unctom / laravel-email-shield
Extensible email validation and bulk list cleansing for your php project.
Fund package maintenance!
Requires
- php: ^8.4
- illuminate/contracts: ^11.0||^12.0||^13.0
- spatie/laravel-package-tools: ^1.16
Requires (Dev)
- larastan/larastan: ^3.0
- laravel/pint: ^1.14
- nunomaduro/collision: ^8.8
- orchestra/testbench: ^11.0.0||^10.0.0||^9.0.0
- pestphp/pest: ^4.0
- pestphp/pest-plugin-arch: ^4.0
- pestphp/pest-plugin-laravel: ^4.0
- phpstan/extension-installer: ^1.4
- phpstan/phpstan-deprecation-rules: ^2.0
- phpstan/phpstan-phpunit: ^2.0
- spatie/laravel-ray: ^1.35
README
Laravel Email Shield is a highly extensible, framework-native email authenticity and validation engine for Laravel.
It protects your application from junk sign-ups, disposable/throwaway addresses, role-based accounts, and dead domains by executing a high-performance validation pipeline that fails fast on simple syntax checks before ever executing slow network DNS lookups. Furthermore, it intelligently caches DNS checks to prevent throttling and rate limits during high traffic.
Installation
You can install the package via composer:
composer require unctom/laravel-email-shield
Usage
Using the Validation Rule
The most common way to use Laravel Email Shield is via the provided EmailAuthentic validation rule during form requests.
use Illuminate\Support\Facades\Route; use Illuminate\Http\Request; use Unctom\EmailShield\Rules\EmailAuthentic; Route::post('/register', function (Request $request) { $request->validate([ 'email' => [ 'required', 'string', 'email', (new EmailAuthentic()) ->notDisposable() // Blocks mailinator, tempmail, etc. ->preventRoleBased() // Blocks admin@, support@, info@, etc. ->requireMx(), // Ensures the domain has valid MX or A records ], ]); // ... });
Using the Facade
If you need to validate an email address outside of Laravel's validation system, you can use the EmailShield facade directly:
use Unctom\EmailShield\Facades\EmailShield; $result = EmailShield::validate('developer@example.com', [ 'check_disposable' => true, 'prevent_role_based' => true, 'require_mx' => true, ]); if (! $result->isValid()) { echo "Validation failed: " . $result->getErrorMessage(); echo "Failed at step: " . $result->getFailedRule(); }
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.