
Blocking Disposable Emails with the laravel-disposable-email Package
Posted by
kamlesh paulon
May 5, 2025| 3 min read
Last updated on : May 5, 2025
Disposable emails are temporary addresses often used for spam, fake sign-ups, or bypassing verification steps.
The laravel-disposable-email
package solves this by blocking disposable email domains. With support for over 106,000+ known disposable domains, it integrates seamlessly with Laravel to enhance your app’s security and data integrity.
In this article, we’ll explore all the features of the package with practical examples to help you integrate it into your Laravel projects.
Table of contents
Installation
Install the package via Composer:
composer require erag/laravel-disposable-email
Laravel 11 and 12
Manually register the service provider in /bootstrap/providers.php
:
return [
// Other providers...
EragLaravelDisposableEmail\LaravelDisposableEmailServiceProvider::class,
];
Laravel 8, 9, and 10
No configuration needed — the package uses Laravel’s auto-discovery.
Publish Configuration
php artisan erag:install-disposable-email
This creates a config/disposable-email.php
file where you can customize the blacklist path, auto-sync settings, and remote source URLs.
Features and Usage
1. Form Validation
Block disposable emails directly in your form validation.
Option 1: String-based rule
public function rules()
{
return [
'email' => ['required', 'email', 'disposable_email'],
];
}
Option 2: Class-based rule
use EragLaravelDisposableEmail\Rules\DisposableEmailRule;
public function rules()
{
return [
'email' => ['required', 'email', new DisposableEmailRule],
];
}
If someone submits an email like
user@temp-mail.org
, validation will fail with an error like: "Please use a real email address."
2. Runtime Email Checking
Use the DisposableEmail
facade anywhere in your application:
use EragLaravelDisposableEmail\Facades\DisposableEmail;
$email = 'user@mailinator.com';
if (DisposableEmail::isDisposable($email)) {
return redirect()->back()->with('error', 'Disposable emails are not allowed.');
}
This is useful for checking emails after registration or during user updates.
3. Blade Directive
Display different UI content based on whether an email is disposable:
@disposableEmail($user->email)
<p class="text-red-500">This email is disposable.</p>
@else
<p class="text-green-500">This email is valid.</p>
@enddisposableEmail
Great for admin dashboards or user profile pages.
4. Auto-Sync Disposable Domains
Keep your domain list up-to-date using the sync command:
php artisan erag:sync-disposable-email-list
Automate it with Laravel Scheduler in app/Console/Kernel.php
:
protected function schedule(Schedule $schedule)
{
$schedule->command('erag:sync-disposable-email-list')->weekly();
}
By default, it syncs from trusted sources like
disposable-email-domains
andfakefilter
. You can add more URLs in the config file.
5. Custom Blacklist
Need to block additional domains? Add them to the blacklist file:
storage/app/blacklist_file/disposable_domains.txt
One domain per line:
fakeemail.com
spamdomain.org
The package will merge these with its internal list during validation.
6. Zero Configuration Required
Don’t want to change any settings? No problem.
Just install the package, and it works out of the box. Customization is fully optional.
Why Block Disposable Emails?
- Cleaner Database: Store only real users, improving data integrity.
- Less Spam: Prevent fake or abusive accounts.
- Improved Deliverability: Avoid sending to addresses that bounce.
- Enhanced Security: Stop malicious actors from abusing sign-ups or free trials.
For example, in a SaaS app offering a free trial, users could abuse the trial repeatedly using disposable emails. Or on a forum, spam bots could create hundreds of fake accounts. This package shuts that down — fast.
Conclusion
The laravel-disposable-email package is a simple yet powerful way to block disposable emails in your Laravel app. With features like:
- Validation rules
- Runtime checks
- Blade directives
- Auto-syncing
- Custom blacklists
it gives you everything you need to protect your application from spam and fake sign-ups.
It's open-source, actively maintained, and highly recommended for any Laravel developer serious about maintaining a secure and clean user base.
Give it a try — and keep your database junk-free.
Get updates directly to your inbox.
Join 500+ developers getting updates on Laravel & Next.js tips. No spam,
unsubscribe anytime.