I never understand why most sites that demand sign-up verification emails don't block Mailinator even though Mailinator is obviously well-known among web developers.
It's almost as if there's an unspoken agreement among the cognoscenti that if you're smart enough to use Mailinator, you get a free pass -- we won't force you to hand over a valid email address.
We thought about this for raygun.io. In the end, despite being a an error notication service at our core, we thought it was a bit of a dick move to try and hold off people who used mailinator.
Treat others how you want to be treated: If I wanted to use mailinator to sign up for a service I'd be miffed if they actively blocked it.
A lot of sites forbid the use of mailinator.com email addresses.
Which is completely useless since there are numerous aliases, and you can also point your own domain/subdomain to it and have your own mailinator inbox running on you@spam.mydomain.com
Disinformation, doesn't actually help, if you blacklist based on destination IP and MX entries. Using alternate domain won't help, unless you also run TCP proxy or forwarding SMTP server. Even using different IP and name with light TCP relay proxy, gets revealed during handshake.
Of course you can add alias to your own mailserver and domain(s) alias to your own mailbox or set forwarding to mailinator. Then it's quite hard to find out if messages are really sent to mailinator or your own real mailbox.
The only time I remember being blocked from using a mailinator email it was a client side regex form validation - using one of Mailinator’s "alternate domains" got around that.
I would suspect that a lot of companies are willing to add a JS regex to their form validator, but are not willing to add SMTP headers sniffing to their validator. That barrier means that much of the time a simple domain name change will work.
The GPs comment is not unhelpful, and certainly not "Disinformation". It just isn’t completely reliable. Sometimes it will work, sometimes it won’t depending on how motivated the author of the validation is.
1. Some users may provide a real email address instead of a throwaway Mailinator one. The owner of the site can then send email to that address (which might get read and result in money being spent) or sell the email address to some third party.
Now, someone who would prefer to give you a Mailinator email address probably isn't likely to buy whatever you're spamming them with, so the benefit is probably pretty small. But it might be nonzero. (And if you're selling your mailing list to advertisers, of course they won't know how many of the addresses are for people who will ignore their spam.)
2. Requiring a real email address (that takes some effort to acquire) makes the cost of abuse slightly higher. So if you're offering a service people might want to abuse, you may reduce the frequency of abuse a bit by forbidding throwaway email addresses.
I did understand point 1: but this type of block would illustrate that a primary concern is the ability to abuse my personal e-mail address.
Assuming a company doesn't have that intent, I don't think they should send that signal.
Point 2 regarding abuse in the other direction is more interesting, and a fair point, thanks.
In my experience, Mailinator addresses have only been used as a way to abuse our service or try to keep getting new trial accounts. Of course we have mechanisms to protect against that, but it's still a large amount of cruft we have to deal with and clean up after. The number of paying customers that use Mailinator or started with Mailinator and changed their address afterwards is zero.
It's almost as if there's an unspoken agreement among the cognoscenti that if you're smart enough to use Mailinator, you get a free pass -- we won't force you to hand over a valid email address.