Blocking Disposable Emails with the laravel-disposable-email Package

Blocking Disposable Emails with the laravel-disposable-email Package

Posted by

kamlesh paul

on

May 5, 2025

3 min read

Last updated on : May 5, 2025

164 views

Disposable emails are temporary addresses often used for spam, fake sign-ups, or bypassing verification steps.

The laravel-disposable-email package solves this by blocking disposable email domains. With support for over 106,000+ known disposable domains, it integrates seamlessly with Laravel to enhance your app’s security and data integrity.

In this article, we’ll explore all the features of the package with practical examples to help you integrate it into your Laravel projects.

Table of contents

Installation

Install the package via Composer:

composer require erag/laravel-disposable-email

Laravel 11 and 12

Manually register the service provider in /bootstrap/providers.php:

return [
    // Other providers...
    EragLaravelDisposableEmail\LaravelDisposableEmailServiceProvider::class,
];

Laravel 8, 9, and 10

No configuration needed — the package uses Laravel’s auto-discovery.

Publish Configuration

php artisan erag:install-disposable-email

This creates a config/disposable-email.php file where you can customize the blacklist path, auto-sync settings, and remote source URLs.

Features and Usage

1. Form Validation

Block disposable emails directly in your form validation.

Option 1: String-based rule

public function rules()
{
    return [
        'email' => ['required', 'email', 'disposable_email'],
    ];
}

Option 2: Class-based rule

use EragLaravelDisposableEmail\Rules\DisposableEmailRule;
 
public function rules()
{
    return [
        'email' => ['required', 'email', new DisposableEmailRule],
    ];
}

If someone submits an email like user@temp-mail.org, validation will fail with an error like: "Please use a real email address."

2. Runtime Email Checking

Use the DisposableEmail facade anywhere in your application:

use EragLaravelDisposableEmail\Facades\DisposableEmail;
 
$email = 'user@mailinator.com';
 
if (DisposableEmail::isDisposable($email)) {
    return redirect()->back()->with('error', 'Disposable emails are not allowed.');
}

This is useful for checking emails after registration or during user updates.

3. Blade Directive

Display different UI content based on whether an email is disposable:

@disposableEmail($user->email)
    <p class="text-red-500">This email is disposable.</p>
@else
    <p class="text-green-500">This email is valid.</p>
@enddisposableEmail

Great for admin dashboards or user profile pages.

4. Auto-Sync Disposable Domains

Keep your domain list up-to-date using the sync command:

php artisan erag:sync-disposable-email-list

Automate it with Laravel Scheduler in app/Console/Kernel.php:

protected function schedule(Schedule $schedule)
{
    $schedule->command('erag:sync-disposable-email-list')->weekly();
}

By default, it syncs from trusted sources like disposable-email-domains and fakefilter. You can add more URLs in the config file.

5. Custom Blacklist

Need to block additional domains? Add them to the blacklist file:

storage/app/blacklist_file/disposable_domains.txt

One domain per line:

disposable_domains.txt
fakeemail.com
spamdomain.org

The package will merge these with its internal list during validation.

6. Zero Configuration Required

Don’t want to change any settings? No problem.

Just install the package, and it works out of the box. Customization is fully optional.

Why Block Disposable Emails?

  • Cleaner Database: Store only real users, improving data integrity.
  • Less Spam: Prevent fake or abusive accounts.
  • Improved Deliverability: Avoid sending to addresses that bounce.
  • Enhanced Security: Stop malicious actors from abusing sign-ups or free trials.

For example, in a SaaS app offering a free trial, users could abuse the trial repeatedly using disposable emails. Or on a forum, spam bots could create hundreds of fake accounts. This package shuts that down — fast.

Conclusion

The laravel-disposable-email package is a simple yet powerful way to block disposable emails in your Laravel app. With features like:

  • Validation rules
  • Runtime checks
  • Blade directives
  • Auto-syncing
  • Custom blacklists

it gives you everything you need to protect your application from spam and fake sign-ups.

It's open-source, actively maintained, and highly recommended for any Laravel developer serious about maintaining a secure and clean user base.

Give it a try — and keep your database junk-free.

Get updates directly to your inbox.

Join 500+ developers getting updates on Laravel & Next.js tips. No spam,
unsubscribe anytime.


Share this article:

164 views