In this guide, we will learn how to block disposable emails in a Laravel application using a powerful and ready-to-use package laravel-disposable-email.
Email verification is a critical part of any web application. However, many users try to bypass this by using disposable or temporary email addresses. These emails are active only for a short time and are mostly used to access free trials, avoid spam filters, or create fake accounts.
Why Do We Need to Block Disposable Emails?
Blocking disposable emails in a Laravel application is important because such emails reduce the quality of your user database.
For example, if you are running a SaaS platform or an e-commerce store, disposable emails can lead to spam signups, fake accounts, and loss of genuine leads and can cause issues when running promotion, campaigns.
Why Use This Package?
This package is simple to set up and provides powerful tools to detect and block disposable email domains. Instead of manually maintaining a blocklist or writing custom validation logic, you can integrate this package and instantly secure your Laravel application and reduce development time.
Key Features
- 100,000+ known disposable domains already included
- Custom validation rule for form requests
- Runtime email checking via helper and facade
- Blade directive support for conditionals
- Auto-sync with remote domain lists
- Add your own custom block-list with ease
- Zero-configuration setup with publishable config
Install and Configure
Before using it we need to install it via composer. Open you terminal and enter below command to install Laravel desposible email package:
composer require eramitgupta/laravel-disposable-emailOptionally, you can publish the configuration file:
php artisan vendor:publish --tag=disposable-email-configThis gives you flexibility to customize blocklists and other settings. It’s not required for general requirements.
Validating Disposable E-mail in Form Request
The package already provides custom validation rule for validation disposable email directly into form request. We just have to implement it like any other custom validation rule.
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use EragLaravelDisposableEmail\Rules\DisposableEmailRule;
class SubscriberRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'email' => ['required', 'email', new DisposableEmailRule()],
];
}
}As per above example, we are validating request for subscriber event and checking email is not disposable using Laravel disposable email package.
Runtime Checking with Helper
You can also check disposable emails dynamically anywhere in your application with help of it’s facade.
use EragLaravelDisposableEmail\Rules\DisposableEmailRule;
if (DisposableEmail::isDisposable('test@mailinator.com')) {
// Handle blocked email
}This is useful in cases like bulk user import or custom email verification extending it’s feature along with other requirements.
Checking Disposable Email with Blade Directive
As for frontend part where you want to show and hide content part based on user’s mail, you can use blade directive.
@disposable('test@mailinator.com')
This is a disposable email
@else
This is a real email
@enddisposableCustom Blocklist
The package itself provides validation against more than 106,000 plus domains but however sometimes you need to add few domain as your requirement from accessing your application. In cases like this, it allows you to block domains
To achieve this, you have make some configuration:
return [
'blacklist_file' => storage_path('app/blacklist_file),
'remote_url' => [
'https://raw.githubusercontent.com/disposable/disposable-email-domains/master/domains.txt',
'https://raw.githubusercontent.com/7c/fakefilter/refs/heads/main/txt/data.txt',
],
'cache_enabled' => false,
'cache_ttl' => 60,
];Once you have changed configuration file, you need to create blacklist_file and provide list of invalid domains for your Laravel application.
0-00.usa.cc
0-30-24.com
0-attorney.com
0-mail.comIf the file contains anything other than plain domains like comments or extra data, it may cause parsing issues.
Conclusion
Blocking disposable emails in Laravel helps maintain a clean user base, prevent fake accounts, and improve deliver-ability. With validation rules, runtime checks, Blade directives, auto-sync, and custom block-lists, this solution makes it easy to ensure only real users sign up.
