README
¶
emailguard
Fast, practical heuristics for validating business email domains during signup.
emailguard filters out disposable, masked, or misconfigured email domains using lightweight DNS inspection and a curated blocklist of known temporary email providers.
It’s designed for B2B SaaS signup flows where you want real business emails, not throwaway addresses.
⚡ Features
- ✅ Checks MX records (fast, 1s timeout)
- ✅ Blocks disposable & temp-mail domains (auto-syncs from GitHub)
- ✅ Detects masking/aliasing services via MX heuristics
- ✅ Caches verdicts and DNS results in memory
- ✅ Safe defaults for consumer providers (Gmail, Outlook, etc.)
- ✅ Zero external services — pure Go + DNS
🚀 Installation
go get github.com/vandit1604/emailguard
🧠 Example
package main
import (
"fmt"
"github.com/vandit1604/emailguard"
)
func main() {
ok := emailguard.IsLegitEmail("user@company.com")
if !ok {
fmt.Println("Reject: unverified or disposable domain")
} else {
fmt.Println("Looks good ✅")
}
}
Output:
Looks good ✅
or, for a disposable domain:
Reject: unverified or disposable domain
🧩 How it works
-
Clones disposable-email-domains into
/tmp(once per process). -
Checks:
- Is domain in blocklist?
- Has valid MX?
- Does MX contain masking keywords? (
mask,relay,forward,tempmail, etc.) - Are MX registrable domains disposable?
-
Caches DNS + verdicts for 5 minutes.
-
Returns a simple boolean — fast, deterministic, low overhead.
⚙️ Config / Policy
Modify allowlist, mxBadKeywords, or cache TTLs inside the package if needed.
📦 Use cases
- Block signups using temp or masked emails
- Improve lead quality in B2B products
- Sanitize marketing imports
- Gate API access behind legit company addresses
🧑💻 License
MIT — free for commercial use. Attribution appreciated but not required.
Documentation
¶
Overview ¶
Package emailguard provides fast, practical heuristics for validating business email domains during user signup.
It filters out disposable, masked, or misconfigured email domains by combining lightweight DNS inspection (MX lookups) with a curated blocklist of known temporary email providers.
Key behaviors:
- Auto-clones and updates the public disposable-email-domains list
- Checks for valid MX records with a short timeout
- Caches DNS and verdict results for low latency
- Rejects domains or MX hosts matching disposable or masking patterns
- Allows configurable consumer-domain allowlist (e.g. Gmail, Outlook)
This package is optimized for B2B SaaS signup flows where verifying the authenticity of an email domain matters more than tolerating edge cases in personal mail services.
Example usage:
import "yourproject/emailguard"
ok := emailguard.IsLegitEmail("user@company.com")
if !ok {
fmt.Println("reject: unverified or disposable domain")
}
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsLegitEmail ¶
IsLegitEmail returns true only if the domain looks like a legit mailbox domain (no MX => reject, disposable => reject, masking MX => reject).
func LoadTempMails ¶
func LoadTempMails() map[string]struct{}
LoadTempMails clones or pulls the disposable list and returns a set of domains. Safe to call multiple times; work is done once per process.
Types ¶
This section is empty.
Source Files