validate against throwaway email addresses

.gitignore

@@ -18,3 +18,4 @@ files/sslsites.zip
 .vagrant
 public/banned_sites
 public/deleted_sites
+files/disposable_email_blacklist.conf

Rakefile

@@ -38,6 +38,13 @@ task :parse_logs => [:environment] do
   Stat.parse_logfiles $config['logs_path']
 end
 
+desc 'Update disposable email blacklist'
+task :update_disposable_email_blacklist => [:environment] do
+  uri = URI.parse('https://raw.githubusercontent.com/martenson/disposable-email-domains/master/disposable_email_blacklist.conf')
+
+  File.write(Site::DISPOSABLE_EMAIL_BLACKLIST_PATH, Net::HTTP.get(uri))
+end
+
 desc 'Update banned IPs list'
 task :update_blocked_ips => [:environment] do
   uri = URI.parse('http://www.stopforumspam.com/downloads/listed_ip_90.zip')

models/site.rb

@@ -122,6 +122,7 @@ class Site < Sequel::Model
   )
 
   EMAIL_VALIDATION_CUTOFF_DATE = Time.parse('May 16, 2016')
+  DISPOSABLE_EMAIL_BLACKLIST_PATH = File.join(DIR_ROOT, 'files', 'disposable_email_blacklist.conf')
 
   def self.newsletter_sites
      Site.select(:email).
@@ -540,6 +541,21 @@ class Site < Sequel::Model
     !username.empty? && username.match(/^[a-zA-Z0-9_\-]+$/i)
   end
 
+  def self.disposable_email?(email)
+    return false unless File.exist?(DISPOSABLE_EMAIL_BLACKLIST_PATH)
+    return false if email.blank?
+
+    email.strip!
+
+    disposable_email_domains = File.readlines DISPOSABLE_EMAIL_BLACKLIST_PATH
+
+    disposable_email_domains.each do |disposable_email_domain|
+      return true if email.match disposable_email_domain.strip
+    end
+
+    false
+  end
+
   def okay_to_upload?(uploaded_file)
     return true if [:supporter].include?(plan_type.to_sym)
     return false if self.class.possible_phishing?(uploaded_file)
@@ -853,6 +869,10 @@ class Site < Sequel::Model
       errors.add :email, 'Cannot use this email address.'
     end
 
+    if parent? && new? && self.class.disposable_email?(values[:email])
+      errors.add :email, 'Cannot use a disposable email address.'
+    end
+
     # Check for existing email if new or changing email.
     if new? || @original_email
       email_check = self.class.select(:id).filter(email: values[:email])

views/_index_signup_script.erb

@@ -28,7 +28,7 @@
     })
   })
 
-  $('input[type=text],input[type=password]').on('change focusout', function(obj) {
+  $('input[type=text],input[type=password],input[type=email]').on('change focusout', function(obj) {
     $.post('/create_validate', {field: obj.target.name, value: obj.target.value, is_education: $('input[name=is_education]')[0].value, csrf_token: '<%= csrf_token %>'}, function(res) {
       if(res.result == 'ok') {
         return $(obj.target).tooltip('hide')