Home

Awesome

<p align="center"> <a href="" rel="noopener"> <img height=200px src="https://raw.githubusercontent.com/HaschekSolutions/opentrashmail/master/web/imgs/logo-200.png" alt="Open Trashmail"></a> </p> <h1 align="center">Open Trashmail</h1> <div align="center">

Apache License Hits

Selfhosted trashmail solution - Receive Emails via Web UI, JSON API, RSS feed and Webhook

</div>

Screenshot of Open Trashmail

Changelog

Features

General API calls and functions

EndpointExplanationExample output
/rss/[email-address]Renders RSS XML for rss clients to render emails
/api/raw/[email-address]/[id]Returns the raw email of the address. Warning: Output can be as large as the email itself so might be up to 20mb for mails with large attachments
/api/attachment[email-address]/[attachment-id]Returns the attachment with the correct mime type as header
/api/delete/[email-address]/[id]Deletes a specific email message and their attachments
/api/deleteaccount/[email-address]Deletes all messages and attachments of this email account

JSON API

EndpointExplanationExample output
/json/[email-address]Returns an array of received emails with links to the attachments and the parsed text based body of the email. If ADMIN email is entered, will return all emails of all accounts
/json/[email-address]/[id]To see all the data of a received email, take the ID from the previous call and poll this to get the raw and HTML body of the email. Can be huge since the body can contain all attachments in base64
/json/listaccountsIf SHOW_ACCOUNT_LIST is set to true in the config.ini, this endpoint will return an array of all email addresses which have received at least one email

Configuration

Just edit the config.ini You can use the following settings

Docker env vars

In Docker you can use the following environment variables:

ENV varWhat it doesExample values
URLThe URL of the web interface. Used by the API and RSS feedhttp://localhost:8080
DISCARD_UNKNOWNTells the Mailserver to wether or not delete emails that are addressed to domains that are not configuredtrue, false
DOMAINSThe whitelisted Domains the server will listen for. If DISCARD_UNKNOWN is set to false, this will only be used to generate random emails in the webinterface
SHOW_ACCOUNT_LISTIf set to true, all accounts that have previously received emails can be listed via API or webinterfacetrue,false
ADMINIf set to a valid email address and this address is entered in the API or webinterface, will show all emails of all accounts. Kind-of catch-alltest@test.com
DATEFORMATWill format the received date in the web interface based on moment.js syntax"MMMM Do YYYY, h:mm:ss a"
SKIP_FILEPERMISSIONSIf set to true, won't fix file permissions for the code data folder in the container. Useful for local dev. Default falsetrue,false
PASSWORDIf configured, site and API can't be used without providing it via form, POST/GET variable password or http header PWDyousrstrongpassword
ALLOWED_IPSComma separated list of IPv4 or IPv6 CIDR addresses that are allowed to use the web UI or API192.168.5.0/24,2a02:ab:cd:ef::/60,172.16.0.0/16
ATTACHMENTS_MAX_SIZEMax size for each individual attachment of an email in Bytes2000000 = 2MB
MAILPORT_TLSIf set to something higher than 0, this port will be used for TLSC (TLS on Connect). Which means plaintext auth will not be possible. Usually set to 465. Needs TLS_CERTIFICATE and TLS_PRIVATE_KEY to work465
TLS_CERTIFICATEPath to the certificate (chain). Can be relative to the /python directory or absolute/certs/cert.pem or cert.pem if it's inside the python directory
TLS_PRIVATE_KEYPath to the private key of the certificate. Can be relative to the /python directory or absolute/certs/privkey.pem or key.pem if it's inside the python directory
WEBHOOK_URLIf set, will send a POST request to this URL with the JSON data of the email as body. Can be used to integrate OpenTrashmail in your own projectshttps://example.com/webhook
ADMIN_ENABLEDEnables the admin menu. Default falsefalse / true
ADMIN_PASSWORDIf set, needs this password to access the admin menu123456

TLS

Since v1.3.0 TLS and STARTTLS are supported by OpenTrashmail.

What you should know

Be aware there are two ways to use TLS with email

  1. STARTTLS
  2. TLS on Connect (TLSC)

STARTTLS does not require a specific port as it starts out as plaintext and then upgrades to TLS if the server advertises the "STARTTLS" command (which OpenTrashmail does automatically if the Certificate and key settings are configured). Since it's run on the default MAILPORT you don't need to open other ports for it to work.

TLS on connect is wrapping TLS around the exposed ports so it's not possible to talk to it in plaintext and therefore it needs a different port to work. Usually port 465 is used for this.

About the certificates

For TLS to work you first need a certificate that corresponds with the hostname of the SMTP server. This can be done using Lets'encrypt and even works with wildcard certificates.

For testing environments you can create a certificate by running the following command from inside the python folder:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem   -days 365 -nodes -subj '/CN=localhost'

You then need to set the settings for MAILPORT_TLS (not needed if you only want to support STARTTLS), TLS_CERTIFICATE and TLS_PRIVATE_KEY.

Testing TLS

The /docs/Dev.md file contains a few hints on how to debug and test TLS and TLSC connections. It uses the tool swaks which should be avaialable in every package manager.

Roadmap

Quick start

Set the MX Records

In your DNS panel create a MX record for your domain pointing to the IP of the server hosting OpenTrashmail.

The following example will allow you to send emails to example.com

mail.example.com.	IN	A		93.184.216.34
example.com.    14400   IN      MX      10      mail.example.com.

This advanced example will allow you to use a wildcard domain:

mail.example.com.	IN	A		93.184.216.34
*.example.com.    14400   IN      MX      10      mail.example.com.

This in combination with the configuration option "DOMAINS" (eg docker parameter -e DOMAINS="*.example.com") will allow you to use any address with any subdomain of example.com (eg test@robot.example.com, john@lynn.example.com, etc..)

Running in docker (preferred)

Simple start with no persistence

docker run -it -p 25:25 -p 80:80 -e URL="https://localhost:80" hascheksolutions/opentrashmail:1

Saving data directory on host machine

docker run -p 80:80 -p 25:25 -e URL="https://localhost:80" -v /path/on/host/where/to/save/data:/var/www/opentrashmail/data hascheksolutions/opentrashmail:1

Complete example with running as daemon, persistence, a domain for auto-generation of emails, acceptng only emails for configured domains, cleanup for mails older than 90 days and auto restart

docker run -d --restart=unless-stopped --name opentrashmail -e "DOMAINS=mydomain.eu" -e "DATEFORMAT='D.M.YYYY HH:mm'" -e "DISCARD_UNKNOWN=false" -e "DELETE_OLDER_THAN_DAYS=90" -p 80:80 -p 25:25 -v /path/on/host/where/to/save/data:/var/www/opentrashmail/data hascheksolutions/opentrashmail:1

How it works

The heart of Open Trashmail is a Python-powered SMTP server that listens on incoming emails and stores them as JSON files. The server doesn't have to know the right email domain, it will just catch everything it receives. You only have to expose port 25 to the web and set an MX record of your domain pointing to the IP address of your machine.