This approach configures an open-source mail server (like Postfix or Exim) to accept emails for any prefix at your domain. The server is configured to "pipe" the raw email data directly into a script (written in PHP, Python, or Node.js) the moment it arrives.
<?php $db = new SQLite3('tempmail.db'); $db->exec("CREATE TABLE IF NOT EXISTS inboxes ( email TEXT PRIMARY KEY, created INTEGER, expires INTEGER )"); $db->exec("CREATE TABLE IF NOT EXISTS messages ( id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT, sender TEXT, subject TEXT, body TEXT, received INTEGER )");
If you are looking to implement or use a temp mail script, there are generally two approaches:
const app = express(); const redis = new Redis(); const PORT = 3000; const EXPIRE_SECONDS = 600; // 10 minutes temp mail script
This report analyzes common Temp Mail script architectures (PHP, Python, Node.js), identifies their vulnerabilities and abuse potential, and provides actionable detection and blocking strategies for security teams.
class TempMail: def (self): self.base_url = "https://www.1secmail.com/api/v1/" self.login = None self.domain = None self.email = None
If you prefer not to build from scratch, here are mature alternatives: This approach configures an open-source mail server (like
Temp mail scripts have various use cases, including:
Emails and addresses typically expire after a set time, ensuring the inbox doesn't last forever.
If you want to host your own "disposable email" site, you can use open-source scripts found on platforms like GitHub. class TempMail: def (self): self
of sign-up flows or by users looking to bypass spam when registering for one-time services. How They Work
This method utilizes a standard mail server with a single catch-all mailbox. A background script periodically logs into the mailbox using IMAP, downloads new messages, processes them, and clears the inbox.
# Python import requests response = requests.get( "https://api.tempmailchecker.com/check", params="email": email, headers="X-API-Key": API_KEY ) if response.json()["temp"]: raise Exception("Disposable email not allowed") // PHP $result = file_get_contents($api_url); $blocked = json_decode($result)->temp; if ($blocked) die("Disposable email not allowed");
# Configuration TEMP_MAIL_ACCOUNT = 'your_temp_email@gmail.com' TEMP_MAIL_PASSWORD = 'your_temp_password' # You can generate one if needed SMTP_SERVER = 'smtp.gmail.com' SMTP_PORT = 587 IMAP_SERVER = 'imap.gmail.com' IMAP_PORT = 993 FORWARD_TO_ADDRESS = 'your_forwarding_email@example.com'