Using WordPress ‘is_email_address_unsafe’ PHP filter

by

The is_email_address_unsafe WordPress PHP Filter checks if an email address is considered unsafe.

Usage

add_filter('is_email_address_unsafe', function($is_email_address_unsafe, $user_email) {
    // your custom code here
    return $is_email_address_unsafe;
}, 10, 2);

Parameters

  • $is_email_address_unsafe (bool) – Whether the email address is “unsafe”. Default false.
  • $user_email (string) – User email address.

More information

See WordPress Developer Resources: is_email_address_unsafe

Examples

Block a specific domain

Prevent email addresses with a specific domain (e.g., “example.com”) from being used.

add_filter('is_email_address_unsafe', function($is_email_address_unsafe, $user_email) {
    $blocked_domain = 'example.com';

    if (strpos($user_email, $blocked_domain) !== false) {
        return true;
    }

    return $is_email_address_unsafe;
}, 10, 2);

Block multiple domains

Prevent email addresses from multiple domains (e.g., “example.com” and “example.org”) from being used.

add_filter('is_email_address_unsafe', function($is_email_address_unsafe, $user_email) {
    $blocked_domains = array('example.com', 'example.org');

    foreach ($blocked_domains as $domain) {
        if (strpos($user_email, $domain) !== false) {
            return true;
        }
    }

    return $is_email_address_unsafe;
}, 10, 2);

Block disposable email addresses

Prevent disposable email addresses (e.g., mailinator.com) from being used.

add_filter('is_email_address_unsafe', function($is_email_address_unsafe, $user_email) {
    $disposable_email_domains = array('mailinator.com');

    foreach ($disposable_email_domains as $domain) {
        if (strpos($user_email, $domain) !== false) {
            return true;
        }
    }

    return $is_email_address_unsafe;
}, 10, 2);

Allow only specific domain

Allow only email addresses from a specific domain (e.g., “company.com”).

add_filter('is_email_address_unsafe', function($is_email_address_unsafe, $user_email) {
    $allowed_domain = 'company.com';

    if (strpos($user_email, $allowed_domain) === false) {
        return true;
    }

    return $is_email_address_unsafe;
}, 10, 2);

Allow only multiple specific domains

Allow only email addresses from multiple specific domains (e.g., “company.com” and “company.org”).

add_filter('is_email_address_unsafe', function($is_email_address_unsafe, $user_email) {
    $allowed_domains = array('company.com', 'company.org');
    $is_allowed = false;
    foreach ($allowed_domains as $domain) {
        if (strpos($user_email, $domain) !== false) {
            $is_allowed = true;
            break;
        }
    }
    return !$is_allowed;
}, 10, 2);