Temp Mail
Free email
Provides temporary and free email addresses through a simple interface with automatic or manual username creation. Emails are temporary, linked to the sessionID and CSRF token, and automatically expire after 24h. The user can manually extend the expiration.
Access to messages
Access takes place through a valid session or login with email and password. Messages are retrieved on-demand directly via the mail.tm API service and are not stored in the mailwipe archive. They are automatically accessible as long as the session (sessionID+CSRF token) is valid; otherwise, redirect to the main page. Messages are automatically deleted every 7 days by mail.tm.
Message options
Each message has these features: it is highlighted in blue when unread; turns red when deleted; shows a clip icon when an attachment is present; each attachment can be downloaded individually. In each message, the following actions are available via icon: deletion, report shield, download in .html or .eml format (with attachments).
Simple and compact interface
Clear and navigable dashboard from desktop, smartphone, and tablet, with all main features easily accessible in a responsive manner.
Report Shield
Each email can be analyzed for trackers, suspicious links, and SPF/DKIM/SMTP path headers. A convenient button is available in the options section of each message.
Export and management
Each email is temporary, expiring after 24 hours if the user does not extend the expiration from the creation date. Expiration results in the loss of all messages, but a convenient function allows saving them on the user's device.
Protection and security
Sessions use Secure, HttpOnly, SameSite=Strict cookies. CSRF tokens and sessionIDs are stored in the database and expire after 30 minutes of inactivity (sliding timeout). Session ID regeneration every 15 minutes. Forms protected with Cloudflare Turnstile.
Data deletion
All operations performed within mailwipe applications save the following information:
- Temporary email application: csrf token, sessionid, temporary email, mail.tm token, creation date, expiration date
- Link scanning application: csrf token, sessionid, BASE64ID of the url, creation date, expiration date
- Domain & IP analysis application: csrf token, sessionid, DOMAIN NAME, DOMAIN HASH, creation date, expiration date
- File scanning application: csrf token, sessionid, filetype, file sha256, creation date, expiration date
each piece of information has an expiration date set 24 hours after its creation, and except for the email it is not possible to extend such expiration. Automated processes delete all expired information, including the temporary email. In any case, if the session has not expired, the user can delete and export such information independently. Otherwise, it will be automatically deleted after 24 hours.
URL scan
Analyzes URLs in real time. Data is temporary, linked to sessionID+CSRF token, with export and deletion possible via MyActivity. Forms protected with Cloudflare Turnstile. Analysis is powered by VirusTotal technology.
Domain check
Checks domains/IPs, collects WHOIS, DNS, SSL/TLS, and blacklist data. All operations are associated with sessionID+CSRF token. Export/deletion via MyActivity. Forms protected with Cloudflare Turnstile. Analysis is powered by VirusTotal technology.
File scan
Upload and analyze files up to 32MB. Files are not stored on the server, only in temporary memory. SessionID+CSRF token ensure user association, with automated expiration and deletion after 24 hours. Forms protected with Cloudflare Turnstile. Analysis is powered by VirusTotal technology.
My Activity
Dedicated page to view session-related activities (mail activation, URL, file, and domain scans) performed independently by the user. Allows deletion and export in .txt with sanitized and anonymized content. All information saved in the DB is linked to sessionID+CSRF token.