Disposable Email Detection API

Prevent Temporary & Disposable Emails

Detect temporary emails and prevent disposable email addresses (DEA) with an easy API request that provides risk scoring in real-time. Stop fake accounts and sign up fraud with filtering for disposable email services. Our disposable domain blacklists are updated multiple times per hour with new services that provide temporary emails so new threats can be quickly blacklisted.

The disposable email detection API can be added on your registration and checkout pages for complete protection against fraudulent email addresses and fake accounts. Additional user information can also be scored along with the email address such as IP address, phone number, and other user data.

Lower Fraud Rates & Abusive Users

Protect your site from fraudulent users and abuse with complete email risk scoring. Detect abusive emails recently seen across the IPQS threat network. This can include valid email addresses recently used for chargebacks, sign up fraud, application fraud, and similar user abuse. This service is an extension of the IPQS Email Validation API.

Private Key

Please login or create a free account to access your API Key.

NOTE: Keep your API key hidden as it can be used to view data on your account.

Request URLs

The XML and JSON URLs below can be used to fetch the result using cURL or a similar method. The example below displays our end points for the disposable email detection API. Please replace "USER_EMAIL_HERE" with the request email.

JSON:

XML:

JSON Example Requests

API Lookup with Your Email Address

JSON Success Response Example

{
	"valid": true,
	"disposable": false,
	"recent_abuse": false,
	"fraud_score":25,
	"leaked": false,
	"first_seen": {
		"human": "3 months ago",
		"timestamp": 1568061634,
		"iso": "2019-09-09T16:40:34-04:00"
	},
	"domain_age": {
		"human": "3 months ago",
		"timestamp": 1568061634,
		"iso": "2019-09-09T16:40:34-04:00"
	},
	"success": true,
	"sanitized_email": "validated@example.com",
	"request_id": "4JAer3sX6rF3PO"
}

NOTE: For a description of each field listed above please consult the response documentation below.

XML Success Response Example

<result>
	<valid>true</valid>
	<disposable>false</disposable>
	<recent_abuse>false</recent_abuse>
	<fraud_score>25</fraud_score>
	<leaked>false</leaked>
	<first_seen>
		<human>3 months ago</human>
		<timestamp>1568061634</timestamp>
		<iso>2019-09-09T16:40:34-04:00</iso>
	</first_seen>	
	<domain_age>
		<human>3 months ago</human>
		<timestamp>1568061634</timestamp>
		<iso>2019-09-09T16:40:34-04:00</iso>
	</domain_age>
	<sanitized_email>validated@example.com</sanitized_email>
	<success>true</success>
	<request_id>4JAer3sX6rF3PT</request_id>
</result>

NOTE: For a description of each field listed above please consult the response documentation below.

JSON Error Response Examples

Example errors that you may encounter when accessing our API due to an exhausted credit balance or an invalid/empty email address.

{
	"success":false,
	"message":"You have insufficient credits to make this query. Please contact IPQualityScore support if this error persists.",
	"request_id":"4OTORR352FU0p"
}

{
	"success":false,
	"message":"Invalid email address. Please check the email and try again.",
"request_id":"4OTORR4EWpl0m"
}

Response Field Definitions

Analyzing Email Results
Anytime the disposable email address API service returns "disposable" as true or "recent_abuse" as true, it is safe to treat the email address as fraudulent.

Field

Description

Possible Values

valid

Does this email address appear valid?

boolean

disposable

Is this email suspected of belonging to a temporary or disposable mail service? Usually associated with fraudsters and scammers.

boolean

leaked

Was this email address associated with a recent database leak from a third party? Leaked accounts pose a risk as they may have become compromised during a database breach.

boolean

recent_abuse

This value will indicate if there has been any recently verified abuse across our network for this email address. Abuse could be a confirmed chargeback, fake signup, compromised device, fake app install, or similar malicious behavior within the past few days.

boolean

fraud_score

The overall Fraud Score of the user based on the email's reputation and recent behavior across the IPQS threat network. Fraud Scores >= 75 are suspicious, but not necessarily fraudulent.

float

first_seen

Field	Description	Possible Values
human	A human description of how long it's been since IPQS first analyzed this email address. (Ex: 3 months ago)	string or null
timestamp	The unix time since epoch when this email was first analyzed by IPQS. (Ex: 1568061634)	integer
iso	The time this email was first analyzed by IPQS in ISO8601 format (Ex: 2019-09-09T16:40:34-04:00)	string

object

domain_age

Field	Description	Possible Values
human	A human description of when this domain was registered. (Ex: 3 months ago)	string or null
timestamp	The unix time since epoch when this domain was first registered. (Ex: 1568061634)	integer
iso	The time this domain was registered in ISO8601 format (Ex: 2019-09-09T16:40:34-04:00)	string

object

sanitized_email

Sanitized email address with all aliases and masking removed, such as multiple periods for Gmail.com.

string

request_id

A unique identifier for this request that can be used to lookup the request details or send a postback conversion notice.

string

success

Was the request successful?

boolean

message

A generic status message, either success or some form of an error notice.

string

errors

Array of errors which occurred while attempting to process this request.

array of strings

// Your API Key.
$key = 'YOUR_API_KEY_HERE';
	
// The email you wish to validate.
$email = 'noreply@ipqualityscore.com';

/*
* Set the maximum number of seconds to wait for a reply
* from an email service provider. If speed is not a concern 
* or you want higher accuracy we recommend setting this in 
* the 20 - 40 second range in some cases. Any results which 
* experience a connection timeout will return the "timed_out" 
* variable as true. Default value is 7 seconds.
*/
$timeout = 1;
	
/*
* If speed is your major concern set this to true, 
* but results will be less accurate.
*/
$fast = 'false';

/*
* Adjusts abusive email patterns and detection rates
* higher levels may cause false-positives (0-2)
$abuse_strictness = 0;
	
// Create parameters array.
$parameters = array(
	'timeout' => $timeout,
	'fast' => $fast,
	'abuse_strictness' => $abuse_strictness
);
	
// Format our parameters.
$formatted_parameters = http_build_query($parameters);
	
// Create our API URL.
$url = sprintf(
	'https://www.ipqualityscore.com/api/json/email/%s/%s?%s', 
	$key,
	$email, 
	$formatted_parameters
);

$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);

$json = curl_exec($curl);
curl_close($curl);

// Decode the result into an array.
$result = json_decode($json, true);

// Check to see if our query was successful.
if(isset($result['success']) && $result['success'] === true){
	*- Example 1: Flag disposable and abusive emails
	* 
	* if(
	*		($result['recent_abuse'] === true || $result['disposable'] === true)
	*	){
	*		echo "Email is abusive or disposable, high chance of fraud.";
	* } else {
	* 	echo "Email is clean.";
	* }
	*/
}

import json
import requests

# You may need to install Requests pip
# python -m pip install requests

class IPQS:
    key = "YOUR_API_KEY_HERE"

    def email_validation_api(self, email: str, vars: dict={}) -> dict:
        url = "https://www.ipqualityscore.com/api/json/email/%s/%s" % (self.key, email)
        x = requests.get(url, params = vars)
        return json.loads(x.text)

if __name__ == "__main__":

    #The email you wish to validate.
    email = 'noreply@ipqualityscore.com'

    """
    Set the maximum number of seconds to wait for a reply
    from an email service provider. If speed is not a concern 
    or you want higher accuracy we recommend setting this in 
    the 20 - 40 second range in some cases. Any results which 
    experience a connection timeout will return the "timed_out" 
    variable as true. Default value is 7 seconds.
    """
    timeout = 1
        
    """
    If speed is your major concern set this to true, 
    but results will be less accurate.
    """
    fast = 'false'

    """
    Adjusts abusive email patterns and detection rates
    higher levels may cause false-positives (0-2)
    """
    abuse_strictness = 0;

    #custom feilds
    additional_params = {
        'timeout' : timeout,
        'fast' : fast,
        'abuse_strictness' : abuse_strictness
    }

    ipqs = IPQS()
    result = ipqs.email_validation_api(email, additional_params)

    # Check to see if our query was successful.
    if 'success' in result and result['success']:

        #Example 1: Flag disposable and abusive emails
        if result['recent_abuse'] == True or result['disposable'] == True:
            print('Email is abusive or disposable, high chance of fraud.')
        else:
            print('Email is clean.')