{"id":38292407,"url":"https://github.com/yumusb/email_router","last_synced_at":"2026-01-17T02:11:28.770Z","repository":{"id":258474294,"uuid":"860008252","full_name":"yumusb/email_router","owner":"yumusb","description":"duck.com selfhost, docker, catch-all","archived":false,"fork":false,"pushed_at":"2025-04-02T12:43:10.000Z","size":294,"stargazers_count":21,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-02T13:25:35.069Z","etag":null,"topics":["catch-all","domain-email","duckduckgo-email","email","email-forwarding","golang","privacy","privacy-protection","self-hosted","selfhost","smtp-server","tempmail-server"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yumusb.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-09-19T16:51:08.000Z","updated_at":"2025-04-02T12:43:14.000Z","dependencies_parsed_at":"2026-01-08T04:19:02.304Z","dependency_job_id":null,"html_url":"https://github.com/yumusb/email_router","commit_stats":null,"previous_names":["yumusb/email_router"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/yumusb/email_router","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yumusb%2Femail_router","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yumusb%2Femail_router/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yumusb%2Femail_router/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yumusb%2Femail_router/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yumusb","download_url":"https://codeload.github.com/yumusb/email_router/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yumusb%2Femail_router/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28492057,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T00:50:05.742Z","status":"online","status_checked_at":"2026-01-17T02:00:07.808Z","response_time":85,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["catch-all","domain-email","duckduckgo-email","email","email-forwarding","golang","privacy","privacy-protection","self-hosted","selfhost","smtp-server","tempmail-server"],"created_at":"2026-01-17T02:11:28.690Z","updated_at":"2026-01-17T02:11:28.758Z","avatar_url":"https://github.com/yumusb.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# EMAIL ROUTER\n\n该项目是一个支持 **多域名 Catch-All 邮件收件** 的工具，所有收到的邮件都不会存储，直接转发。它可以将邮件转发到 **Telegram 机器人** 和 **私人邮箱地址**。该工具的设计灵感来源于 [DuckDuckGo Email Protection](https://duckduckgo.com/duckduckgo-help-pages/email-protection/) ，目标是提供一个完全自托管的解决方案。\n\n## 功能介绍\n\n- **Catch-All 邮件转发：** 支持将接收到的所有邮件直接转发到指定邮箱，而无需存储邮件内容。\n- **Telegram 机器人通知：** 收到的邮件可通过 Telegram 机器人进行实时通知。\n![](./images/tg.png)\n- **多域名支持：** 可以跨多个域名进行邮件转发处理。\n- **SMTP 邮件发送：** 提供邮件发送功能，可以通过你定义的**私人邮箱地址**将邮件转发给指定的收件人。\n![](./images/qqmail.png)\n\n## 端口说明\n\n| 端口 | 协议 | 加密方式 | 用途 |\n|------|------|----------|------|\n| **25** | SMTP | STARTTLS 可选 | 服务器间收信 |\n| **587** | Submission | STARTTLS | 客户端发信（推荐） |\n| **465** | SMTPS | 隐式 TLS | 客户端发信（旧版兼容） |\n\n## 部署步骤\n\n### 前置准备\n\n#### 1. 服务器准备\n公网IP（以223.223.223.223为例），25端口可达 (可以通过本项目内的`check_port_25_connectivity.sh`进行测试) ，服务器安装好Docker，设置PTR记录（可选，如果只收信则不需要）\n\n#### 2. 域名准备\n想要使用的域名（以404.local、403.local为例）  \n\n主域名需要设置MX服务器的A记录、MX记录、SPF记录。\n```txt\n;; A Records\nmx1.404.local.\t1\tIN\tA\t223.223.223.223\n\n;; MX Records\n404.local.\t1\tIN\tMX\t5 mx1.404.local.\n\n;; TXT Records\n404.local.\t1\tIN\tTXT\t\"v=spf1 mx:404.local -all\"\n```\n其他域名需要设置MX记录，SPF记录跟随主域名\n```txt\n;; MX Records\n403.local.\t1\tIN\tMX\t5 mx1.404.local.\n\n;; TXT Records\n403.local.\t1\tIN\tTXT\t\"v=spf1 include:404.local -all\"\n```\n（不一定非要mx1前缀，任意都可）\n\n### 1. 克隆仓库\n\n```bash\ngit clone https://github.com/yumusb/email_router.git\ncd email_router/deploy\n```\n\n### 2. 证书相关配置\n\n项目使用`acme.sh`提供证书，以保证收信过程中的安全。打开 .env 配置文件\n```config\nDNS_API=dns_cf #目前指定了CF，后续可能完善逻辑\nACME_SH_EMAIL= #随便一个邮箱，用来初始化acme账户\nMXDOMAIN= #mx服务器的域名，用来申请证书，按照本文中的例子就需要是mx1.404.local\nCF_Token= # 权限需要可以操作 404.local的DNS解析\nCF_Zone_ID= # 404.local的Zone ID\n```\n\n### 3. config.yml配置\n```yml\ntelegram:\n  bot_token: \"\u003c你的_bot_token\u003e\"\n  chat_id: \"\u003c你的_chat_id\u003e\"\n  send_eml: false  # 是否通过Telegram发送原始EML文件\n\nsmtp:\n  listen_address: \"0.0.0.0:25\"           # Port 25 - SMTP (收信)\n  listen_address_tls: \"0.0.0.0:587\"      # Port 587 - Submission (STARTTLS)\n  listen_address_smtps: \"0.0.0.0:465\"    # Port 465 - SMTPS (隐式TLS，可留空不启用)\n  allowed_domains:\n    - \"404.local\"\n    - \"403.local\"\n  cert_file: \"/cert/fullchain.pem\"\n  key_file: \"/cert/key.pem\"\n  private_email: \"root123645@foxmail.com\"\n  enable_dmarc: false                    # 是否启用DMARC签名\n  dkim_selector: \"dkim\"                  # DKIM选择器\n  dkim_private_key: |                    # DKIM私钥（支持 RSA/Ed25519，仅enable_dmarc为true时需要）\n    -----BEGIN PRIVATE KEY-----\n    ...\n    -----END PRIVATE KEY-----\n  dkim_selector_2: \"ed\"                  # 第二个 DKIM 选择器（可选，用于双签名）\n  dkim_private_key_2: |                  # 第二个 DKIM 私钥（可选，通常配合Ed25519使用）\n    -----BEGIN PRIVATE KEY-----\n    ...\n    -----END PRIVATE KEY-----\n\nwebhook:\n  enabled: false                         # 是否启用Webhook通知\n  method: \"POST\"\n  url: \"https://example.com/webhook\"\n  headers:\n    Authorization: \"Bearer my-token\"\n  body:\n    title: \"新邮件: {{.Title}}\"\n    content: \"详情: {{.Content}}\"\n  bodyType: \"json\"\n```\n\n需要修改的有：\n- `telegram` 相关配置\n- `allowed_domains` 修改为自己的域名\n- `private_email` 修改为要转发到的邮箱\n- `listen_address_smtps` 如不需要465端口可留空\n\n- `listen_address_smtps` 如不需要465端口可留空\n\n  # 高级反垃圾配置\n  blacklist:\n    - \"spammer@bad.com\"        # 拦截特定发件人\n    - \"@spam-domain.com\"       # 拦截特定域名发来的邮件\n  \n  disabled_recipients:\n    - \"leaked-alias@my.com\"    # 停用特定的收信别名\n\n### 4. 生成 DKIM 密钥\n#### 生成 RSA 密钥 (兼容性好)\n```bash\nopenssl genrsa -out dkim_rsa.pem 2048\n```\n将生成的 `dkim_rsa.pem` 内容填入 `dkim_private_key`。\n\n#### 生成 Ed25519 密钥 (更安全、更短)\n```bash\nopenssl genpkey -algorithm ed25519 -out dkim_ed25519.pem\n```\n将生成的 `dkim_ed25519.pem` 内容填入 `dkim_private_key_2`，并设置 `dkim_selector_2`。\n\n### 5. 启动\n```shell \ndocker compose up -d \n```\n由于初次启动需要申请证书，所以需要一点时间来启动，只有有效的证书才能启动邮件服务。\n\n### 5. 收件\n为防止出现未知问题，程序对收件地址的规则做了限制。允许的收件地址规则为`^(\\w|-)+@.+$`  \n例如以下：\n\u003e root@404.local  \n\u003e 404@404.local  \n\u003e my-admin@404.local  \n\u003e random@404.local  \n\n可以结合`Bitwarden`中的用户名生成器，效果更佳。\n可以通过自己的其他邮箱向域名邮箱进行发信测试，不出意外应该可以收到来自自己域名转发的邮件。\n\n### 6. 发件\n与[DuckDuckGo Email Protection](https://duckduckgo.com/duckduckgo-help-pages/email-protection/duck-addresses/how-do-i-compose-a-new-email/) 的逻辑一样\n\u003e For example, if your personal Duck Address is jane@duck.com and you want to send to your friend's email brian@gmail.com. To send the email from your personal Duck Address, you would send the message to brian_at_gmail.com_jane@duck.com.  \n\n其中 jane 可以是你喜欢的、你需要的 任意前缀，因为这是你的域名。  \n同样的，直接回复收到的转发的来信，服务器也会帮你自动转发回去。  \n\n需要注意的是，发信非常依赖信誉，你的IP信誉、域名信誉、PTR设置等。如果你发现私人邮箱收到的邮件在垃圾箱，可以手动加白下，很有可能发送给别人的也进了垃圾箱。\n\n### 7. 邮件管理功能 (New!)\n\n您可以通过发送邮件到 `router-admin@\u003c您的域名\u003e` 来动态管理黑名单和禁用别名。必须使用配置文件中 `private_email` 指定的邮箱发送指令。\n\n**指令格式（邮件主题 Subject）**:\n- 屏蔽发件人: `BLOCK spammer@bad.com`\n- 解除屏蔽: `UNBLOCK spammer@bad.com`\n- 禁用别名: `DISABLE leaked@yourdomain.com`\n- 启用别名: `ENABLE leaked@yourdomain.com`\n\n**Telegram 快捷操作**:\n收到的邮件转发通知中，底部会附带 `Block Sender` 和 `Disable Alias` 的 `mailto` 链接。点击链接会自动创建一封填好指令的邮件，您只需点击发送即可完成操作。\n\n### 规则持久化\n所有的动态规则会保存在 `data/rules.json` 文件中，重启服务后依然有效。\n\n## 其他问题\n\n### TODO \n- [x] SPF check\n- [x] 多端口支持 (25/587/465)\n- [x] Graceful shutdown\n- [ ] 证书自动续期相关逻辑\n- [ ] SMTP AUTH 认证\n- [ ] IMAP 收信支持","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyumusb%2Femail_router","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyumusb%2Femail_router","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyumusb%2Femail_router/lists"}