<< Back to Categories

Disposable Email Detection

About

Detect temporary emails and prevent disposable email addresses (DEA) with a straightforward API request that provides real-time risk scoring. Stop fake accounts and sign-up fraud with filtering for disposable email services. Our disposable domain blocklists are updated multiple times per hour with new services that provide temporary emails so you can quickly blocklist new threats.

You can add the disposable email detection API to your registration and checkout pages for complete protection against fraudulent email addresses and fake accounts. In addition to the email address, additional user information, such as IP address, phone number, and other user data, can be scored.

Lower Fraud Rates & Abusive Users

Protect your site from fraudulent users and abuse with complete email risk scoring. Detect abusive emails recently seen across the IPQS threat network. This can include valid email addresses recently used for chargebacks, sign-up fraud, application fraud, and similar user abuse. This service is an extension of the Email Verification API.

Request URLs

You can use the following URLs to submit email addresses to the Email Verification API. Replace USER_EMAIL_HERE with the email address to analyze.

JSON

XML

Response Examples

Success Responses

This is an example success response in JSON format.

{
	"valid": true,
	"disposable": false,
	"recent_abuse": false,
	"fraud_score":25,
	"leaked": false,
	"first_seen": {
		"human": "3 months ago",
		"timestamp": 1568061634,
		"iso": "2019-09-09T16:40:34-04:00"
	},
	"domain_age": {
		"human": "3 months ago",
		"timestamp": 1568061634,
		"iso": "2019-09-09T16:40:34-04:00"
	},
	"success": true,
	"sanitized_email": "validated@example.com",
	"request_id": "4JAer3sX6rF3PO"
}

This is an example success response in XML format.

<result>
	<valid>true</valid>
	<disposable>false</disposable>
	<recent_abuse>false</recent_abuse>
	<fraud_score>25</fraud_score>
	<leaked>false</leaked>
	<first_seen>
		<human>3 months ago</human>
		<timestamp>1568061634</timestamp>
		<iso>2019-09-09T16:40:34-04:00</iso>
	</first_seen>	
	<domain_age>
		<human>3 months ago</human>
		<timestamp>1568061634</timestamp>
		<iso>2019-09-09T16:40:34-04:00</iso>
	</domain_age>
	<sanitized_email>validated@example.com</sanitized_email>
	<success>true</success>
	<request_id>4JAer3sX6rF3PT</request_id>
</result>

Error Responses

Example errors that you may encounter when accessing our API due to an exhausted credit balance or an invalid email address.

{
	"success":false,
	"message":"You have insufficient credits to make this query. Please contact IPQualityScore support if this error persists.",
	"request_id":"4OTORR352FU0p"
}

{
	"success":false,
	"message":"Invalid email address. Please check the email and try again.",
	"request_id":"4OTORR4EWpl0m"
}

Response Parameters

Any time the disposable email address API returns disposable as true or recent_abuse as true, it is safe to treat the email address as fraudulent.

Field

Description

Possible Values

valid

Does this email address appear valid?

boolean

disposable

Is this email suspected of belonging to a temporary or disposable mail service? These are usually associated with fraudsters and scammers.

boolean

leaked

Was this email address associated with a recent database leak from a third party? Leaked accounts pose a risk as they may have become compromised during a database breach.

boolean

recent_abuse

This value indicates if there has been any recently verified abuse across our network for this email address. Abuse could be a confirmed chargeback, fake signup, compromised device, fake app install, or similar malicious behavior within the past few days.

boolean

fraud_score

The overall Fraud Score of the user based on the email's reputation and recent behavior across the IPQS threat network. Fraud Scores >= 75 are suspicious but not necessarily fraudulent.

float

first_seen

An object containing fields related to when IPQS first saw the email address.

Field	Description	Possible Values
human	A human description of how long it's been since IPQS first analyzed this email address. (Ex: 3 months ago)	string or null
timestamp	The unix time since epoch when this email was first analyzed by IPQS. (Ex: 1568061634)	integer
iso	The time this email was first analyzed by IPQS in ISO8601 format (Ex: 2019-09-09T16:40:34-04:00)	string

domain_age

An object containing fields related to when the domain was registered.

Field	Description	Possible Values
human	A human description of when this domain was registered. (Ex: 3 months ago)	string or null
timestamp	The unix time since epoch when this domain was first registered. (Ex: 1568061634)	integer
iso	The time this domain was registered in ISO8601 format (Ex: 2019-09-09T16:40:34-04:00)	string

sanitized_email

Sanitized email address with all aliases and masking removed, such as multiple periods for "gmail.com".

string

request_id

A unique identifier for this request that can be used to look up the request details or send a postback conversion notice.

string

success

Was the request successful?

boolean

message

A generic status message, either "success" or an error notice.

string

errors

An array of errors that occurred while attempting to process this request.

array of strings

EXAMPLE CODE

PHP
PYTHON

// Your API Key.
$key = 'YOUR_API_KEY_HERE';
	
// The email you wish to validate.
$email = 'noreply@ipqualityscore.com';

/*
* Set the maximum number of seconds to wait for a reply
* from an email service provider. If speed is not a concern 
* or you want higher accuracy we recommend setting this in 
* the 20 - 40 second range in some cases. Any results which 
* experience a connection timeout will return the "timed_out" 
* variable as true. Default value is 7 seconds.
*/
$timeout = 1;
	
/*
* If speed is your major concern set this to true, 
* but results will be less accurate.
*/
$fast = 'false';

/*
* Adjusts abusive email patterns and detection rates
* higher levels may cause false-positives (0-2)
$abuse_strictness = 0;
	
// Create parameters array.
$parameters = array(
	'timeout' => $timeout,
	'fast' => $fast,
	'abuse_strictness' => $abuse_strictness
);
	
// Format our parameters.
$formatted_parameters = http_build_query($parameters);
	
// Create our API URL.
$url = sprintf(
	'https://www.ipqualityscore.com/api/json/email/%s/%s?%s', 
	$key,
	$email, 
	$formatted_parameters
);

$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);

$json = curl_exec($curl);
curl_close($curl);

// Decode the result into an array.
$result = json_decode($json, true);

// Check to see if our query was successful.
if(isset($result['success']) && $result['success'] === true){
	*- Example 1: Flag disposable and abusive emails
	* 
	* if(
	*		($result['recent_abuse'] === true || $result['disposable'] === true)
	*	){
	*		echo "Email is abusive or disposable, high chance of fraud.";
	* } else {
	* 	echo "Email is clean.";
	* }
	*/
}

import json
import requests

# You may need to install Requests pip
# python -m pip install requests

class IPQS:
    key = "YOUR_API_KEY_HERE"

    def email_validation_api(self, email: str, vars: dict={}) -> dict:
        url = "https://www.ipqualityscore.com/api/json/email/%s/%s" % (self.key, email)
        x = requests.get(url, params = vars)
        return json.loads(x.text)

if __name__ == "__main__":

    #The email you wish to validate.
    email = 'noreply@ipqualityscore.com'

    """
    Set the maximum number of seconds to wait for a reply
    from an email service provider. If speed is not a concern 
    or you want higher accuracy we recommend setting this in 
    the 20 - 40 second range in some cases. Any results which 
    experience a connection timeout will return the "timed_out" 
    variable as true. Default value is 7 seconds.
    """
    timeout = 1
        
    """
    If speed is your major concern set this to true, 
    but results will be less accurate.
    """
    fast = 'false'

    """
    Adjusts abusive email patterns and detection rates
    higher levels may cause false-positives (0-2)
    """
    abuse_strictness = 0;

    #custom feilds
    additional_params = {
        'timeout' : timeout,
        'fast' : fast,
        'abuse_strictness' : abuse_strictness
    }

    ipqs = IPQS()
    result = ipqs.email_validation_api(email, additional_params)

    # Check to see if our query was successful.
    if 'success' in result and result['success']:

        #Example 1: Flag disposable and abusive emails
        if result['recent_abuse'] == True or result['disposable'] == True:
            print('Email is abusive or disposable, high chance of fraud.')
        else:
            print('Email is clean.')

Ready to eliminate fraud?

Start fighting fraud now with 5,000 Free Lookups!

We're happy to answer any questions or concerns.

Chat with our fraud detection experts any day of the week.

Call us at: (800) 713-2618

Schedule a Demo Sign Up