A throwaway inbox that lives for ten minutes.
For sign-ups you'll never use again. We make the address; the internet sends mail; you read it; it disappears.
Free, forever. Tips keep it running.
No accounts, no upsells. The domain renewal and the maintainer's coffee are paid for by readers like you. If tenmin.app saved you from a junk newsletter, drop a couple of bucks — every bit helps us stay independent and ad-light.
A disposable inbox, explained in one screen.
Half the email a person gets in a given week is administrative noise from sites they signed up for once and forgot about: receipts for downloads they wanted, codes for forums they'll never post on, newsletters from SaaS products they trialled in 2022. That mail isn't malicious, but it doesn't belong in the same inbox as the message your doctor sent yesterday. tenmin.app is a place to put the noise: a random address that works exactly like a normal email address for the next ten minutes, then ceases to exist.
When a disposable address is the right tool
A throwaway inbox shines when three things are true: the sender only needs you once, the message arrives within minutes, and you don't care about the conversation after the fact. Common examples:
- Lead-magnet downloads. The PDF, ebook, or template gated behind a signup form. The download link arrives instantly; the welcome sequence does not.
- One-time verification codes. Forums, demo accounts, free trials of software you'll evaluate once and either buy or move on from.
- Coupon and discount unlocks. "Sign up to reveal your code" flows where the entire value of the signup is delivered in the first email.
- Testing your own send pipeline. If you're building a service that sends mail, point it at a tenmin.app address to see exactly what your recipients will see, including how Gmail renders the HTML, without polluting your own inbox.
When it's the wrong tool
Don't use tenmin.app for anything where missed delivery would be a real problem. The mail you receive here is auto-deleted after ten minutes, the address itself stops routing at the same moment, and the sender will not be able to resend if they only try once. In particular:
- Don't use it as the recovery email for an account you care about.If you lose access and the only way back in is a code sent to a tenmin.app address, you're locked out.
- Don't use it for high-stakes communication. The address is effectively public — anyone who knows or guesses the six-character ID can read what was sent to it during its lifetime.
- Don't use it to evade fraud controls. Many services treat a disposable-email signup as a signal of bad intent, and our terms specifically prohibit this use.
Read more on the blog
We publish long-form guides on disposable email, signup hygiene, and the practical mechanics of email privacy. A few of the most-read entries:
- The best disposable email services in 2026 — tested and compared
Honest review of tenmin.app, Mailinator, 10MinuteMail, Temp-Mail, Guerrilla Mail, and EmailOnDeck — with the trade-offs that decide which one you want.
- Disposable email for Steam, Discord, Reddit, and Twitch
Which gaming platforms accept temp mail at signup, where you'll hit phone-verification walls, and what to do for each.
- Disposable email for ChatGPT, Claude, and AI tools
Which AI services accept disposable email, which block it, and what to do for each — including which aliasing service works best for AI signups.
- Disposable email vs. email aliasing — which do you need?
A decision tree for picking between throwaway inboxes, forwarding aliases, plus-addressing, and full custom domains.
- Why some sites block disposable email
The domain reputation lists, validation libraries, and risk signals that decide whether your signup goes through.
- Email privacy 101 — what your address reveals about you
Headers, tracking pixels, list brokers, and the small choices that decide how much your email leaks.
See all guides → · Compare with other temp-mail services · Glossary of terms
How it actually works
When you load this page, your browser generates six random hexadecimal characters and asks our domain ("Is there mail for [email protected]?") every three seconds. Cloudflare's Email Routing service accepts anything sent to *@tenmin.app, hands it to a small Worker, and that Worker writes the parsed message to a key-value store with a 10-minute time-to-live. The TTL is the deletion mechanism — there's no cron job, no cleanup script, no manual moderation queue. When the TTL passes, the data is gone.
The frontend renders incoming mail inside a sandboxed iframe with scripts stripped, so even if a sender tries to embed tracking JavaScript or an exploit payload, nothing executes. Remote images do load — stripping them would break far too many legitimate emails to be worthwhile — so if you're concerned about a tracking pixel, switch to the plain-text view of the message.
How we keep this free
tenmin.app costs about thirty dollars a year to run — almost all of it the domain renewal — because Cloudflare's free tier is generous enough that the storage, routing, and compute don't cost us anything at normal traffic. The rest is covered by tips from people who use the service often enough to feel like contributing, and by a single discreet ad slot that appears below this article when we have a sponsor matched to the page's topic.
We do not, and will not, sell access to the messages flowing through the service. We do not feed message contents into ad targeting. Any ads served by Google AdSense are keyed off the page's editorial topic — not what's in your inbox.
Quick FAQ
A handful of questions people ask most often. The full set lives on the FAQ page.
Will the address still work after I close this tab?
Yes, for up to ten minutes from when it was last refreshed. The address is tied to the storage entry, not the browser tab — anything sent to it before the timer ends is stored. You just won't be the one watching it arrive.
Can I receive sign-in codes and password reset links?
Yes. Most one-time codes, magic links, and verification emails arrive within seconds. A handful of services (banks, government portals, some crypto exchanges) explicitly block disposable-email domains; for those, you'll see the signup form reject the address before any mail is sent.
Why doesn't the inbox show attachments inline?
We render the message body but don't auto-display attachment previews — partly to keep the page light, partly because most disposable-inbox use cases don't need it. The header indicates when an attachment is present.
Is the mail encrypted?
In transit, yes — Cloudflare enforces TLS on the inbound SMTP connection where the sending server supports it. At rest, mail lives in Cloudflare's KV storage with their standard encryption, and is deleted after ten minutes regardless.
How is this different from forwarding everything to a Gmail alias?
A forwarding alias is a long-lived address that funnels into your real inbox. tenmin.app is the opposite: a short-lived address that funnels into nothing — once the timer ends, neither you nor a future sender can recover anything. If you want long-lived aliases, you want a service like SimpleLogin or Addy.io. If you want one-shot signup throwaways, you want this.
Want to know more?
The About page explains the architecture and the motivation. The Guides section goes deeper on disposable email, signup hygiene, and adjacent privacy topics. The Privacy policycovers what we collect (essentially nothing) and how long we keep it (essentially no time at all). The Terms of service describe what the service is and isn't for. If none of those answer your question, the contact page lists how to reach us.