Dashboard Manual Pricing Use Cases

Disposable Email Checker

Check if an email address or email domain is disposable or temporary. If you run a website or SaaS, you know that disposable addresses are often used for abusive purposes. This free tool is powered by the Dregs platform.

Anonymous checks are limited to 10 per minute and 100 per day per IP. Create a Dregs account to unlock higher limits and more detailed user scoring across many dimensions, not just the email domain. Sign up for free!

How does it work?

Dregs maintains a dataset of known disposable email providers, updated frequently from internal data as well as external datasets such as disposable-email-domains.

Behind the scenes, the same disposable email detection engine runs as part of every authenticated scoring pass in the Dregs SaaS abuse prevention platform.

Need more checks?

Sign in with your Dregs secret key and you'll get the full authenticity verdict instead of just disposable or non-disposable!

The Dregs platform scores Authenticity across multiple profile fields, including the disposable email domain check as well as whether the email corresponds to the stated name, whether the identity name itself looks structurally plausible, and much more.

Get a free Dregs account with 10,000+ checks per month, an API key, and powerful abuse protections like bot detection, multi-account fingerprinting, and identity scoring.

Create a Free Account

Disposable Email Checking API

A simple POST to /api/tools/identity-check backs the web form on this page, and you can call it directly too. Anonymous calls are straightforward but limited. Create a free Dregs account to unlock higher limits and more detailed scoring.

Anonymous

Calling the endpoint anonymously gives a simple boolean response, indicating whether or not the domain is known to Dregs to be a disposable email domain. Send either an email (a full address) or a domain (a bare domain) — whichever you have. The response echoes back the field that was checked. 

curl https://dregs.com/api/tools/identity-check \
  -H "Content-Type: application/json" \
  -d '{"email":"user@example.com"}'

# Response
{
  "input": {"email": "user@example.com"},
  "disposableEmailDomain": false
}

# Or check a bare domain
curl https://dregs.com/api/tools/identity-check \
  -H "Content-Type: application/json" \
  -d '{"domain":"mailinator.com"}'

# Response
{
  "input": {"domain": "mailinator.com"},
  "disposableEmailDomain": true
}

Authenticated

Calling the same endpoint with a Dregs account (a Bearer token with a secret key) accepts more fields in the payload and returns a more detailed response, including an overall Authenticity score and any observations Dregs made about the profile data. 

curl https://dregs.com/api/tools/identity-check \
  -H "Authorization: Bearer $DREGS_SECRET_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "john@acme-corp.com",
    "firstName": "John",
    "lastName": "Doe",
    "organizationName": "Acme Corp"
  }'

# Response
{
  "input": { ... },
  "disposableEmailDomain": false,
  "score": {
    "category": "AUTHENTICITY",
    "value": 0.73,
    "confidence": 0.81
  },
  "observations": [
    {
      "category": "AUTHENTICITY",
      "id": "authenticity.disposable-email",
      "label": "Disposable Email",
      "value": 1.0,
      "confidence": 0.95,
      "explanation": "Email domain appears legitimate",
      "metadata": { ... }
    }
  ]
}

Your secret key for making authenticated requests lives in Settings → Credentials in your Dregs dashboard. Treat it like a secure password and never put it in client-side code or commit it to version control.

Protect your SaaS. Stop the abuse!

Dregs continuously scores every identity's Humanity, Authenticity, Uniqueness, and Behavior so you can separate the good users from the troublemakers.

Try Dregs For Free

Frequently Asked Questions

What is a disposable email address?

A disposable email address is one provided by a service like Mailinator, Guerrilla Mail, or 10MinuteMail that lets people receive emails without committing to a real inbox. They're routinely used to bypass signup verification, exploit free trials, and create throwaway accounts that can be discarded the moment they're flagged.

How fresh is the list of disposable email domains?

Dregs refreshes the underlying list from upstream open-source sources weekly, and the dataset is the same one we use internally to gate fraud signals on tracked identities. New disposable providers get picked up automatically as soon as they're added upstream.

Is there an API I can call from my application?

Yes! POST /api/tools/identity-check is documented on this page. Anonymous calls are rate-limited (10/min, 100/day per IP); calls authenticated with your Dregs secret key get 100/min plus your monthly operations quota.

Why does the authenticated API accept fields like firstName and organizationName?

Because the authenticated tier runs a full Authenticity-scoring pass, not just a list lookup. It evaluates whether the name structure looks legitimate, whether the email matches the name, and other signals that depend on more than the email alone. Anonymous calls are restricted to the disposable check.

How is this different from email verification services?

Email verification services (Mailgun, ZeroBounce, etc.) check whether an inbox exists and can receive mail — deliverability. Dregs's tool checks whether the address looks fraudulent — intent. They complement each other: a real inbox at a disposable provider passes verification but fails authenticity.

Is the disposable email checker really free?

The web form is free with no signup. The API is free anonymous up to the rate limit, and free with a Dregs account up to the monthly operations quota included in every plan (including the free trial).