Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
mailchecker
Advanced tools
mailchecker
Cross-language temporary (disposable/throwaway) email detection library. Covers hundreds fake email providers.
MailChecker
Cross-language email validation. Backed by a database of over 55 000 throwable email domains.
- Validate the format of your email (uses validator.js email regex underneath and
FILTER_VALIDATE_EMAILfor PHP) - Validate if the email is not a temporary mail (yopmail-like..., add your own dataset to list.txt)
This will be very helpful when you have to contact your users and you want to avoid errors causing lack of communication or want to block "spamboxes".
Need to provide Webhooks inside your SaaS?
Need to embed a charts into an email?
It's over with Image-Charts, no more server-side rendering pain, 1 url = 1 chart.
https://image-charts.com/chart?
cht=lc // chart type
&chd=s:cEAELFJHHHKUju9uuXUc // chart data
&chxt=x,y // axis
&chxl=0:|0|1|2|3|4|5| // axis labels
&chs=873x200 // size
Upgrade
From 3.x to 4.x
- PHP
# import using the fully qualified name.
use Fgribreau\MailChecker;
// ...
echo MailChecker::isValid('myemail@yopmail.com');
From 1.x to 3.x
Mailchecker public API has been normalized, here are the changes:
- NodeJS/JavaScript:
MailChecker(email)->MailChecker.isValid(email) - PHP:
MailChecker($email)->MailChecker::isValid($email) - Python
import MailChecker
m = MailChecker.MailChecker()
if not m.is_valid('bla@example.com'):
# ...
became:
import MailChecker
if not MailChecker.is_valid('bla@example.com'):
# ...
MailChecker currently supports:
- NodeJS (CommonJS, Instructions)
- JavaScript (Client-Side, Instructions)
- PHP (Instructions)
- Python (Instructions)
- Ruby (Instructions)
- Rust (Instructions)
- Elixir (Instructions)
- Clojure (Instructions)
- Go (Instructions)
- Easily add support for your own language with MailChecker template system and send us a pull-request!
Usage
NodeJS
var MailChecker = require('mailchecker');
if(!MailChecker.isValid('myemail@yopmail.com')){
console.error('O RLY !');
process.exit(1);
}
if(!MailChecker.isValid('myemail.com')){
console.error('O RLY !');
process.exit(1);
}
JavaScript
<script type="text/javascript" src="MailChecker/platform/javascript/MailChecker.js"></script>
<script type="text/javascript">
if(!MailChecker.isValid('myemail@yopmail.com')){
console.error('O RLY !');
}
if(!MailChecker.isValid('myemail.com')){
console.error('O RLY !');
}
</script>
PHP
use Fgribreau\MailChecker;
require __DIR__ . '/vendor/autoload.php';
if(!MailChecker::isValid('myemail@yopmail.com')){
die('O RLY !');
}
if(!MailChecker::isValid('myemail.com')){
die('O RLY !');
}
Python
pip install mailchecker
# no package yet; just drop in MailChecker.py where you want to use it.
from MailChecker import MailChecker
if not MailChecker.is_valid('bla@example.com'):
print("O RLY !")
Django validator: https://github.com/jonashaag/django-indisposable
Ruby
require 'mail_checker'
unless MailChecker.valid?('myemail@yopmail.com')
fail('O RLY!')
end
Rust
extern crate mailchecker;
assert_eq!(true, mailchecker::is_valid("plop@plop.com"));
assert_eq!(false, mailchecker::is_valid("\nok@gmail.com\n"));
assert_eq!(false, mailchecker::is_valid("ok@guerrillamailblock.com"));
Elixir
Code.require_file("mail_checker.ex", "mailchecker/platform/elixir/")
unless MailChecker.valid?("myemail@yopmail.com") do
raise "O RLY !"
end
unless MailChecker.valid?("myemail.com") do
raise "O RLY !"
end
Clojure
; no package yet; just drop in mailchecker.clj where you want to use it.
(load-file "platform/clojure/mailchecker.clj")
(if (not (mailchecker/valid? "myemail@yopmail.com"))
(throw (Throwable. "O RLY!")))
(if (not (mailchecker/valid? "myemail.com"))
(throw (Throwable. "O RLY!")))
Go
package main
import (
"log"
mail_checker "github.com/FGRibreau/mailchecker/v6/platform/go"
)
if !mail_checker.IsValid("myemail@yopmail.com") {
log.Fatal("O RLY !");
}
if !mail_checker.IsValid("myemail.com") {
log.Fatal("O RLY !")
}
Installation
Go
go get github.com/FGRibreau/mailchecker/v6/platform/go
NodeJS/JavaScript
npm install mailchecker
Ruby
gem install ruby-mailchecker
PHP
composer require fgribreau/mailchecker
We accept pull-requests for other package manager.
Data sources
$('td', 'table:last').map(function(){
return this.innerText;
}).toArray();
Array.prototype.slice.call(document.querySelectorAll('.entry > ul > li a')).map(function(el){return el.innerText});
... please add your own dataset to list.txt.
Regenerate libraries from list.txt
Just run (requires NodeJS):
npm run build
Development
Development environment requires docker.
# install and setup every language dependencies in parallel through docker
npm install
# run every language setup in parallel through docker
npm run setup
# run every language tests in parallel through docker
npm test
Backers
Maintainers
These amazing people are maintaining this project:
Sponsors
No sponsors yet! Will you be the first?
Contributors
These amazing people have contributed code to this project:
- Owen Stephens
- Jacob Burenstam Linder
- Herman Slatman
- trisix — view contributions
- Greenkeeper
- Dustin Clark
- Anton Zhiyanov
- Bruel Nicolas — view contributions
- Robin — view contributions
- Spir — view contributions
- Vincent Giersch
- Adrian Carolli
- Dave Powers
- Frank Phillips — view contributions
- LuckyDino — view contributions
- ven — view contributions
- Romain Gay
- Sebastian Cohnen
- Dalai — view contributions
- quaswex — view contributions
- sxyuan — view contributions
- Francois-Guillaume Ribreau
- Dusty
- larsvegas
- Zeeshan Muhammad
- kkleejoe — view contributions
- Luiz Freneda
- thorinisme — view contributions
- Liudas Šumskas — view contributions
- Alexander — view contributions
- Alex Domakidis
- Carlos Rios
- Jacek Bzdak — view contributions
- D — view contributions
- Jonas Haag
- Alex Domakidis
- Dan McGregor — view contributions
- Thiago Rodrigues
- Dilli Labs LLC
- Kieron Lawson
- Kslr
- Lint
- chadliu23 — view contributions
- milkyklim
- Sharat M R — view contributions
- Nicolas Perraud — view contributions
- tbdmainrepo — view contributions
- Kslr — view contributions
- Fabio Caccamo
- cyril souillard — view contributions
- Grégoire Pineau
- Bruno Bossola
- florian-crtl — view contributions
- mikeyzm
- Grégoire Pineau
- alonga — view contributions
- Vitalii Tverdokhlib
- Francis Chuang — view contributions
- mikeyzm — view contributions
- Pascal Vizeli
- Caroline — view contributions
- Daniel Mihai
- HWVS — view contributions
- seb's — view contributions
- Chigusa0w0
- Maki
Discover how you can contribute by heading on over to the CONTRIBUTING.md file.
Changelog
License
Unless stated otherwise all works are:
- Copyright © Francois-Guillaume Ribreau
and licensed under:
v6.0.19 (2025/10/19 12:12 +00:00)
- 4f033b8 Release v6.0.19. (@FGRibreau)
- b311177 feat(build): update plateform files (@FGRibreau)
- #560 Update list.txt (#560) (@co-rapidos)
- #557 feat: add new temp mails (#557) (@armfuldev)
- #555 update: list.txt with 11 more domains (#555) (@safakocamanoglu)
- #554 Imp/new fake mail domains (#554) (@srdjanprpa)
- 931349c fix (@FGRibreau)
- 6cea3f2 feat(cargo): updated to 6.0.18 (@FGRibreau)
- 6fb7498 feat(python): updated to 6.0.18 (@FGRibreau)
- eda3d76 feat(python): updated to 6.0.18 (@FGRibreau)
- 032970f feat(python): updated to 6.0.18 (@FGRibreau)
- fc4c7bb feat(python): updated to 6.0.18 (@FGRibreau)
- d38de92 feat(python): updated to 6.0.18 (@FGRibreau)
- ba5cb4d feat(python): updated to 6.0.18 (@FGRibreau)
- 2d281e6 feat(python): updated to 6.0.18 (@FGRibreau)
- 755dc7e feat(python): updated to 6.0.18 (@FGRibreau)
- d225794 feat(python): updated to 6.0.18 (@FGRibreau)
- d8485e8 feat(python): updated to 6.0.18 (@FGRibreau)
- fcfe3ca feat(python): updated to 6.0.18 (@FGRibreau)
- 50c744b feat(python): updated to 6.0.18 (@FGRibreau)
- 32fef46 feat(gemspec): updated to 6.0.18 (@FGRibreau)
- 00e4ab0 docs(changelog): updated (@FGRibreau)
Keywords
FAQs
Cross-language temporary (disposable/throwaway) email detection library. Covers hundreds fake email providers.
The npm package mailchecker receives a total of 125,521 weekly downloads. As such, mailchecker popularity was classified as popular.
We found that mailchecker demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025