EmailProbe maintains 202,686 disposable email domains — the largest public list available, updated every 15 minutes from nine open-source blocklists, two proprietary research datasets, seventeen live provider monitors, and crowdsourced API signals. Check any domain instantly with the free open endpoint:
GET https://api.emailprobe.dev/open/v1/disposable/{domain}Check any email domain right now
Hit the live open API. Try mailinator.com, gmail.com, or any domain you suspect.
Powered by the free open API. Want full multi-layer detection (MX + IP clustering + heuristics)? Get a free API key →
Every SaaS product with a signup form has the same problem: a chunk of your "users" never intended to stick around. They signed up with a throwaway email from Mailinator or Guerrilla Mail, grabbed whatever they wanted from your free tier, and disappeared. Your user count went up, your activation rate went down, and your transactional emails bounced into the void.
Blocking these signups requires a disposable email domains list — a database of every domain associated with temporary email services. The catch is that these services multiply faster than most lists can keep up. We maintain a list of 202,686 disposable domains, updated every 15 minutes, and we make it available through a free API.
This post breaks down what disposable email domains are, why static lists fail, where our data comes from, and how to wire it into your signup flow with a few lines of code.
What Are Disposable Email Domains?
A disposable email domain belongs to a service that gives users temporary, throwaway inboxes. The user gets a working email address — they can receive a verification link, read it, click it — and then the inbox self-destructs after a few minutes or hours. No registration required. No password. No trace.
Some services generate random addresses on the fly (xk47fg@sharklasers.com). Others let users pick a custom local part but rotate through dozens of domains. A few sophisticated providers give you a full inbox UI with multiple aliases and custom forwarding rules.
The key thing these domains share: nobody uses them as their real email address. If someone signs up with anything@guerrillamail.com, they are explicitly avoiding giving you a way to reach them later. For a SaaS product that depends on onboarding emails, activation sequences, or account recovery, that signup is dead on arrival.
Why You Need a Disposable Email Domains List
If you run a product with a free tier, trial period, or any gated content, disposable emails hit you in several ways:
- Inflated user counts. Your database fills with accounts that will never convert. Every metric downstream — activation rate, trial-to-paid conversion, DAU/MAU — gets diluted.
- Wasted compute and email sends. Onboarding sequences, drip campaigns, and transactional emails get sent to addresses that no longer exist. Your bounce rate climbs, which damages your sender reputation.
- Free tier abuse. Users create unlimited accounts by generating a new disposable address every time. If your free tier includes API credits, they drain those credits without ever paying.
- Skewed analytics. Product decisions based on funnel data that includes thousands of ghost users lead you in the wrong direction. You optimize for users who were never going to stay.
- Support burden. Some of these accounts will trigger alerts, create orphaned data, or break assumptions in your billing pipeline.
A maintained list of disposable email providers at the point of registration is the simplest fix. Check the domain before creating the account. If it matches, reject the signup or route it into a restricted flow.
How Big Is the Problem?
The disposable email market is not small, and it is growing. There are over 4,000 distinct temporary email services operating today, and many of them cycle through multiple domains to avoid blocklists. A single service like Guerrilla Mail uses dozens of domain aliases. Temp-mail.org rotates domains weekly.
Most open-source disposable email lists contain between 30,000 and 55,000 domains. That was adequate in 2020. It is not adequate now. The gap between a typical open-source list and the real number of disposable domains means 70-80% of newer services slip through undetected.
If you are relying on a static JSON file you downloaded from GitHub two years ago, a significant percentage of disposable signups are getting through.
The Largest Disposable Email Domains List
EmailProbe maintains a disposable email list of 202,686 domains — roughly 4 to 6 times larger than what most validation services or open-source lists provide. Here is how our coverage compares:
| Source | Domains | Updates | MX Check |
|---|---|---|---|
| EmailProbe | 202,686 | Every 15 min | Yes |
| disposable-email-domains (GitHub) | ~3,500 | Manual PRs | No |
| FakeFilter | ~4,800 | Monthly | No |
| Burner Emails (GitHub) | ~12,000 | Occasional | No |
| UserCheck | ~55,000 | Daily | No |
| VerifyMail.io | ~30,000 | Weekly | No |
The size difference matters because disposable email operators specifically create new domains to evade blocklists. If your list is missing 150,000 domains, you are missing the domains that were created specifically to bypass your protection.
Beyond raw domain count, EmailProbe runs multi-layer detection: even if a domain is not yet in the blocklist, we check its MX records against a curated set of known disposable mail infrastructure, resolve IPs against infrastructure fingerprints we track, and run heuristic scoring. Multiple signals combine to catch domains that single-source blocklists miss.
Where Do These Domains Come From?
Our 202,686-domain list is aggregated from multiple sources and continuously validated:
Open-source community lists
We sync 9 public GitHub repositories every 15 minutes. These include the most popular open-source disposable domain lists maintained by the developer community. Each sync merges new entries and cross-references against our whitelist to prevent false positives.
Proprietary research
Two internal datasets — one with 96,725 domains and another with 72,896 — are maintained through direct research. We crawl disposable email service landing pages, extract their available domain lists, and monitor their domain rotation patterns.
Live provider monitoring
We run automated monitors on 17 of the most active temporary email providers. Some expose their domains through APIs. Others require web scraping. A few require JavaScript rendering to extract domains from their single-page apps. When a provider adds a new domain, we detect it within minutes.
Crowdsourced intelligence
As developers use EmailProbe to validate emails, we aggregate anonymized domain-level signals. When multiple unrelated customers start seeing random-string signups from the same unknown domain, that is a strong indicator of a new disposable service. This crowdsourced detection catches services that no static list can find because they are too new or too obscure.
False positive prevention
Just as important as catching disposable domains is not blocking legitimate ones. We maintain a whitelist of 190 free email providers (Gmail, Yahoo, Outlook, ProtonMail, iCloud, and many regional providers). We have also curated a list of 310 domains that were removed from upstream open-source lists because they were incorrectly flagged. Every domain in our list is validated against these safeguards before being served through the API.
Browse our complete provider database
EmailProbe maintains detailed pages for every major disposable email service — including operator info, MX infrastructure, sample domains, and integration code samples for blocking signups.
How to Use a Disposable Domain List in Your App
The fastest way to check a domain against our full disposable email domains list is through the free open API. No API key required. No signup. Just hit the endpoint.
cURL example
curl https://api.emailprobe.dev/open/v1/disposable/mailinator.comResponse:
{
"domain": "mailinator.com",
"disposable": true,
"confidence": 99,
"provider": "Mailinator",
"cached": true
}Check a legitimate domain:
curl https://api.emailprobe.dev/open/v1/disposable/gmail.com{
"domain": "gmail.com",
"disposable": false,
"confidence": 99,
"cached": true
}JavaScript example (signup form)
Here is how you might integrate the check into a frontend signup form. Remember: always validate server-side too. Frontend checks are for UX feedback; the backend must be the final gatekeeper.
async function isDisposableEmail(email) {
const domain = email.split('@')[1];
if (!domain) return false;
const res = await fetch(
`https://api.emailprobe.dev/open/v1/disposable/${domain}`
);
if (!res.ok) {
// API unavailable — fail open or closed,
// depending on your risk tolerance
console.warn('EmailProbe API unavailable:', res.status);
return false;
}
const data = await res.json();
return data.disposable === true;
}
// Usage in a signup handler
document.getElementById('signup-form')
.addEventListener('submit', async (e) => {
e.preventDefault();
const email = document.getElementById('email').value;
if (await isDisposableEmail(email)) {
showError('Please use a permanent email address.');
return;
}
// Proceed with signup...
submitSignup(email);
});Node.js / server-side example
For authenticated requests with higher rate limits, use your API key with the full validation endpoint:
const API_KEY = process.env.EMAILPROBE_API_KEY;
async function validateEmail(email) {
const res = await fetch('https://api.emailprobe.dev/v1/validate', {
method: 'POST',
headers: {
'Authorization': `Bearer ${API_KEY}`,
'Content-Type': 'application/json',
},
body: JSON.stringify({ email }),
});
if (!res.ok) {
throw new Error(`Validation failed: ${res.status}`);
}
return res.json();
}
// In your Express route handler
app.post('/api/signup', async (req, res) => {
const { email, password } = req.body;
const result = await validateEmail(email);
if (result.verdict === 'disposable') {
return res.status(422).json({
error: 'Disposable email addresses are not allowed.',
code: 'DISPOSABLE_EMAIL',
});
}
// Create the account...
});API vs. Static List: Why an API Wins
You could download a disposable domain list as a text file and check against it locally. Many developers start there. It works at first. Then it stops working, for predictable reasons:
- Staleness. A static file is frozen at the moment you download it. New disposable domains appear daily. Within a month your list is missing hundreds of domains. Within a year, thousands.
- Maintenance burden. Someone on your team has to remember to update the list, merge upstream changes, handle conflicts, and deploy. This never stays on anyone's priority list.
- No MX/IP detection. A static domain list can only do exact-match lookups. If a disposable service launches a domain that is not in your file, it passes. An API with MX fingerprinting and IP clustering catches those unknown domains by recognizing the underlying infrastructure.
- False positives. Without active curation, static lists accumulate false positives — legitimate domains that got incorrectly added. You end up blocking real users. An API with a maintained whitelist prevents this.
- Deployment complexity. As your list grows past 100K entries, loading it into memory on every cold start has performance implications. An API offloads that entirely.
The open API endpoint (GET /open/v1/disposable/:domain) is free, requires no authentication, and supports CORS for browser-side calls. There is no reason to maintain a static file.
| Static List | EmailProbe API | |
|---|---|---|
| Updates | Manual | Every 15 minutes |
| Coverage | 30K-55K domains | 202,686 domains |
| MX detection | No | Yes |
| IP clustering | No | Yes |
| False positive prevention | Manual | 190-domain whitelist + 310 removed FPs |
| Maintenance | Your team | Zero |
| Cost | Free (but time cost) | Free tier: 2,500/mo |
Beyond Domain Matching: Multi-Layer Detection
A disposable email domains list handles the common case — the domains we already know about. But sophisticated users rotate to new domains specifically to avoid blocklists. EmailProbe combines multiple detection signals to cover the domains that slip past any static list:
- Domain blocklist — Direct lookup against 202,686 known disposable domains. Fast, cached, handles the bulk of detections.
- MX infrastructure fingerprinting — DNS lookup of the domain's MX records, matched against a curated set of known disposable mail infrastructure. Catches new domains pointing to known disposable infrastructure.
- IP clustering — Resolves MX hostnames to IP addresses and checks them against infrastructure fingerprints we track. Even if a service changes its MX hostname, the underlying IP range often stays the same.
- Heuristic scoring — For completely unknown domains, we apply pattern-based signals including domain structure, TLD risk, and keyword analysis. This produces an advisory risk score rather than a binary verdict.
The full pipeline runs in under 200ms including DNS lookups (under 50ms for cached domains). You get a confidence score from 0 to 100 and a verdict of safe, disposable, suspicious, or unknown.
How to Get Started
You can start checking domains against our disposable email list right now, without creating an account:
- Try the free checker — paste any email or domain into our free domain checker tool and get an instant result.
- Hit the open API — the
GET /open/v1/disposable/:domainendpoint requires no API key. Use it from your frontend, a script, or curl. Rate limit: 10 requests per day per IP. - Get an API key for production — sign up for free and get 2,500 validations per month with the full multi-layer engine, including MX checks, IP clustering, and detailed response data.
- Scale up when you need to — paid plans start at $9/mo for 10,000 validations. No contracts, cancel anytime.
Frequently Asked Questions
What is a disposable email domain?
A disposable email domain is the host portion of a temporary email address (for example, the part after the @ in xk47fg@sharklasers.com). It belongs to a service that issues short-lived inboxes without registration, allowing users to receive a verification email and then discard the address. Common examples include Mailinator, Guerrilla Mail, Temp-Mail, and 10MinuteMail.
How many disposable email domains exist?
EmailProbe tracks 202,686 disposable email domains as of June 2026, sourced from nine open-source repositories, two proprietary research datasets, seventeen live provider monitors, and crowdsourced detection from API traffic. Roughly 50 new disposable domains are detected per day, and the database is refreshed every 15 minutes.
How can I check if an email domain is disposable?
Send a GET request to https://api.emailprobe.dev/open/v1/disposable/{domain}. The free open endpoint requires no API key, supports CORS, and returns JSON with a disposable boolean and a confidence score from 0 to 100. Example: curl https://api.emailprobe.dev/open/v1/disposable/mailinator.com returns {"domain":"mailinator.com","disposable":true,"confidence":99}.
Is using a disposable email address illegal?
No, using a disposable email address is not illegal in any jurisdiction. However, SaaS products are legally allowed to refuse signups from disposable domains under their terms of service. Many services block disposable emails to prevent free-tier abuse, fake account creation, and skewed analytics.
What is the difference between a disposable email and a free email provider like Gmail?
A free email provider (Gmail, Yahoo, Outlook, ProtonMail, iCloud) issues persistent addresses tied to a registered account that users rely on long-term. A disposable email provider issues short-lived, anonymous addresses with no registration, intended to be discarded within minutes or hours. EmailProbe maintains a whitelist of 190 legitimate free providers to prevent them from being incorrectly flagged as disposable.
Are Mailinator and Guerrilla Mail disposable email services?
Yes. Mailinator and Guerrilla Mail are two of the largest temporary email providers, both classified as disposable. Each operates dozens of rotating domain aliases. EmailProbe detects every known Mailinator and Guerrilla Mail domain and refreshes the alias list every 15 minutes.
How often is the EmailProbe disposable email domains list updated?
The list is updated every 15 minutes via automated synchronization with nine GitHub-hosted open-source blocklists, live monitoring of seventeen temporary email providers, and crowdsourced detection from anonymized API traffic. Most competing static lists update monthly or only via manual pull requests, leaving them 30 to 90 days behind.
Can I download a free list of all disposable email domains?
Downloading a static file becomes stale within days because new disposable domains appear continuously. Instead, EmailProbe provides a free open API (https://api.emailprobe.dev/open/v1/disposable/{domain}) that always returns the current state without requiring a download, refresh, or deployment. The free tier allows 2,500 authenticated validations per month plus the open endpoint.
Check any domain against 202,686 disposable domains
Free API. No signup required for the open endpoint. Full multi-layer detection with a free account.
Get Free API Keyor try the free domain checker
If you have questions about integration, rate limits, or batch validation, check the API documentation or reach out through our support page.