How to Create Anonymous Email Aliases with SimpleLogin

How to Create Anonymous Email Aliases with SimpleLogin

SimpleLogin is a lightweight and also easy-to-consumption aliases server that permits you to invent irreparable and also confidential e-mail recognitions without inventing brand name-favored mail boxes. This post will divulge you how to install a SimpleLogin server on Ubuntu and also invent confidential e-mail aliases to consumption virtual.

Gracing the Mechanism

Hunch: This post reckons that you are mounting SimpleLogin on a VPS with at the truly least 2GB of RAM. It likewise reckons that you have an lively domain name tag for it from a DNS registrar.

To overture, import the Docker chore’s finalizing fulcrum to your contraption:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg sudo chmod a+r /etc/apt/keyrings/docker.gpg

Panache a database record for the Docker chore:

sudo nano /etc/apt/sources.list.d/docker.list

Write the cooperating with spiel of code inside the database record:

deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu jammy stable

Rejuvenate your contraption’s databases by running the cooperating with command:

sudo apt update && sudo apt upgrade

Installing the Reliances for SimpleLogin

Install both Docker and also SimpleLogin’s dependences to your mechanism:

sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-buildx-plugin nginx dnsutils postfix postfix-pgsql

Pick Internet Website when the Postfix install wizard asks for your mail server arrangement kind.

Press Enter to attest the default “Mechanism mail tag” incentive.

Supply sure that the “core” snap package is running on your contraption:

sudo snap install core

Install the certbot snap package from the Digital Frontier Keystone (EFF):

sudo snap install certbot --classic

Assurance that your mechanism’s firewall is not hampering any of the ports for SimpleLogin:

sudo ufw allow 25,80,443/tcp

Gracing the DNS Documents

Attend your domain name registrar and also invent a brand name-favored “A” record recommending to your contraption’s IPv4 address. Devised the hostname incentive to a subdomain that you want for your SimpleLogin instance.

Add an “MX” record for your root domain name with a target hostname kit to your SimpleLogin subdomain.

Panache a “TXT” record for your root domain name and also kit its incentive to the cooperating with:

v=spf1 mx ~all

Panache a unalike “TXT” record for the subdomain “_dmarc”, after that kit its incentive to the cooperating with:

v=DMARC1; p=quarantine; adkim=r; aspf=r

Amenable a incurable session, after that amass a DKIM keypair obtaining utilise of OpenSSL:

openssl genrsa -out dkim.key -traditional 1024 openssl rsa -in dkim.key -pubout -out dkim.pub.key

Run the cooperating with command after that photocopy its run out outcome to your mechanism clipboard. This is a sed script that the founders consumption to extract the DKIM public fulcrum from its keyfile:

sed "s/-----BEGIN PUBLIC KEY-----/v=DKIM1; k=rsa; p=/" $(pwd)/dkim.pub.key | sed "s/-----END PUBLIC KEY-----//" | tr -d 'n' | sed -e '$a'

Panache a “TXT” record for the subdomain “dkim._domainkey”, after that kit the output of the previous command as its incentive.

Remarkable to diagnose: position out auxiliary about DNS and also tag servers by obtaining utilise of dig in Linux.

Inventing the Postgres Documents source

Aside from obtaining utilise of systematic DNS records, SimpleLogin likewise takes quality of PostgresDB to handle e-mail aliases. To kit this up, first invent the subdirectories for the SimpleLogin Docker canister:

mkdir -p ~/sl/{pgp,db,upload}

Prelude a virtual network obtaining utilise of Docker on your server:

sudo docker network create -d bridge      --subnet=10.0.0.0/24      --gateway=10.0.0.1      sl-network

Paste the cooperating with command to a brand name-favored incurable session:

sudo docker run -d      --name sl-db      -e POSTGRES_PASSWORD=YOUR-RANDOM-PASSWORD-HERE      -e POSTGRES_USER=postgres      -e POSTGRES_DB=simplelogin      -p 127.0.0.1:5432:5432      -v $(pwd)/sl/db:/var/lib/postgresql/data      --restart always      --network="sl-network"      postgres:12.1

Readjust the incentive for the “POSTGRES_PASSWORD” variable with a long and also arbitrary string of message.

Chit: You can amass this arbitrary string by running: cat /dev/urandom | tr -dc 'A-Za-z0-9' | fold -w 32 | head -n 1.

Run the switched over Docker command to overture your database.

Configuring Postfix for SimpleLogin

Prelude by separating the default arrangement record for Postfix, after that invent a blank record with the same tag obtaining utilise of your favored message editor:

sudo rm /etc/postfix/main.cf && sudo nano /etc/postfix/main.cf

Paste the cooperating with block of code inside your brand name-favored config record. This is a Postfix layout from the founders’ database that I switched over to stress the fabrics in which you will contain your server’s domain name tag:

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no compatibility_level = 2 smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_security_level = may smtpd_tls_security_level = may alias_maps = hash:/etc/aliases mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/24   mydestination = myhostname = SUBDOMAIN.YOUR-ROOT.DOMAIN mydomain = YOUR-ROOT.DOMAIN myorigin = YOUR-ROOT.DOMAIN   relay_domains = pgsql:/etc/postfix/pgsql-relay-domains.cf transport_maps = pgsql:/etc/postfix/pgsql-transport-maps.cf   smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions =     permit_mynetworks,     reject_non_fqdn_helo_hostname,     reject_invalid_helo_hostname,     permit smtpd_sender_restrictions =     permit_mynetworks,     reject_non_fqdn_sender,     reject_unknown_sender_domain,     permit smtpd_recipient_restrictions =    reject_unauth_pipelining,    reject_non_fqdn_recipient,    reject_unknown_recipient_domain,    permit_mynetworks,    reject_unauth_destination,    reject_rbl_client zen.spamhaus.org=127.0.0.[2..11],    reject_rbl_client bl.spamcop.net=127.0.0.2,    permit

Readjust the incentive of “myhostname” with the address of your internet app, after that update the incentive of both “mydomain” and also “myorigin” to your root domain name.

Fastening Postgres with Postfix

Panache a brand name-favored “pgsql-relay-domain names.cf” record under “/etc/postfix.” This will offer as the linkage in between Postfix and also Postgres:

sudo nano /etc/postfix/pgsql-relay-domains.cf

Paste the cooperating with block of code inside your brand name-favored config record:

hosts = localhost user = postgres password = DATABASE-PASSWORD dbname = simplelogin   query = SELECT domain FROM custom_domain WHERE domain='%s' AND verified=true     UNION SELECT domain FROM public_domain WHERE domain='%s'     UNION SELECT '%s' WHERE '%s' = 'mydomain.com' LIMIT 1;

Replace “DATABASE-PASSWORD” with your Postgres password.

Panache a brand name-favored “pgsql-transport-maps.cf” under the same magazine:

sudo nano /etc/postfix/pgsql-transport-maps.cf

Paste the cooperating with block of code inside your brand name-favored config record:

hosts = localhost user = postgres password = DATABASE-PASSWORD dbname = simplelogin   query = SELECT 'smtp:127.0.0.1:20381' FROM custom_domain WHERE domain = '%s' AND verified=true     UNION SELECT 'smtp:127.0.0.1:20381' FROM public_domain WHERE domain = '%s'     UNION SELECT 'smtp:127.0.0.1:20381' WHERE '%s' = 'mydomain.com' LIMIT 1;

Just support with the previous config, replace “DATABASE-PASSWORD” with your Postgres password.

Installing SimpleLogin

Peruse to the residence magazine of your borrower, after that invent the setting record for SimpleLogin.

cd && nano ./simplelogin.env

Write the cooperating with block of code inside your brand name-favored setting record:

URL=https://SUBDOMAIN.YOUR-ROOT.DOMAIN EMAIL_DOMAIN=YOUR-ROOT.DOMAIN SUPPORT_EMAIL=support@YOUR-ROOT.DOMAIN EMAIL_SERVERS_WITH_PRIORITY=[(10, "SUBDOMAIN.YOUR-ROOT.DOMAIN.")] DB_URI=postgresql://postgres:DATABASE-PASSWORD@sl-db:5432/simplelogin FLASK_SECRET=ADD-A-NEW-RANDOM-STRING-HERE   DISABLE_ALIAS_SUFFIX=1 DKIM_PRIVATE_KEY_PATH=/dkim.key GNUPGHOME=/sl/pgp LOCAL_FILE_UPLOAD=1 POSTFIX_SERVER=10.0.0.1

Replace every instance of “SUBDOMAIN.YOUR-ROOT.DOMAIN” with your SimpleLogin URL.

Readjust the incentive of “YOUR-ROOT.DOMAIN” to your root domain name.

Replace the “DATABASE-PASSWORD” variable with your Postgres password.

Elicit a brand name-favored arbitrary string and also kit that as the incentive “FLASK_SECRET”

Rushing the SimpleLogin Docker Canisters

Via that installation and also delirious, you can presently bring and also sprinted the SimpleLogin Docker canister. To overture, import the Postgres database to your SimpleLogin install:

sudo docker run --rm      --name sl-migration      -v $(pwd)/sl:/sl      -v $(pwd)/sl/upload:/code/static/upload      -v $(pwd)/dkim.key:/dkim.key      -v $(pwd)/dkim.pub.key:/dkim.pub.key      -v $(pwd)/simplelogin.env:/code/.env      --network="sl-network"      simplelogin/app:4.6.5-beta alembic upgrade head

Run the Docker canister for SimpleLogin’s initialization script:

sudo docker run --rm      --name sl-init      -v $(pwd)/sl:/sl      -v $(pwd)/simplelogin.env:/code/.env      -v $(pwd)/dkim.key:/dkim.key      -v $(pwd)/dkim.pub.key:/dkim.pub.key      --network="sl-network"      simplelogin/app:4.6.5-beta python init_app.py

Prelude the Docker canister that manages the app’s front-run out interface:

sudo docker run -d      --name sl-app      -v $(pwd)/sl:/sl      -v $(pwd)/sl/upload:/code/static/upload      -v $(pwd)/simplelogin.env:/code/.env      -v $(pwd)/dkim.key:/dkim.key      -v $(pwd)/dkim.pub.key:/dkim.pub.key      -p 127.0.0.1:7777:7777      --restart always      --network="sl-network"      simplelogin/app:4.6.5-beta

Run the canister that manages the e-mail backend for SimpleLogin:

sudo docker run -d      --name sl-email      -v $(pwd)/sl:/sl      -v $(pwd)/sl/upload:/code/static/upload      -v $(pwd)/simplelogin.env:/code/.env      -v $(pwd)/dkim.key:/dkim.key      -v $(pwd)/dkim.pub.key:/dkim.pub.key      -p 127.0.0.1:20381:20381      --restart always      --network="sl-network"      simplelogin/app:4.6.5-beta python email_handler.py

Last however not the truly least, overture the canister that manages plain openings for the SimpleLogin mechanism:

sudo docker run -d      --name sl-job-runner      -v $(pwd)/sl:/sl      -v $(pwd)/sl/upload:/code/static/upload      -v $(pwd)/simplelogin.env:/code/.env      -v $(pwd)/dkim.key:/dkim.key      -v $(pwd)/dkim.pub.key:/dkim.pub.key      --restart always      --network="sl-network"      simplelogin/app:4.6.5-beta python job_runner.py

FYI: Docker is auxiliary than simply a means to provide off SimpleLogin. Learn how you can right away host your truly own WordPress places obtaining utilise of Docker.

Inventing an SSL Overturn Proxy with Nginx

At this time, SimpleLogin is presently running on the server at deportment 7777. To access it, you last offer to pass its outward stuck relation wearing an SSL overturn proxy.

Panache the places record for your SimpleLogin instance:

sudo nano /etc/nginx/sites-available/simplelogin

Paste the cooperating with block of code inside your places record:

server {           server_name SUBDOMAIN.YOUR-ROOT.DOMAIN;           location / {                 proxy_pass http://127.0.0.1:7777;                 proxy_http_version 1.1;                 proxy_set_header Upgrade $http_upgrade;                 proxy_set_header Connection "upgrade";                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                 proxy_set_header Host $host;         } }

Panache a symbolic linkage for your places record in “/etc/nginx/sites-made it possible for/”:

sudo ln -s /etc/nginx/sites-available/simplelogin /etc/nginx/sites-enabled/

Use your brand name-favored stances by restarting the Nginx daemon:

sudo systemctl restart nginx

Sign up your SimpleLogin instance to the EFF by running the cooperating with command:

sudo certbot register --agree-tos -m YOUR@EMAIL.ADDRESS

Implementation a brand name-favored SSL certificate for your overturn proxy:

sudo certbot --nginx -d SUBDOMAIN.YOUR-ROOT.DOMAIN

Amenable your Postfix config record obtaining utilise of your favored message editor:

sudo nano /etc/postfix/main.cf

Scroll down to the “smtpd_tls_cert_file” and also “smtpd_tls_key_file” variables and also replace them with the cooperating with queues of code:

smtpd_tls_cert_file=/etc/letsencrypt/live/SUBDOMAIN.YOUR-ROOT.DOMAIN/fullchain.pem smtpd_tls_key_file=/etc/letsencrypt/live/SUBDOMAIN.YOUR-ROOT.DOMAIN/privkey.pem

Test if your SimpleLogin instance is running suitably by opening your subdomain on a internet browser and also inventing a brand name-favored account.

Inventing E-mail Pen names Via SimpleLogin

Go ago to your server’s incurable session, after that responsive the app’s database:

docker exec -it sl-db psql -U postgres simplelogin

Run the cooperating with to make it possible for the Spending status for your leading account:

UPDATE users SET lifetime = TRUE; exit

Lugging out this will ensure that your account won’t have any constraints to the quantity of aliases that you can gain for your e-mail.

To invent your first e-mail pen names, click the Newfangled Behavior Alias button on the internet app’s control panel.

Chit: you can likewise invent an pen names with a arbitrary tag by clicking the Random Alias button.

Supply a momentous tag for your brand name-favored e-mail pen names, after that click Panache.

Check if your brand name-favored e-mail pen names is working suitably by sending out a post to it from a unalike e-mail address.

Sending out Emails from a SimpleLogin Alias

Aside from recovering mail from an pen names, SimpleLogin likewise maintains sending out blog posts wearing them. To attain that, the app forges a “overturn pen names” for the destination address to which you can send out your e-mail.

To perform this, click the Calls button on the pen names that you want to send out an e-mail from. In my expanding, I want to send out from my “[email protected]” address.

Supply the e-mail address of your recipient, after that click Panache overturn-pen names.

Click the Plagiarise overturn-pen names button on your brand name-favored obtain in touch with, after that paste it to the recipient demographic of your e-mail consumer. Sending out a post to this customised address will permit SimpleLogin to mask your real e-mail with your pen names to your recipient.

Self-hosting your truly own e-mail aliases server obtaining utilise of SimpleLogin is simply one of the actions of repurchasing your digital solitude. Take manipulate of your whole digital correspondences chain by hosting your truly own e-mail server obtaining utilise of Mail-in-a-Box.

Image credit score: Lukas Blazek by means of Unsplash and also SimpleLogin Github. All alterations and also screenshots by Ramces Red.