The TempMail Python API is out!

Want to use the TempMail API using Python? Try our easy-to-use library built for Python!

Ever wanted to interact with the API using Python but didn’t want to use raw HTTP requests? Well now we got your back.

First off, I would like to say thank you to Alex Torres for making the Python library. You can view the code here, feel free to contribute!

Important – read before using

The API has a few limitations:

  • You must use the token to check for emails within 10 minutes of the last check or the creation of the inbox, otherwise it is deleted.
  • Inboxes expire after 1 hour.


Use the pip command to install the library:

pip install tempmail-lol

Example Usage

from TempMail import TempMail #imports everything from TempMail library
import time #import time module

inbox = TempMail.generateInbox() #returns an Inbox object with Email and Token

print("Email Address: "+ inbox.address) #View output below
print("Authorization Token: "+ inbox.token)

    Email Address: [email protected]
    Authorization Token: RCfc1og1z1JzuN1mkXL2eFdAc_8uxSRAwcGhUoXuH26e7nnJMdVVtSxxasZLD9D2OHTKIjVEvLhK7S0K5QIanA

while(True): #Infinite Loop
    emails = TempMail.getEmails(inbox) #Returns list of Email objects
    print(emails) # View output below
    time.sleep(30) #wait 30 sec

    [Email ([email protected], [email protected], 
            subject=Subject line, body=Text Area, html=<div dir="ltr">Text Area</div>, 
            date=1652824961713 )]


Thanks again to Alex Torres for making the API. If you found it useful or have any suggestions, feel free to ask on GitHub. Let us know what you end up creating!

How to use the TempMail API

Want to use the API? Now you can! Check out our pre-made libraries or use the raw API.

Thank you to everyone who is using the website. If you are a developer, you can use our API on your own platforms (as long as it isn’t your own TempMail site)!

The API for is under the GNU AGPLv3 License.


As of now, we have libraries for the following languages:


Do we not have a library for your language yet? Feel free to reach out to me via email: [email protected] if you want your library added. In the meantime, you can use the raw API via HTTP requests to access our services.

The base URL should be stored as a constant. It is

There are two endpoints currently. First, to generate emails, the /generate endpoint. Upon successfully generating an email, the server will return the following data:

    "address": "[email protected]",
    "token": "token_to_check_for_emails"

Afterwards, use the token to check for new emails.


Inboxes expire after one hour, there is no avoiding this. If you do not check for new emails within 10 minutes of last check (or inbox creation) it will be deleted early.

To use the token to check for emails, GET the following endpoint: /auth/<token>

If you get an email (or multiple emails), you will be returned an array of email objects:

    "email": [
            "from": "[email protected]",
            "to": "[email protected]",
            "subject": "sub",
            "body": "hi",
            "html": "this field may not be present",
            "date": 1652814863785
            "from": "someotheremail@address",
            "to": "[email protected]",
            "subject": "subject",
            "body": "hello",
            "html": "<b>hello</b>",
            "date": 1652814873785

Note: once you get the emails, they are permanently deleted from our servers.

If there are no emails, the following response will be returned:

    "email": null

And finally, if your token is invalid, the following response will be returned:

    "email": null,
    "token": "invalid"


Let me know what you end up creating! I can be reached via email at [email protected]

You can also join the Discord server below by clicking the “connect” button:

How to Compress and Decompress bz2 Files in Linux

In this article, I will be showing you how you can compress and decompress files using the bz2 format in Linux on the command line.

Compression in computing has been around for decades, and new formats of compression come out every so often that are more efficient than others. In this article, I will be showing you how you can compress and decompress files using the bz2 format in Linux on the command line.

What is the bz2 format?

According to their manual file:

bzip2 compresses files using the Burrows-Wheeler block sorting text compression algorithm, and Huffman coding. Compression is generally considerably better than that achieved by more conventional LZ77/LZ78-based compressors, and approaches the performance of the PPM family of statistical compressors.

Installing bzip2

Depending on your Linux operating system, you may need to install a package to use it.

First, check to see if you have the package:

which bzip2

If you get a response such as /usr/bin/bzip2, /bin/bzip2, etc. then you have it installed already! Otherwise, use one of the following commands to install it:

# on Ubuntu/Debian based operating systems
sudo apt install bzip2

# on CentOS based operating systems
sudo yum install bzip2

# on Arch Linux and Arch based systems
pacman -Sy bzip2

Using bzip2 to compress file(s)

You can use the following command to compress a single file:

# -z tells bzip2 to compress.
bzip2 -z yourfile

WARNING: bzip2 will delete input files (those that you have compressed) once it has finished. To have it keep the files, append -k to the command, like so:

# -z tells bzip2 to compress and -k tells bzip2 to keep the input files after it has finished
bzip2 -kz yourfile

Using bzip2 to compress folders/directories

To use bzip2 on a folder or directory, you will need to make a .tar archive first, then use bzip2 on the folder.

Making a tar archive is easy! Use the following command on the folder you want to make a tar file of:

# -c tells tar to create a new archive, -f tells it to store the archive to the specified file
tar -c -f myarchive.tar ./folder1/ ./folder2/ ./folder3/ ./myfile.txt

You now have a .tar version of your folder(s) and file(s).

Now we can use the bzip2 command to compress the file, as in the above instructions:

# -z tells bzip2 to compress.  (if you want to keep the original .tar file, use -kz instead of just -z)
bzip2 -z myarchive.tar

Now, we have a new file: archive.tar.bz2, which, depending on your use case, will save you a lot of disk space for archiving purposes.

Using bzip2 to decompress files

Once you have a .bz2, .bz, .tbz2, or .tbz file, you can decompress it with the following command:

# -d tells bzip2 to decompress, use -dk instead to keep the original bzip2 file, otherwise it will be deleted.
bzip2 -d mycompressedfile.bz2

Using tar to decompress .tar.bz2 files

# -x tells tar to extract, -j tells tar to use bzip2, -f tells tar which file to decompress
tar -xjf myarchive.tar.bz2


While commands like these are not always easy to remember, you can always use the man command, then press / and type what you want to search for in the man page.

Security – Your VPN Does Not Keep you Secure

VPNs can be misleading, learn exactly what a VPN does and doesn’t do to protect your online security.

VPNs, something we have all seen online, and recently they have made their way into TV commercials, promoting their “one-click security” software; however, this could not be further from the truth.

The basic goal of a VPN is to change your IP address; though, this is easy to detect. If you use an online account, you will still be tracked online, as that account may have your real name, email address, or even more information attached to it.

I’ll go over the main points of what a good VPN does and does not do:
A good VPN will:

  1. Hide which websites you visit
  2. Hide your actual IP address from the website
  3. Change your “location” to make it seem as if you are in a different city, state, or even country.

For this website,, you are connected securely. Your ISP (Internet Service Provider) can see you are connected to, but cannot see anything after the slash; all of that information is encrypted before being sent to our servers. You can distinguish encrypted websites from non-encrypted websites by seeing if they start with HTTP (Hyper Text Transfer Protocol) or HTTPS (Hyper Text Transfer Protocol Secure). Note: just because a website has HTTPS, it does not mean that the website is trustworthy. Anyone can get a certificate to encrypt their connection for free. For more information, see the following post: HTTPS – Secure Websites are not Always Trustworthy.

Now, a good VPN WILL NOT do any of the following:

  1. Make you completely anonymous
  2. Hide all of your Internet activity
  3. Make your Internet or computer more secure
  4. Completely protect you from viruses

Additionally, the government of the VPN company may issue a gag order, telling them to start logging information, such as websites users visit, their original IP address, and even website data for unencrypted connections.

How do I have Better Online Security?

There are basic tips to staying secure online, here is a list of some of those.

  1. Do not give out your email address to random websites.
  2. Watch out for websites that may ask you to install extensions. Websites will not require you to enable notifications to use the site; only enable notifications for websites you trust.
  3. If you are signing up for a website which you are not going to use in the future, try using a temporary email provider, such as, which will generate a temporary email address with no ties to you.

Of course, the most important rule is to make sure that you, the person reading this text, do not interact with things that seem sketchy, or at the very least, be more skeptical of what you download online. As part of our blog, we have articles about scams in the Scam category on different types of scams and how you can avoid them.

HTTPS – Secure Websites are not Always Trustworthy

HTTPS, while secure, does not mean a website is legitimate. See how scammers obtain secure websites to trick potential victims.

We’ve been taught that secure websites (those that start with https rather than http) are more trustworthy than those that do not. While this has some validity to it, this is not always the case.


HTTP (Hyper Text Transfer Protocol) and HTTPS (Hyper Text Transfer Protocol Secure) define how websites are transferred from the server to you, the client. HTTP sends data unencrypted, anyone who has an antenna at the right frequency, a line listening in between the router and the Internet provider, or any of the other steps along the way, can see exactly what you request, and what the website returns to you (this can include personal information), which is why HTTPS is used now.

HTTPS encrypts your data, so information you send to the website (such as your name, credit card details, etc.) cannot be intercepted by hackers listening in on the conversation; however, this does not make the site trustworthy.

For a site to use HTTPS, they must first acquire a certificate from a provider. There are some providers (such as Cloudflare) that are free, which can allow scammers to host a (now secure) phishing website. While services such as Cloudflare do take down phishing scams, often they have already moved on to another scam, making them difficult to stop.

What does this mean for me?

While it encrypts your Internet activity from you to the website, HTTPS does not mean that a website is secure. Scams are everywhere, and scammers are easily able to obtain certificates to secure their website, making it look legitimate to potential victims of the scam.

Online scams usually have several red flags. If you see some of these red flags, you should leave the site instantly. As part of the blog, we will be releasing several articles on scams on the Scams category with information on how the scam works, signs of the scam, and how to avoid them. Stay tuned!

TempMail API for JavaScript is Ready!

Ever wanted to make a program that interacted with but didn’t want to figure out the API yourself? Now, you can use our basic JavaScript/TypeScript library to do so!

Ever wanted to make a program that interacted with but didn’t want to figure out the API yourself? Now, you can use our basic JavaScript/TypeScript library to do so!

To get started, install the library on your project:

npm i

You can also use Yarn if you prefer.

yarn add

Important – Read Before Using

Inboxes have a hard expiration time of one hour. If you do not use the token to check for emails within 10 minutes of the last check, the inbox will expire.


Using the API is very simple. To create an inbox, use the following code:

const {createInbox} = require("");

createInbox((inbox, err) => {
    if(err) {
        return console.error(err);
    console.log(`Created new inbox: ${inbox.address}`);
    console.log(`Inbox token: ${inbox.token}`);

Or you can use promises if you prefer:

const inbox = await createInboxAsync();
//or you can use .then()

Make sure to save either the Inbox or the token returned, as you will need it to access any received emails.

To access received emails:

const {checkInbox} = require("");

checkInbox("YOUR_TOKEN", (emails, err) => { //you can also pass in the Inbox object.
    if(err) {
        return console.error(err);
    emails.forEach((e) => {
        console.log(JSON.stringify(e, null, 4));

Of course, you can also use the async method:

const emails = checkInboxAsync("YOUR_TOKEN"); //you can also pass in the Inbox object.

Note: if the token is invalid, the checkInbox and checkInboxAsync methods will throw an error. Keep this in mind for when you use it in production.


I learn from examples, and you might as well! Here is an example program that generates an email, checks for new emails every 10 seconds, then displays if any are received.

const {createInbox, checkInboxAsync} = require("");

createInbox((inbox, err) => {
    if(err) {
        return console.log(err);
    console.log(`Inbox created: ${inbox.address}`);
    //Check for new emails every 10 seconds
    setInterval(async () => {
        const emails = await checkInboxAsync(inbox);
        if(emails.length > 0) {
            console.log(`${emails.length} emails received`);
            //print out each email.
            emails.forEach((value, index) => {
                console.log(`${index + 1}: ${value.subject}`);
                console.log(`from: ${value.from}`);
                console.log(`date sent: ${new Date(}`);
                console.log(`body: ${value.body}`);
                console.log(`html: ${value.html}`); //note: html may be undefined.
    }, 10000);

Pretty cool! Let me know what you end up creating, you can reach me at [email protected].

You’re Probably in a Data Breach – Here’s How you Check

Data breaches can be scary, learn how to find out if you’re in one and how to recover from one if you are.

Did you know that a lot of people are in a data breaches who don’t even realize it? Fortunately, there are websites that exist that allow you to check if you are part of a data breach.

HaveIBeenPwned is a website that allows you to enter an email address/phone number/password (we’ll get to how they check passwords securely later).

Checking email addresses

You can enter your email address to check if you are part of a data breach.

For this instance, I’ll be checking [email protected], and at the time of writing, this email has been part of 79 data breaches, ouch!

Too bad for this dummy email, it will be getting a lot of spam in the future!

What if I’m part of a breach?

Chances are, one of your email addresses were part of a data breach. There is no undoing this, but there are things you can do going forward.

  1. If you are signing up for websites you will not use in the future, use a temporary email provider, such as, which is actually much safer than using an email dedicated for dubious websites. This will also prevent same email-based tracking.
  2. Change the password you used on the pwned websites, then, if you used that password on any other website, change the passwords for those websites. It can get very tedious, but well worth having the peace of mind!
  3. Use a password manager. Firefox and Google Chrome have built-in password managers, and even have options for allowing users to sync their passwords to mobile devices!

Checking passwords

Putting your passwords into a data breach checker can seem very sketchy, and I was off-put at first until I learned how it worked. You send a portion of your hashed password (which you can obtain by using this website using the sha-1 algorithm), then they return a list of possible passwords, which your browser checks. Your password is not revealed to anyone during the process.


Use a password manager. Google Chrome and Firefox have built-in password managers that sync with devices, and Apple users can use iCloud Keychain to securely sync long passwords between devices. Stay safe!

How to get a Temporary Email Address

Ever wondered how to get a temporary email address? Check out and generate one for free!

Temporary email address generators are one of the more useful tools you can find on the internet, but not a lot of people know about them. Thankfully, there are tools, such as, that will allow you to generate a random, secure, and temporary email address that you can use to signup for websites.

How does it work? generates a temporary email address, and you can use it to register for accounts online. When we receive the email on our servers and sent to you, it is deleted from our end, so we never know who uses our services.

What can I use it for?

Anything! Well, almost anything! The intent of is to allow users to sign up for websites they will not use in the future or to test their email to make sure that emails they send are going through correctly.

It is NOT a replacement for your everyday email. As per the name, the emails are temporary. After one hour in time, your email will be erased, and no one else will be able to access it after that time.

How does this help me?

Spam is everywhere! Let’s say you signup for a website that, to view the price for a car, you are required to give your email address. Several days after signup, they may sell your email address to advertisers, flooding your inbox with spam! If a email is sold, it’ll go to an inbox which will not exist once the spam is received.

This is especially relevant for websites which require you to not only enter an email, but confirm it as well. You can confirm email addresses received to emails.

Best news of all, the site’s colors are easy on the eyes!