Prevent Fake Signups in ASP.NET Core Using Disposable Email Detection And IMemoryCache

When building real-world web applications, validating an email address is not just about format (@ and .).
A common problem is users signing up with disposable or temporary email providers like mailinator.com, tempmail.com, etc.

In this blog, I’ll walk through a simple, efficient, and production-ready approach to block disposable email domains in an ASP.NET Core application using:

  • IMemoryCache

  • A JSON-based domain list

  • Clean service-based design

Why Block Disposable Emails?

Disposable email addresses are often used for:

  • Spam registrations

  • Free-trial abuse

  • Fake accounts

  • Bot signups

Blocking them early improves:

  • Data quality

  • Security

  • Email deliverability

  • User authenticity

Solution Overview

The idea is simple:

  1. Maintain a list of blocked domains in a JSON file

  2. Load the domains into memory at application startup

  3. Cache them using IMemoryCache

  4. Validate the email domain during registration or form submission

This approach is:

  • ⚡ Fast (in-memory lookup)

  • 🔄 Reloadable

  • 📦 Dependency-injection friendly

  • 🚫 No external APIs required

Note: I am using json file, but we can use database, txt file, and etc 

Example domains.json:

 

[ "mailinator.com", "tempmail.com", "10minutemail.com" ]


DisposableEmailService Implementation

Source Code & Usage Options

You can find the complete service implementation here:
👉 https://github.com/ravinder25886/RS.Utilities/tree/main/Validation/Service

The domains.json file is available at:
👉 https://github.com/ravinder25886/RS.Utilities/tree/main/Data

You have two ways to use this solution:

  1. Clone the full RS.Utilities project
    This repository includes multiple reusable helper and utility classes that can significantly reduce development time.
    👉 https://github.com/ravinder25886/RS.Utilities/tree/main

  2. Use only what you need
    If you prefer a lightweight approach, simply copy:

    • The Validation/Service folder

    • The domains.json file

    and integrate them directly into your project.

Both options work seamlessly—choose the one that best fits your project structure and requirements.

 

How the Code Works

1. JSON-Based Domain Storage

Keeping domains in a JSON file makes it:

  • Easy to update

  • Source-control friendly

  • Environment-independent

2. Memory Caching for Performance

_cache.Set(_cacheKey, domains, new MemoryCacheEntryOptions { SlidingExpiration = TimeSpan.FromDays(1) });

  • Domains are loaded once

  • No file reads on every request

  • Sliding expiration keeps memory usage optimized

Dependency Injection Setup

Register the service in Program.cs:

 

builder.Services.AddMemoryCache(); builder.Services.AddSingleton<IDisposableEmailService, DisposableEmailService>();

Finally Usage Example

 

if (_disposableEmailService.IsDisposable(model.Email)) { ModelState.AddModelError( "Email", "Disposable email addresses are not allowed." ); }

Perfect for:

  • Registration forms

  • Contact forms

  • Trial signups

Reload Domains Without Restart

If you update domains.json, simply call:

 
_disposableEmailService.ReloadDomains(); 

No app restart required 🚀

 

Benefits of This Approach

✅ No third-party API
✅ No recurring cost
✅ High performance
✅ Easy to maintain
✅ Production-ready

Possible Enhancements

  • Periodic background refresh (IHostedService)

  • Admin UI to manage blocked domains

  • Wildcard or subdomain support

  • Logging & monitoring

  • Combine with regex + MX validation

Final Thoughts

Blocking disposable email addresses is a small feature with a big impact.

This lightweight, cache-driven approach fits perfectly into modern ASP.NET Core applications and gives you full control without external dependencies.

If you’re building authentication, onboarding, or SaaS platforms—this utility is a must-have.