Email lookup field 403 error

[__eiNjel __]

I've been updating my site to a new versions of django/drf from 1.7 to 1.10/2.3 to 3.5.

Now im facing this problem, i am wondering whats causing this.

Forbidden 403 when i request to delete certain email. Post method works thou like a charm

viewsets.py

class EmailReminderViewSet(viewsets.ModelViewSet):

    queryset = EmailReminder.objects.all()

    permission_classes = [permissions.AllowAny, ]

    serializer_class = EmailReminderSerializer

    lookup_field = 'email'

    lookup_value_regex = ("@[a-zA-Z0-9_.+-]")

in angular

            $http.defaults.headers.common['X-CSRFToken'] = $cookies.csrftoken;

            $http.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';

Using defaultrouter with no basename for this viewset

But still getting 403 forbidden. Even if i input wrong email address it wouldnt return query with item not found.

Every bit of information how to fix this would be so awesome guys, i've spent more than 40h on this one.

I need to be able to allow both delete and post methods. Post method does work.

Oh, i even tryed disabling middleware csrf and in that case it returned 405 method not allowed.

Site is also using SMS reminder which works for both post/delete methods.