Congrats for the launch and the interesting approach!
I run 10MinuteMail.com, which is in the same space, although with a few differentiators, so take my comments with a grain of salt:)
I worry about the lack of security (i.e. someone can easily issue a forgot password event, and grab that e-mail, and take over your account). Obviously you shouldn't use disposable accounts for things like your bank's site, but in general I think people use them for forum or site accounts that they want to use, but aren't sure won't sell their address list. The only people I can picture who 100% don't care if their account can be easily stolen are forum spammers, who unfortunately use disposable e-mail services pretty often.
I like the auto-clicking action, although many sites require you to set a new password after you click the link or login with the One Time Use initial password. Since those links are only usable once, and the site will keep auto-clicking them when the mail comes in, I think you could find yourself unable to authenticate with a large number of sites.
Thanks, I don't really intend to run it as a business. Without being a forum spammer, I personally used Mailinator a lot and saw the chance to make it easier. I warned about the danger of stealing the account in the FAQ, on the front page; I hope this will be enough.
I will write some code to avoid the auto-clicking trap you mentioned, thanks! :)
If you wanted to make something out of it, you could do something like bugmenot.com.
It might be possible to right scripts to automatically create accounts at places like the new york times. So you could get people to go to your site, and they could automatically access sites. The problem with bugmenot is that people change the password on the throwaway accounts, so it is sometimes hard to find valid accounts. This way you could control the password and make sure it wasn't changed. That will get you page views, and let you put up advertising.
I like the site though, it's always nice to have another throw away email account. Especially since this one actually activates the registration for you.
you should auto-gen an email address for every new visitor, makes it easier than having to check. people don't care what the username is for a throw-away email address anyway.
after auto-gen, set a cookie so if I do have to come back for something, I don't need to remember the username and I can click a link to see the inbox (or just put the inbox on the frontpage as well)
otherwise, pretty cool! a neat hack would be a bookmarklet that auto fills-in a reg form with the email address (say some javascript that searches for an 'email' text field and inserts a new unique email).
edit: come to think of it, I would probably pay money if you did this as a service for my own domain. eg. I could point a catch-all for all my email to you, which you can use to generate throw-away emails from my domain name (in that case the emails are less likely to be blocked by services).
Thanks for the suggestions, I like them and will probably implement some variation.
I hope to be able to run it off a minimal VPS account as I am doing now. The architecture is very slim (no disk access, no interprocess communication) but uses unproven libs. Still loads fast for me, though.
CPU may not be your bottleneck... Mailinator is handling up to 2 million emails an hour off a single server. Bandwidth though is an issue, 3TB a month. You pay for all those connections that spammers open.
Yes, I expect bandwidth to be the bottleneck. But it can be pretty cheap: serveraxis for example has unlimited bandwidth at 10mbps starting from $40 a month.
However, I would be concerned about the other links that might appear in the email. For instance, click here to link your site cookies with the MSN ad network, or click here to agree that everything you submit will belong to Bigcorp.
Some (admittedly poorly designed) sites might even have "click here to cancel your registration" links. Can your link follower tell what each link means? I don't think so. But yeah, for most cases, it will work beautifully.
This is incredibly dangerous. They say do not use this for "accounts you care about" but many people use the same or similar passwords and usernames across several sites. If you register for a site and they send you your password in plain text via email (many sites still do this) you may have just opened the door wide open for any number of hackers using brute force attacks (except they can assume the set of permutations will be MUCH smaller.)
It is a cool service but if you use this you need to create a substantially different username and password to really be safe. Even if your login credentials are different someone can go through the password recovery process via email, reset it, and do whatever they want. Why would I want this to happen on ANY of my accounts? Even the ones I care least about need to be more secure than that.
[EDIT]
...but maybe the people who use these services are more intelligent than the average web user, are aware of the risks, and only associate these "throw-away" email addresses with throwaway accounts.
That doesn't mean it's safe. There are disposable e-mail sites that do not allow others access to your mail (mine: 10MinuteMail.com is one of them, but there are others). Just because you want to dodge spam from sold lists, doesn't mean you should give up all your security.
Definitely, that's how throw away accounts work. You don't get a personal account. The email just gets sent to a place that any one can access. Just check some common words at mailinator. A lot of those have more spam than can come from one person using it. Especially since I believe email gets deleted about every half hour to an hour.
My concern is that if (when) your service gets popular, sites that require registration won't allow email addresses with the mailop.com domain (if they want real email addresses).
Yeah. 10MinuteMail.com rotates out domains every month or two.
The problem is that people who actually care about blocking temporary e-mail tend to stay on top of the big sites domain lists. There are even 3rd party lists you can integrate your site/forum with that block all disposable addresses.
Nice service you got, IMHO a good idea is to support a non-url-click email addresses, smthng like myname.nc@..., where ".nc" means "I will handle the urls by myself"
I was going to say the same thing. Alias accounts would be awesome...
blah+mymail@mailops.com
blah2+mymail@mailops.com
etc.. would all point to mymail@mailops.com
This would be really useful if you could implement that.
edit:
Also, having the mails (subject and body) display as a xml feed would be ++, some of these temp email sites offer this, but only show the subject and a link to the message which isn't part of the feed.
Actually the way existing mail servers work foo+bar@domain.com and foo+bar2@domain.com get delivered to foo@domain.com (if the server was configured for "+ addressing")
I would have used a simple interface that generates an email for you (random and non repeating). You copy paste the email and next you get the link back.
i like it a lot. I actually work at a web company where we have to test new registrations, and have been using mailinator for quite some time. The problem with mailinator is that if I use the email address for example jfosidj@mailinator.com I have to copy and paste it somewhere so I can check it, but your services seems like it will be easier. thanks
It has some intelligence intended not to DOS legitimate sites: if a site sends a support link along with the confirmation link, for example, the support link won't be opened over and over again. Like Mailinator, the site has also other forms of protecting itself against spam.
I run 10MinuteMail.com, which is in the same space, although with a few differentiators, so take my comments with a grain of salt:)
I worry about the lack of security (i.e. someone can easily issue a forgot password event, and grab that e-mail, and take over your account). Obviously you shouldn't use disposable accounts for things like your bank's site, but in general I think people use them for forum or site accounts that they want to use, but aren't sure won't sell their address list. The only people I can picture who 100% don't care if their account can be easily stolen are forum spammers, who unfortunately use disposable e-mail services pretty often.
I like the auto-clicking action, although many sites require you to set a new password after you click the link or login with the One Time Use initial password. Since those links are only usable once, and the site will keep auto-clicking them when the mail comes in, I think you could find yourself unable to authenticate with a large number of sites.