- The email ecosystem has changed: there are now many legitimate privacy ‑and security‑ focused uses of burner and alias email addresses. Blanket‑blocking them is often not what you want for your users.
- My current schedule does not allow me to provide the maintenance and update cadence that this project deserves.
If you still need this functionality, please consider the following alternatives:
- Fork it.
- Use the upstream community‑maintained list of burner email providers directly: https://github.com/wesbos/burner-email-providers. Burnex is essentially an Elixir wrapper around this list.
- https://github.com/remoteoss/email_guard also seems popular enough (this project has no affiliation with them)
Existing versions will remain available on Hex.pm, but no further features or updates are planned.
Compare an email address against 22735+ burner email domains (temporary email providers) based on this list from https://github.com/wesbos/burner-email-providers.
Add :burnex to your list of dependencies in mix.exs.
def deps do
[
{:burnex, "~> 3.1.0"}
]
endBe aware that Burnex will not check if the email is RFC compliant, it will only
check the domain (everything that comes after @).
iex> Burnex.is_burner?("[email protected]")
false
iex> Burnex.is_burner?("[email protected]")
true
iex> Burnex.is_burner? "invalid.format.yopmail.fr"
false
iex> Burnex.is_burner? "\"this is a valid address! crazy right ?\"@yopmail.fr"
true
iex> Burnex.providers |> MapSet.member?("yopmail.fr")
trueFollowing code ensures email has a valid format then check if it belongs to a burner provider:
def changeset(model, params) do
model
|> cast(params, @required_fields ++ @optional_fields)
|> validate_required([:email])
|> validate_email()
end
@email_regex ~r/\A([\w+\-].?)+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\z/i
defp validate_email(%{changes: %{email: email}} = changeset) do
case Regex.match?(@email_regex, email) do
true ->
case Burnex.is_burner?(email) do
true -> add_error(changeset, :email, "forbidden_provider")
false -> changeset
end
false -> add_error(changeset, :email, "invalid_format")
end
end
defp validate_email(changeset), do: changesetAs an extra precaution against newly-created burner domains, you can use Burnex to do MX record DNS resolution. This is done like this:
iex> Burnex.check_domain_mx_record("gmail.com")
:ok
iex> Burnex.check_domain_mx_record("gmail.dklfsd")
{:error, "Cannot find MX records"}
Here is an example function to check if an email is valid:
# Use a regex capture to get the "domain" part of an email
@email_regex ~r/^\S+@(\S+\.\S+)$/
# hard-code some trusted domains to avoid checking their MX record every time
@good_email_domains [
"gmail.com",
"fastmail.com"
]
defp email_domain(email), do: Regex.run(@email_regex, String.downcase(email))
defp is_not_burner?(email, domain) do
with {:is_burner, false} <- {:is_burner, Burnex.is_burner?(email)},
{:check_mx_record, :ok} <- {:check_mx_record, Burnex.check_domain_mx_record(domain)} do
true
else
{:is_burner, true} ->
{false, "forbidden email"}
{:check_mx_record, {:error, error_message}} when is_binary(error_message) ->
{false, error_message}
{:check_mx_record, :error} ->
{false, "forbidden provider"}
end
end
@spec is_valid?(String.t()) :: true | {false, String.t()}
def is_valid?(email) do
case email_domain(email) do
[_ | [domain]] when domain in @good_email_domains ->
true
[_ | [domain]] ->
is_not_burner?(email, domain)
_ ->
{false, "Email in bad format"}
end
endThis software is licensed under MIT license. Copyright (c) 2018- Benjamin Piouffle.