What is a temporary email address?

A temporary email address is a short-lived, disposable inbox that you can use to receive emails without revealing your real email address. It self-destructs after a set period — on Trashbox, that's 2 hours. Perfect for sign-ups, OTP codes, and avoiding spam.

How long does my temp mail last?

Your temporary inbox stays active for 2 hours from the moment it's created. After that, all emails and attachments are permanently deleted. You can see the remaining time in the countdown next to your address.

Can I use temp mail to receive OTP codes?

Yes, Trashbox works with most OTP and verification emails. We also automatically detect and highlight verification codes and confirmation links so you can copy them with one click.

Is temp mail safe to use?

Yes, for its intended purpose. Trashbox protects your real inbox from spam and unwanted sign-ups. We don't collect personal data, don't store your IP, and all emails are automatically deleted. However, don't use it for banking, government, or any account you need long-term.

Can I send emails from Trashbox?

No. Trashbox is receive-only. You can receive verification emails, OTPs, and sign-up confirmations, but you cannot send outgoing mail.

Can I choose my own email address?

Yes. Click the gear icon next to your address to open the alias picker. Type any username you want, and we'll check if it's available. You can also restore a previous address if it's still within the 2-hour window.

What happens to attachments?

Attachments are saved temporarily and available for download while your inbox is active. When your inbox expires after 2 hours, all attachments are permanently deleted from our servers.

What's the difference between temp mail and regular email?

Regular email requires registration, stores messages forever, and is tied to your identity. Temp mail is the opposite — no sign-up, no personal data, and everything is automatically deleted after 2 hours.

Do you read or store my messages?

No. We don't read, analyze, or mine your emails. Messages are stored temporarily only so you can view them. After 2 hours, they are permanently and irreversibly deleted.

How do I delete my temporary email?

Your inbox is automatically deleted after 2 hours. If you want to discard it sooner, click the gear icon and generate a new address — your previous inbox will be gone.

Can I check emails I already received?

Yes. All received emails appear in your inbox automatically. You can see the sender, subject, and full content. If an expected email hasn't arrived yet, click the refresh button.

privacy

how to protect yourself from spam emails

Practical strategies to reduce spam in your inbox — from temp mail and email aliases to filter settings and breach monitoring. Covers how spammers get your address and how to stop them.

João Dutra · 2026-03-18 · 7 min read

Spam accounts for more than 45% of all email traffic worldwide. On any given day, roughly 160 billion spam messages are sent across the internet. Most land in filters before you ever see them — but enough slip through to be a genuine problem, and the volume in your inbox tends to grow over time as your address gets passed around.

The good news is that most spam isn’t random. Spammers get addresses in predictable ways, which means there are predictable ways to stop them from getting yours.

how spammers get your email address

Understanding the source of spam makes it easier to cut it off.

data breaches

When a company gets hacked, email addresses are almost always part of what leaks. Those breach datasets get sold, combined with other leaks, and traded across criminal forums. Your address from a breach in 2019 can still be generating spam in 2026. You can check whether your email has appeared in known breaches at haveibeenpwned.com — it’s free and updated regularly.

web scrapers

Automated bots crawl websites looking for email addresses. If your address appears in a forum post, a comment section, a public directory, or anywhere else on the open web, scrapers will find it. They’re fast and indiscriminate.

When you enter your email to access a free download, enter a contest, or register for a webinar, you often agree (buried in the terms) to marketing communications or third-party sharing. One sign-up can introduce your address to dozens of list brokers.

purchased lists

Spam operations buy lists of email addresses in bulk. These lists are compiled from scraped data, breaches, and organizations that sell their subscriber data. Once your address is on one list, it tends to spread to others.

dictionary attacks

Less targeted but still common: spammers use software to generate thousands of plausible email addresses at major domains and blast messages to all of them. Any that don’t bounce are confirmed as active and kept for future use — which is one reason you should never reply to spam.

7 practical ways to reduce spam

1. use temp mail for sign-ups you’re not committed to

The most effective single habit: before handing your real address to any site you’re not sure about, use a disposable inbox instead. If the sign-up is just for a free trial, a one-time download, or a service you might use once, a temporary address does the job without exposing your real email to their marketing list or their future data breaches.

Trashbox generates a working inbox instantly with no registration. Visit the page, copy the address, complete the sign-up, receive the verification code, and move on. If the company ever gets breached or sells their list, your real address isn’t in it.

For a full walkthrough of this workflow, see what is temp mail and the OTP verification guide.

2. never reply to spam — not even to unsubscribe

Replying to spam, even to say “remove me from this list,” confirms that your address is active and monitored by a real person. That confirmation makes your address more valuable to the sender. The same applies to clicking “unsubscribe” on emails from senders you don’t recognize — the link may confirm your address rather than remove it.

For legitimate newsletters from companies you knowingly signed up with, unsubscribing is fine. For anything unsolicited, the right move is to mark it as spam and delete it.

3. don’t click suspicious unsubscribe links

Expanding on the point above: malicious unsubscribe links can do more than confirm your address. They can redirect you to phishing pages, download malware, or trigger JavaScript exploits. If an email looks off — sender domain doesn’t match the company, vague subject line, something feels wrong — don’t click anything inside it. Mark it as spam directly.

4. use email aliases for services you actually want

For services you’ll use long-term but where you want an extra layer of protection, an email alias is the right tool. Alias services like SimpleLogin, AnonAddy, or Apple’s Hide My Email create a distinct address that forwards to your real inbox. You can disable any alias that starts receiving spam, and your real address stays hidden.

This is different from temp mail: aliases are permanent and let you receive and reply to mail. Temp mail is for situations where you don’t need the inbox again after the initial sign-up. Using both strategically gives you good coverage — see the comparison in our intro guide for when each makes sense.

5. check if your email has been exposed in a breach

Visit haveibeenpwned.com and enter your email address. The site cross-references your address against a database of known data breaches — currently covering billions of accounts — and tells you exactly which breaches included your email, what data was exposed, and when.

If your address has appeared in breaches, take it seriously: change passwords for any accounts that reuse the same password, enable two-factor authentication where you haven’t, and consider whether some of those accounts should be closed or migrated to a new address.

6. enable and tune spam filters in your email client

Every major email provider offers spam filtering, but the defaults aren’t always aggressive enough. Dig into your settings:

In Gmail, you can create filters to automatically delete or archive mail matching specific patterns
Most providers let you block senders or entire domains
Marking messages as spam helps the filter learn your preferences over time
Some clients offer a “report phishing” option that provides more aggressive filtering than a standard spam report

If you’re receiving a consistent stream from a particular sender or domain, a filter rule is more reliable than hoping the spam algorithm catches it.

7. use a separate address for online shopping

E-commerce sites are a significant source of marketing email and a common target for breaches. Keeping a dedicated address — one you use only for purchases — accomplishes two things: it contains the marketing to one inbox you can manage separately, and it limits the impact if a retailer’s database is ever compromised.

This doesn’t have to be an alias. A separate Gmail or similar account used only for purchases works fine. What matters is that your primary address isn’t in the shopping site’s database.

making temp mail your first line of defense

Most spam starts with a sign-up. The single most effective habit you can build is asking, before entering your email anywhere: do I actually need this site to reach me long-term?

If the answer is no — a free tool, a gated article, a webinar you might attend once, a trial you’re not sure about — use a disposable address. The habit takes five seconds and removes an entire class of future problem.

Trashbox.email keeps this frictionless: open the page, address is ready, no account needed. Once the sign-up is done, the inbox expires on its own.

For the cases where you do need ongoing access — services you’ll actually use, subscriptions you’re committed to, accounts that matter — give your real address but pair it with good filtering and breach monitoring. And for the middle ground, email aliases give you the flexibility to receive mail without exposing your real address.

Spam isn’t inevitable. It’s a consequence of how widely your address has been distributed, and that’s something you can actively manage. The less your real address circulates, the quieter your inbox stays — and the harder you are to phish, credential-stuff, or track across services.

For more on what temp mail protects you from and how it works, see is temp mail safe?.

ready to protect your inbox?

try trashbox — free, instant, anonymous →