Adding Custom Domains

You can easily extend the blacklist with your own domains:

  1. Navigate to storage/app/blacklist_file/
  2. Create or edit disposable_domains.txt
  3. Add domains (one per line): 
throwaway-domain.com
   temporary-mail.net
   fakeuser.org

Real-World Implementation Examples

User Registration Form 

namespace App\Http\Controllers;

use App\Models\User;
use Illuminate\Http\Request;
use EragLaravelDisposableEmail\Rules\DisposableEmailRule;

class RegistrationController extends Controller
{
    public function store(Request $request)
    {
        $validated = $request->validate([
            'name' => 'required|string|max:255',
            'email' => ['required', 'email', 'unique:users', new DisposableEmailRule()],
            'password' => 'required|min:8|confirmed',
        ]);

        // Create user if validation passes
        $user = User::create($validated);

        // Continue with registration...
    }
}

Email Change Verification 

public function updateEmail(Request $request)
{
    $request->validate([
        'new_email' => ['required', 'email', 'unique:users,email', 'disposable_email'],
    ]);

    // Process email change...
}

Configuration Options

The package is highly customizable through the config/disposable-email.php file:

return [
    'blacklist_file' => storage_path('app/blacklist_file'),

    'remote_url' => [
        'https://raw.githubusercontent.com/disposable/disposable-email-domains/master/domains.txt',
        'https://raw.githubusercontent.com/7c/fakefilter/refs/heads/main/txt/data.txt',
    ],
];

You can modify these settings to:

  • Change the location of your blacklist file
  • Add or modify remote sources for disposable domains
  • Customize validation error messages

Performance Considerations

The package maintains an optimal balance between accuracy and performance:

  • Uses efficient file caching for domain lists
  • Performs fast string comparisons for email validation
  • Minimal impact on application performance

Conclusion: Protecting Your Application's Integrity

Implementing the Laravel Disposable Email Detection package provides a powerful layer of protection for your application. By preventing disposable email registrations, you can:

  • Ensure reliable communication with your users
  • Reduce spam and fraudulent accounts
  • Maintain a higher quality user database
  • Improve overall platform security

Whether you're building a new Laravel application or enhancing an existing one, this package offers an elegant solution to the persistent problem of throwaway email addresses.

Installation Links