I am working on an app and i am using AWS cognito as credential manager. I want to block any fake email domain from getting registered on my website (e.g. abcd@yoppmail.com, alcd@fakemail.com etc.)
So, Is there any way to blacklist these domains(yoppmail.com , fakemail.com etc.) .
All i found out from AWS docs is (Pre sign-up Lambda trigger. but i want to do it from cognito console only. from AWS console only without touching the codes of my app.
As far as I know what you are asking is not possible. Pre-sign up lambda is the way to go for this use case. All you have to do is check the user's email against some hardcoded list of domains (or maybe a list you get from some api) and reject the user sign up if the email is in that list. It shouldn't be a lot of code.
The tricky part is, how do you know an email is "fake" (a.k.a. disposable) and not an actual custom domain?
you can use an open source list like https://github.com/disposable/disposable to block disposable domains. Problem with this approach is that they are not regularly maintained, and given that new domains are popping up every few minutes these days, this list is not affective against services like https://temp-mail.org/en/.
To prevent this, you can use premium APIs like https://filtertempmail.com. While it updates its list fairly quick, sometimes it can miss on new domains, so you need to keep filtering your list of emails from time to time.
