Block Disposable email domains from signing-up (PHP)

It is really annoying to know that half of your users’ emails getting bounced because these sneaky users used some disposable email address to register on your site. Yes, it happens a lot, the only way to stop this from happening again is to block them from ever using those phony emails again.

I’ve taken the list of some disposable email domains from here and converted it into array, it can also be stored in database if you want.

We will extract the domain from the user email address and compare it with disposable email domains. This way we can block most disposable email address easily. Just make sure to update your list as you find new disposable email domain.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
$disposable_list = array('drdrb.net', 'upliftnow.com', 'uplipht.com', 'venompen.com', 'veryrealemail.com', 'viditag.com', 'viewcastmedia.com', 'viewcastmedia.net', 'viewcastmedia.org', 'gustr.com', 'webm4il.in',
'wegwerfadresse.de', 'wegwerfemail.de', 'wetrainbayarea.com', 'wetrainbayarea.org', 'wh4f.org',
'whyspam.me', 'willselfdestruct.com', 'winemaven.in', 'wronghead.com', 'wuzup.net',
'wuzupmail.net', 'www.e4ward.com', 'www.gishpuppy.com', 'www.mailinator.com', 'wwwnew.eu',
'xagloo.com', 'xemaps.com', 'xents.com', 'xmaily.com', 'xoxy.net',
'yep.it', 'yogamaven.com', 'yopmail.fr', 'yopmail.net', 'ypmail.webarnak.fr.eu.org',
'yuurok.com', 'zehnminutenmail.de', 'zippymail.in', 'zoaxe.com', 'zoemail.org',
'inboxalias.com', 'koszmail.pl', 'tagyourself.com', 'whatpaas.com', 'emeil.in',
'azmeil.tk', 'mailfa.tk', 'inbax.tk', 'emeil.ir', 'crazymailing.com',
'mailimate.com');

$domain = substr(strrchr($email, "@"), 1); //extract domain name from email

if(in_array($domain, $disposable_list)){
echo "Disposable email not allowed";
}else{
echo "You are good to go";
}

4 Comments Add Comment

  • How would I incorporate this into a registration script?

     Reply
  • Maybe you are forcing people to register when they’d really rather try out your site anonymously.

    I am neither a troll or a spammer, but I will not give a real email to an unknown site. Once I know I like it, and plan to stick around, I’ll use a real email (and if I’m buying stuff) real name.

    But please consider is that the problem is the way sites pester you to register the second you show up, and don’t realize they haven’t earned your trust yet. For a savvy user, every time we use a real email we create a trail that links all our activity on the Web–and maybe we don’t want to leave that breadcrumb on your site just yet.

    On my Web site I am trying out in an “explore” button which allows people to play with the site’s functionality (with a sample set of user data) before giving their info. I’ll see how people respond to it–but I’m hoping with this system I won’t get many disposable email addresses.

     Reply
  • Exactly what I needed and worked perfectly, thank you!!

     Reply
  • Hi, introduced and tested! Thanks a million this can also be used to block persistent spam mailers such as yandex.com! Thanks a million.

     Reply