Temp mail
in cURL.
Disposable inboxes and OTP capture, straight from your terminal with curl + jq.
#!/usr/bin/env bash
# Create a disposable inbox (TTL 30 min) and print the address.
# Requires: curl, jq, and EVILMAIL_KEY in your environment.
curl -s -X POST https://evilmail.pro/api/temp-email \
-H "X-API-Key: $EVILMAIL_KEY" \
-H "Content-Type: application/json" \
-d '{"ttlMinutes": 30}' \
| jq -r '.data.email'Wiring cURL temp mail into your workflow lets you spin up a throwaway inbox, wait for a verification email, and pull the confirmation code without ever leaving the shell. EvilMail is a temp-email API built for developers: three plain HTTP endpoints, no SDK, no browser, no account signup per test. Point curl at it from a CI pipeline, a bash test harness, or a quick one-off script, and you get a real mailbox that receives OTP codes, magic links, and welcome emails on demand — perfect for exercising sign-up and email-verification flows end to end.
Why use temp mail in cURL
Automated email verification in CI
Generate a fresh inbox inside your pipeline, trigger a sign-up, and poll for the confirmation email — all in a single bash step. No shared test mailbox, no flaky manual checks.
OTP and 2FA login testing
Fetch one-time passcodes with a curl call and a regex, then feed them straight into your login flow. Ideal for end-to-end tests that must pass a real email challenge.
Throwaway addresses for scripts
Need a valid inbox for a webhook, a trial signup, or a smoke test? Create one on the fly with a POST request and discard it when the TTL expires.
Debugging transactional email
Capture the raw text and HTML of what your app actually sends, then inspect subjects, links, and bodies from the command line to catch template or delivery bugs fast.
The flow — cURL temp mail in 3 calls
Create a disposable inbox
#!/usr/bin/env bash
set -euo pipefail
# Create a 30-minute disposable inbox in one POST.
resp=$(curl -s -X POST https://evilmail.pro/api/temp-email \
-H "X-API-Key: $EVILMAIL_KEY" \
-H "Content-Type: application/json" \
-d '{"ttlMinutes": 30}')
# Pull the address and session token out of the response.
EMAIL=$(echo "$resp" | jq -r '.data.email')
TOKEN=$(echo "$resp" | jq -r '.data.sessionToken')
echo "Inbox: $EMAIL"
echo "Token: $TOKEN"Poll until the email arrives
#!/usr/bin/env bash
set -euo pipefail
# Poll the inbox up to 20 times, 3s apart, until mail lands.
# (Note: don't use $UID — it's a read-only bash variable.)
MSG_UID=""
for i in $(seq 1 20); do
msgs=$(curl -s "https://evilmail.pro/api/temp-email/$TOKEN" \
-H "X-API-Key: $EVILMAIL_KEY")
MSG_UID=$(echo "$msgs" | jq -r '.data.messages[0].uid // empty')
if [ -n "$MSG_UID" ]; then
echo "Message arrived (uid=$MSG_UID)"
break
fi
echo "Attempt $i: nothing yet, retrying in 3s..."
sleep 3
done
if [ -z "$MSG_UID" ]; then
echo "Timed out waiting for mail" >&2
exit 1
fiRead the message & extract the code
#!/usr/bin/env bash
set -euo pipefail
# Fetch the full message body by uid.
body=$(curl -s \
"https://evilmail.pro/api/message/$MSG_UID?token=$TOKEN" \
-H "X-API-Key: $EVILMAIL_KEY")
TEXT=$(echo "$body" | jq -r '.data.text')
# Grab the first standalone 6-digit code from the body.
CODE=$(echo "$TEXT" | grep -oE '\b[0-9]{6}\b' | head -n1)
echo "OTP: $CODE"cURL temp mail — FAQ
Q1How do I get a temp mail address in cURL?−
Send a POST request to https://evilmail.pro/api/temp-email with your X-API-Key header and a JSON body like {"ttlMinutes": 30}. The response contains data.email (the address) and data.sessionToken, which you use for all follow-up calls. Pipe the response through jq to read the fields.
Q2Can I use this for automated testing?+
Yes — that's the primary use case. Because everything is plain HTTP, you can create inboxes, poll for messages, and extract codes from any CI runner or bash test script. Create a fresh inbox per test run to keep runs isolated and avoid cross-contamination between cases.
Q3How do I extract the OTP?+
Fetch the message with GET /api/message/{uid}?token={sessionToken}, read data.text (or data.html) via jq, then run a regex over it. For a standard 6-digit code, grep -oE '\b[0-9]{6}\b' | head -n1 returns the first match. Adjust the pattern for links or other code formats.
Q4Do I need an API key / are there rate limits?+
Yes, every request must include your X-API-Key header — read it from an environment variable such as EVILMAIL_KEY and never hard-code it. Requests are rate limited per key, so add a short sleep between polls (the examples use 3 seconds) rather than hammering the endpoint in a tight loop.
Q5How long does the inbox live?+
You control it with the ttlMinutes value you pass at creation time — 30 minutes in these examples. Once the TTL expires the address and its messages are discarded automatically, so there's nothing to clean up. Request a longer TTL if your flow needs more time to deliver.
Temp mail in other languages
One API key. Disposable inboxes at scale.
Create unlimited throwaway addresses, poll them over HTTP, and pull verification codes straight into your tests and CI. Free to start; custom domains and higher limits on paid plans.

