• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Addon to check against disposable / temporary email domain list


Well-known member
XF v1.3 StopForumSpam ( /admin.php?options/list/usersAndRegistration ) does not check against list of known disposable / temporary email domains.

http://www.block-disposable-email.com/ has a great API for checking against such domains, thus requesting an add-on that will achieve this.

Perhaps @tenants it would be a great addition to your current anti-spam suite of addons?


Well-known member
Last edited:


Well-known member
I've just added it to the default settings of AnyAPI, so you only need to tick to activate it (under ACP >> Tools >> AnyAPI Logic) and add your API key

It looks like it's a paid service, so I haven't fully tested it, but the API response looks fairly simple (so hopefully no problems). Unfortunately, there isn't a good way to test the JSON API responses with a free key

If you want to use this, just un-install AnyAPI and re-install it again (then tick to activate, and add your API key)

AnyAPI should be able to deal with Any API, all you need to do is add a request URL and the logic of what you want to happen with the response,

Examples here:
Last edited:


Well-known member
Actually, they do give you 200 free requests per month (after filling out "REGISTER NEW SERVER TO ACCESS API" ), and I've just tested it.. it seems to work

{"request_status":"success","domain_status":"ok","version":"0.1","servertime":"2014-03-17 11:19:00","server_id":"mirror5_vienna"}

If you tick the option to only check on CAPTCHA fails, it's possible you wont even reach this quota (depending on your forum activity), since requests are cached in the session, and requests are also cached in your local database (stored for x-days, defined in the ACP). If you have a busy forum, you'll probably need to pay for this API. If there is a similar free one, let me know about it and I will add the settings to AnyApi


Well-known member
Does blocking disposable email addresses give the user a notification of what is going on or will this results in a mass of support requests?


Well-known member
For any of the APIs you use, when prevented from registration, the user is provided a message:

Please correct the following errors:

Sorry you've been detected against the "FSpamlist" database

Or in this case

Please correct the following errors:

Sorry you've been detected against the "Block Disposable Email" database

This is the name that you give your API in the ACP AnyApi Logic, it's then up to the user.

They could of course still contact you (the admin of the forum), but they are more likely to stop using disposable email addresses or look at the "Block Disposable Email" API

GMail, YMail and Hotmail are not disposable email address, see: http://en.wikipedia.org/wiki/Disposable_email_address
Sadly these non-disposable emails addresses are the ones bots mostly use...

Malicious humans seem to more frequently use disposables

Disposable emails are things like:
  • Guerrillamail
  • Mailinator
  • TrashMail
  • Spamgourmet
  • 10minutemail