- The email ecosystem has changed: there are now many legitimate privacy ‐and security‐ focused uses of burner and alias email addresses. Blanket‐blocking them is often not what you want for your users.
- My current schedule does not allow me to provide the maintenance and update cadence that this project deserves.
If you still need this functionality, please consider the following alternatives:
- Fork it.
- Use the upstream community‐maintained list of burner email providers directly: https://github.com/wesbos/burner-email-providers. Burnex is essentially an Elixir wrapper around this list.
- https://github.com/remoteoss/email_guard also seems popular enough (this project has no affiliation with them)
Existing versions will remain available on Hex.pm, but no further features or updates are planned.
Build Status Coverage Status Module Version Hex Docs Total Download License Last Updated
Compare an email address against 22735+ burner email domains (temporary email providers) based on this list from https://github.com/wesbos/burner-email-providers.
Add :burnex to your list of dependencies in mix.exs.
def deps do [ {:burnex, "~> 3.1.0"} ] end
Be aware that Burnex will not check if the email is RFC compliant, it will only
check the domain (everything that comes after @).
iex> Burnex.is_burner?("my-email@gmail.com") false iex> Burnex.is_burner?("my-email@yopmail.fr") true iex> Burnex.is_burner? "invalid.format.yopmail.fr" false iex> Burnex.is_burner? "\"this is a valid address! crazy right ?\"@yopmail.fr" true iex> Burnex.providers |> MapSet.member?("yopmail.fr") true
Following code ensures email has a valid format then check if it belongs to a burner provider:
def changeset(model, params) do model |> cast(params, @required_fields ++ @optional_fields) |> validate_required([:email]) |> validate_email() end @email_regex ~r/\A([\w+\-].?)+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\z/i defp validate_email(%{changes: %{email: email}} = changeset) do case Regex.match?(@email_regex, email) do true -> case Burnex.is_burner?(email) do true -> add_error(changeset, :email, "forbidden_provider") false -> changeset end false -> add_error(changeset, :email, "invalid_format") end end defp validate_email(changeset), do: changeset
As an extra precaution against newly-created burner domains, you can use Burnex to do MX record DNS resolution. This is done like this:
iex> Burnex.check_domain_mx_record("gmail.com")
:ok
iex> Burnex.check_domain_mx_record("gmail.dklfsd")
{:error, "Cannot find MX records"}
Here is an example function to check if an email is valid:
# Use a regex capture to get the "domain" part of an email @email_regex ~r/^\S+@(\S+\.\S+)$/ # hard-code some trusted domains to avoid checking their MX record every time @good_email_domains [ "gmail.com", "fastmail.com" ] defp email_domain(email), do: Regex.run(@email_regex, String.downcase(email)) defp is_not_burner?(email, domain) do with {:is_burner, false} <- {:is_burner, Burnex.is_burner?(email)}, {:check_mx_record, :ok} <- {:check_mx_record, Burnex.check_domain_mx_record(domain)} do true else {:is_burner, true} -> {false, "forbidden email"} {:check_mx_record, {:error, error_message}} when is_binary(error_message) -> {false, error_message} {:check_mx_record, :error} -> {false, "forbidden provider"} end end @spec is_valid?(String.t()) :: true | {false, String.t()} def is_valid?(email) do case email_domain(email) do [_ | [domain]] when domain in @good_email_domains -> true [_ | [domain]] -> is_not_burner?(email, domain) _ -> {false, "Email in bad format"} end end
This software is licensed under MIT license. Copyright (c) 2018- Benjamin Piouffle.