[wanderfowl]

If your site will be sending something of value over email, then people will want to use a real address, and you don't need this. On the other hand, if you just want a user ID, then it doesn't matter what they use, and you don't need this, either.

So, if you use this, you're a site who wants a real deliverable address for some reason, but which doesn't offer enough benefit to the user to naturally compel them to share one. Put differently, if you need this, you're precisely the kind of site that shouldn't get my real address.

All that this script means is that I'm going to leave your site unregistered and frustrated, and will mentally bookmark your domain as "those twits who force you to sign in and creepily want an actual address".

[zrail]

I built this kind of check into my ecommerce sites for high-value items. They're disproportionally susceptible to fraud and carding for some reason, and implementing a "no free email provider" check has cut fraud on those items to zero.

[mmccaff]

Yes, this. Processing fraudulent cards can result in a costly sum of chargebacks for the seller, and a fake email address is a very strong indicator that the person is a fraudster. Other services like Maxmind minFraud consider the email address and many other attributes when ranking the likelihood that the order is coming from a fraudster. It doesn't mean that you have to disallow the order from being saved (or whatever), just that you might want to flag it for manual review before processing the CC to capture payment.

[mynamesgeneric]

I work at a financial institution and disposable e-mails are used by fraudsters all of the time. This is certainly better than my current blacklist.

[JupiterMoon]

Do you blacklist gmail and hotmail addresses as well? It takes 5 minutes to put a throwaway gmail account together.

[mapt]

I expect blocking GMail, Hotmail, & Yahoo Mail also cut your conversion rate close to a factor of zero of what it would otherwise be.

[jks]

Here's how that might happen: http://mailinator.blogspot.com/2011/05/how-to-get-gmailcom-b...

[zrail]

Nope. The blocking is only active on certain products over $500 that don't make sense for non-companies to buy.

[JupiterMoon]

This point is orthogonal to the OP's.

[zrail]

OP's point as I understand it is "there is no circumstance where you need this, because you're either providing value or you're shit."

My point is that there are legitimate circumstances where you are providing value but in a way that people take advantage of for unrelated fraudulent purposes.

[westi]

Except you probably do need this if your site allows posting of user generated content, because spammers love these throwaway email addresses.

[Menge]

Spammers who bother with email based registration sites at all, often take the time to routinely acquire one address from a major free provider and use it everywhere they can't use a throwaway as well as get naive people to send email to it.

For other people who kind of don't trust your site, its future, or its security, but are too lazy to create extra accounts, you are forcing them to do a full evaluation in a way that adds additional weight to the possibility the site is an actual data broker today instead of an existential spam threat.

Personally, if I decided a site was bellow the threshold for my real email on an initial encounter and then I saw it perform this kind of detection, I wouldn't touch the site again.