What was the Pokemail problem? My younger brother is a mod at a gaming forum, and is curious to know if it is an issue that should concern all forum admins!
Pokemail is a service that provides a temporary / disposable email address. In effect, it's akin to a VPN for email - a service that cloaks the user in a temporary and non-traceable guise when seen from the receiving (e.g., forum) end. It does this by inserting an intermediate node that translates the relevant real ID (email address) of its user / sender into a fake ID (alternate email address) seen by the receiver (e.g., forum). In addition, Pokemail establishes a temporary and disposable drop box for emails sent to the service-provided fake ID.
The payoff is virtual anonymity for the registered Pokemail user, who accesses sites and services figuratively wearing a mask of indirection (as to who / where he or she really is).
This is admittedly useful for ordinary folks who wish to maintain anonymity / privacy. Unfortunately, it's also useful - even critical - for folks who require anonymity / privacy for nefarious purposes (e.g., scammers, spammers and hackers).
An email address is the key operational identifier for members of web forums such as ours. Subverting the 1-to-1 mapping between an email address of record (on our end) and a single person on the other end represents a security problem.
A number of similar email indirection / re-direction services have been banned because they're overwhelmingly exploited by 'bad guys'. Pokemail was something of a borderline risk, but it's now been promoted (?) to a high risk for anyone who relies upon email addressing as an identifier or credential. Your brother can check security sites to learn more about the vulnerability and others' evaluation of the risk. {1}
Owing to a recent incident demonstrating linkage between Pokemail usage and a set of known spammers / hackers, we will no longer extend the benefit of the doubt to this service, and it has been banned just as we've done for similar services.
Whether or not this represents an operational risk for your brother's site would naturally depend on that site's requirements for reliable identification of, and communication with, its users based on email addressing.
{1} Here's an example:
https://www.ipqualityscore.com/domain-reputation/pokemail.net