ivolo / disposable-email-domains Goto Github PK

What's your policy with domains that are no more used for DEA services?

Most domains in the list don't even have an MX or A record or they don't exists anymore or they don't provide any nameserver, so they can't anymore be disposable email address. At most, they are dead addresses.

Some other domain is alive, but I'm mosty sure they have been disposable years ago and they are now not anymore disposable.

So, my question: are these domains listed "by design" or are they listed "by mistake"?

This project does good and evil. Good because it helps developers to stop some abuse. Evil because it leaves end users unprotected from many SPAMmers, so they are forced to create alternative trash email accounts in "legitimate" domains.

"xn--90abvrccwbp.xn--p1acf"

.xn-p1acf is not a valid TLD. I suggest only including domains with valid TLD's on the list.

Hello Daniel

Why are there two forks of this list (this one and danhstevens/disposable-email-domains)? They seem to both be maintained by you.

Thanks, and cheers,
Luzi.

Hi Ilya,
these domains are hard to catch, I know, I know. That's why I decided to share data in plaintext from www.block-disposable-email.com for this specific dea provider. Feel free to integrate it: https://github.com/GeroldSetz/emailondeck.com-domains

Would be great to get a link from your README.

Gerold

We've been getting quite a bit of spam from disposable emails registered at Mail.com: https://service.mail.com/registration.html

Have you considered adding these ? Not sure what your threshold for spam / disposability is.

mail.com email.com usa.com myself.com consultant.com post.com europe.com asia.com iname.com writeme.com dr.com engineer.com cheerful.com accountant.com techie.com linuxmail.org uymail.com contractor.net accountant.com activist.com adexec.com allergist.com alumni.com alumnidirector.com angelic.com appraiser.net archaeologist.com arcticmail.com artlover.com asia.com auctioneer.net bartender.net bikerider.com birdlover.com brew-meister.com cash4u.com chef.net chemist.com clerk.com clubmember.org collector.org columnist.com comic.com computer4u.com consultant.com contractor.net coolsite.net counsellor.com cyberservices.com deliveryman.com diplomats.com disposable.com dr.com engineer.com execs.com fastservice.com financier.com fireman.net gardener.com geologist.com graduate.org graphic-designer.com groupmail.com hairdresser.net homemail.com hot-shot.com instruction.com instructor.net insurer.com job4u.com journalist.com legislator.com lobbyist.com minister.com musician.org myself.com net-shopping.com optician.com orthodontist.net pediatrician.com photographer.net physicist.net planetmail.com planetmail.net politician.com post.com presidency.com priest.com programmer.net publicist.com qualityservice.com radiologist.net realtyagent.com registerednurses.com repairman.com representative.com rescueteam.com salesperson.net secretary.net socialworker.net sociologist.com solution4u.com songwriter.net surgical.net teachers.org tech-center.com techie.com technologist.com theplate.com therapist.net toothfairy.com tvstar.com umpire.com webname.com worker.com workmail.com writeme.com 2trom.com activist.com aircraftmail.com artlover.com atheist.com bikerider.com birdlover.com blader.com boardermail.com brew-master.com brew-meister.com bsdmail.com catlover.com chef.net clubmember.org collector.org cutey.com dbzmail.com doglover.com doramail.com galaxyhit.com gardener.com greenmail.net hackermail.com hilarious.com keromail.com kittymail.com linuxmail.org lovecat.com marchmail.com musician.org nonpartisan.com petlover.com photographer.net snakebite.com songwriter.net techie.com theplate.com toke.com uymail.com computer4u.com consultant.com contractor.net coolsite.net cyberdude.com cybergal.com cyberservices.com cyber-wizard.com engineer.com fastservice.com graphic-designer.com groupmail.com homemail.com hot-shot.com housemail.com humanoid.net iname.com inorbit.com mail-me.com myself.com net-shopping.com null.net physicist.net planetmail.com planetmail.net post.com programmer.net qualityservice.com rocketship.com solution4u.com tech-center.com techie.com technologist.com webname.com workmail.com writeme.com acdcfan.com angelic.com artlover.com atheist.com chemist.com diplomats.com discofan.com elvisfan.com execs.com hiphopfan.com housemail.com kissfans.com madonnafan.com metalfan.com minister.com musician.org ninfan.com ravemail.com reborn.com reggaefan.com snakebite.com songwriter.net bellair.net californiamail.com dallasmail.com nycmail.com pacific-ocean.com pacificwest.com sanfranmail.com usa.com africamail.com arcticmail.com asia.com asia-mail.com australiamail.com berlin.com brazilmail.com chinamail.com dublin.com dutchmail.com englandmail.com europe.com europemail.com germanymail.com irelandmail.com israelmail.com italymail.com koreamail.com mexicomail.com moscowmail.com munich.com polandmail.com safrica.com samerica.com scotlandmail.com spainmail.com swedenmail.com swissmail.com torontomail.com angelic.com atheist.com disciples.com innocent.com minister.com muslim.com priest.com protestant.com reborn.com reincarnate.com religious.com saintly.com

Best,

Edit: Also -- I just wanted to say thank you!!! This list has already cut down a lot of spam/scams for us.

The newest release here https://github.com/ivolo/disposable-email-domains/releases 1.0.4.

While npm knows about up to 1.0.9. Better this way than the other way around, but would still be good to keep in sync.

PS: Thanks for this module, we just got started filtering these by hand...

http://www.throwawaymail.com/ generates emails with housat.com ending. Can you add it? Thanks!

How would it be if we added a simple CI like travis or similar to run the tests for PRs? I could contribute on that one if I had enough permissions of course :-D

In Apility.io we have included this backlist in our Lookup as a Service because it's really good and up-to-date: IVOLO-DED.

Sorry for the spammy comment! Just wanted to let all committers know!

Hi , do you have some limits for GET requests on url https://open.kickbox.com/v1/disposable/{DomainOrEmailAddress} ?

Hi!

I see in you base domain named by pp.ua, but this address reserved for PrivatePeople.Ukraine - free domain for Ukraine private persons (citizens) and will creating sub-domen, like my - hoi.pp.ua, for every approved by mobile number ukrainians.

I try add MX records for my domain, but every big mail-services call his: 550 Disposable email addresses are not permitted.

Please, help me for fix that. (In MX I use forwarde-mail )

More to add: https://www.luxusmail.org/

@luxusmail.gq
@bitchmail.ga
@bitchmail.ga
@onedaymail.ga
@linuxmail.tk
@10minute.cf
@onedaymail.cf
@luxusmail.tk
@luxusmail.uk

At our service, we got a bunch of registrations from domains that were already added to the master branch since the last release. Can you please schedule new releases more often (maybe #650 can help with this) to have new domains published as soon as possible?

For now, I had to switch to using API for the most accurate version, but this is +1 request to third party service that if possible better to omit and use local list.

privaterelay.appleid.com is an email relay service used by Apple in their new Sign In With Apple (iOS13) and any app/site that wants to implement sign in with apple must allow the user to sign up with this relay email.

Reason why issue is created is because although this could be seen as a disposable email, it is in fact tied to an apple account

Hi, please ban this domain: 10minut.com.pl

So you won't allow signup from a disposable email address service?

oh noes!

What will I do?

Gee, maybe I'll treat a non-listed email service as disposable.

And why would I do that?

BECAUSE

the kind of cretinous fops who blacklist self-protection services are typically the scum bent on spamming me - a behavior I will vociferously resist.

YOU FAIL

This policy is INANITY

Some temp email providers seem to be generating random emails from potentially hundreds of domains that they have access to. Would it be viable to try and blacklist them?

An example is temp-email (Just checked they have access to like 10 domains)

I wanted to thank you for the fantastic job you did.
And I wanted to alert you that I've embedded your APIs in my project.
Here: DEAGuard

Do you think it would be good to run tests for domain mx validity on the list and remove invalid domains ?

I can send a PR for such test then we can use a build server to check run it.

nus.edu.sg is listed as disposable, but appears to be the national university of Singapore. I'm not sure how those are checked out manually, but just adding feedback.

We're seeing fake registrations using hideemail.net domain

If a domain is both wildcard and exact, for example it allows addresses like [email protected] and [email protected], must it appear in both index.json and wildcard.json, or must it be only in wildcard.json?

Catching a few spam emails from the outdated list.

Hey @ivolo! Would you be willing to add me to the npm as well so I can push changes to npmjs? Right now npmjs is showing we're still on v0.0.1. My npmjs username is danhstevens.

Given that there is a gray zone between free and disposable email domains, I created a separate list for free email domains: https://gitlab.com/synappio/free-email-domains

You might want to redirect people asking for free (but not disposable) emails to be listed here (as do I in the reverse direction for disposable emails).

Cheers!

These email addresses seem to be disposable, and a current spammer is using them.

They all appear to be from the same source, but I can't figure out what is the source.
I'll add as comments as the spammer continues to create new profiles.
Please keep me updated if you find where these come from!

mailhub24.com
3mailapp.net
hide-mail.net
hideemail.net

Freenom TLDs are heavily abused by spammers, are blocked by most spam filters and aren't used by any legitimate email providers that I know of. 53.02% of the index.json blacklist is made up of freenom domains.

TLDs:

.TK
.ML
.GA
.CF
.GQ

Hey,

I've just started using your list. It's great, thanks! But... there is at least one false-positive: poczta.onet.pl.
onet.pl is polish news site, and poczta.onet.pl is just regular free email service, but it's not the disposable-kind of free. It's often used by regular users, so would be nice if you could remove it from that list.

4easyemail.com
tempmailapp.com
theeasymail.com

I had some drive-by spam accounts register using these.

https://www.moakt.com/en

sneakemail.com is a service I pay for. It will create alias or virtual email addresses. These are security aids. For example, if I get an email that looks like it's from thingamajig.com but really isn't, I can know that by the email address that the bogus message was sent to. Also, I was one of the first to tell aweber that their lists had been hacked because I started getting spam emails to addresses given only to aweber customers. The same thing happened with another Email Service Provider like aweber.

There are wildcard domains called out explicitly in the wildcard domains, but I am having a hard time imagining a circumstance in which a domain listed in the main index.json should NOT also be considered a wildcard domain.

If they are in fact separate lists, wouldn't that imply that a disposable provider listed in index.json like fakemailz.com would be considered to be a disposable address only if the email looks like [email protected], but NOT if it was [email protected], right? Are there known scenarios where these TLDs are valid if there is indeed a new subdomain present?

Hi,

Please add secure-mail.biz to the list.

Hello,

please add this mfsa.info via https://www.mailforspam.com/

Thanks,

http://www.33mail.com/signup creates mails like [email protected]. It seems the block does not work here. Any chance to get it work?

Hi,

i2pmail.org also a fake email generator used domain.

https://www.whonix.org/wiki/E-Mail#I2Pmail.org

Hello!

Is there a specific reason why some Craigslist sub domains are added as a disposable domain that i'm overlooking?
For example:

comm.craigslist.org
gigs.craigslist.org
hous.craigslist.org
job.craigslist.org 
pers.craigslist.org
res.craigslist.org 
sale.craigslist.org
serv.craigslist.org

Thanks!

Hi,

Please add to your list this provider: inbound.plus

This domain list is misguided and misleading at best. For example, spamgourmet and its alternative domains allow me to discover which web sites share my email address without my permission, which is one of the few effective defenses against spam. Like many users, I open every single message sent to my spamgourmet addresses unless the sender is has proven to be a spammer (this is exactly spamgourmet's purpose after all) which makes the apparent premise of this list just plain wrong.

Sadly, lists like this one have led some web sites to refuse signups to legitimate users, or worse yet, to silently discard outgoing messages to legitimate addresses. Congratulations. You're encouraging broken web sites, lost information, failed communications, increased spam, and just plain bad user experiences. I suggest you rethink this, or at least do a decent job of keeping legitimate domains off of your list.

https://www.mohmal.com/en :

• mozej.com

? :

• pdold.com

Please check

https://trashspam.com/inbox

You have a composer.json file but the package is not registered at https://packagist.org/ then can not be installed with composer require ivolo/disposable-email-domains:

$ composer require ivolo/disposable-email-domains
                                                                                                                                                                
  [InvalidArgumentException]                                                                                                                                      
  Could not find package ivolo/disposable-email-domains at any version for your minimum-stability (stable). Check the package spelling or your minimum-stability  

Regards!

This repository is (one of) the most complete I ever found and I currently use in a NodeJS project.
I just started a project in Go and I found myself unable to use this awesome list.
Would you accept a pull request in which I add support for Go? Maybe with some helper method to check if provided domain is blacklisted and obviously unit test?
What about adding also helpers for JS, PHP and support for Python and maybe even Rust and others? I might end up using those languages as well and I believe this will increase the users of this repo which will lead to improvements of the list itself.

Nevermind

I saw that the "index.json" is getting updated regularly. But release is not there to update the package. So I have to wait for a new release.

It will be great if you make release on 1st and 15th every month. What do you think about it?

I would love to be either added as an author to this repo or would be happy to take over ownership to ensure pull requests are merged quickly and disposable domains closely managed. Let me know if I can help!

Hello,

First ! Congrats for the amazing work done ;)

Is their a hook missing between GitHub > Packagist to maintain the dev-master up to date ?
https://packagist.org/packages/ivolo/disposable-email-domains#dev-master
As I am writing the last commit on packagist is from 2019-04-03 22:17 UTC.

Cheers