Temp mail is a temporary email address that receives real messages and then self-destructs. You open trashbox.email, a random address is already generated, and you can use it immediately for any sign-up or verification. When the 2-hour timer runs out, the address and every message in it are permanently erased from the server. No trace left behind.
No registration. No phone number. No personal information of any kind. The inbox loads in under a second and starts accepting mail immediately.
Every temp mail service runs on the same basic stack: an SMTP server that accepts incoming messages for a set of domains, a temporary storage layer that holds those messages, and a frontend that displays them to whoever generated the address.
At trashbox.email, the SMTP layer is Haraka, a high-performance mail server written in Node.js. When a message arrives, it gets parsed, sanitized (HTML is scrubbed to remove tracking pixels and scripts), and pushed to your browser through a WebSocket connection. You see the email appear within 2-3 seconds of it being sent. There's no manual refresh button to hit.
The storage backend is SQLite in WAL mode with Redis handling the real-time pub/sub layer. When the inbox expires, a cleanup worker permanently deletes the address, all associated emails, and any attachments from both the database and disk. The SMTP server then starts hard-rejecting any new mail to that address with a 550 bounce.
The use cases fall into a few clear categories:
Most websites require email verification during sign-up. If you're creating an account you don't plan to keep, a temp mail address gets you through that gate without linking the account to your real identity. Trashbox automatically detects OTP codes and verification links in incoming emails and surfaces them for one-click copying.
SaaS products, streaming services, online tools. They all want your email before you can try them. Use a temp address to evaluate the product. If you decide to keep it, switch to your real email later. If not, you never hear from them again.
eBooks, whitepapers, templates, open-source installers. The content is free but the download link arrives by email. A temp address gets you the file without signing up for a newsletter you'll ignore.
You want to post one question on a forum, read a gated thread, or claim a username. A temp address handles the mandatory email verification without polluting your inbox with weekly digest emails from a site you'll visit once.
If you're a developer testing email flows, registration systems, or notification pipelines, you need throwaway addresses fast. Temp mail lets you generate a new address for each test run without managing a list of test accounts.
Airports, hotels, coffee shops. They demand an email to grant you wifi access. A temp address gets you connected without giving a data harvesting form your real contact information.
Every email address you type into a form becomes a record in a database you don't control. Those databases get breached constantly. Have I Been Pwned tracks over 14 billion compromised records across 780+ sites. When a breach happens, your email ends up on credential stuffing lists, phishing target lists, and spam databases.
The damage compounds. Attackers use breached email addresses to attempt password resets on other services you use. They send targeted phishing emails that reference the breached service to seem legitimate. And the spam from one breach follows your email address forever.
Temp mail eliminates this attack surface entirely. The service gets a working email address for its verification flow. You get access to the product. And when the service inevitably leaks its database three years later, the compromised address is one that ceased to exist within hours of being created. There's nothing to exploit.
The "junk Gmail" approach has three fundamental problems:
Temp mail has none of these problems. No identity link. No accumulation. No tracking profile. Each address is independent and ephemeral.
This is important: temp mail is for accounts and interactions you don't plan to maintain.
Don't use it for banking, healthcare, government services, or any account tied to your legal identity. Don't use it for social media accounts you want to keep. Don't use it for anything that requires two-factor authentication or password recovery. Those need a permanent email address you fully control.
Some platforms actively block known temporary email domains. Netflix, major banks, and identity verification services are common examples. For those, you'll need your real address or a permanent alias service.
Most temp mail services suffer from the same problems: they're slow, they're drowning in aggressive ads that obscure the actual inbox, they only work in English, or they retain data longer than they claim.
Trashbox runs on a dedicated VPS with NVMe storage. Page load is under 800ms globally. The inbox updates in real time via WebSocket. OTP codes are extracted automatically. The entire interface works in 20 languages — including right-to-left rendering for Arabic and proper display for Japanese, Chinese, and Korean.
There is no account system, no analytics tracking, no advertising cookies, and no browser fingerprinting. The server stores exactly two things: the temporary address and its messages. Both get deleted after 2 hours.
Generate a temporary email address now →