{
  "@context": [
    "https://www.w3.org/ns/credentials/v2"
  ],
  "type": [
    "VerifiableCredential",
    "BlogPostCredential"
  ],
  "id": "urn:uuid:571cbd34-2919-4222-ab68-f035989946b0",
  "issuer": "did:webvh:QmTVQnV3qGxWzWmnmWJAy1zkYswgbUmE95K5qodmAizVfr:mjendza.net",
  "validFrom": "2026-03-15T13:35:32Z",
  "credentialSubject": {
    "title": "Temporary Mailboxes",
    "author": "Mateusz Jendza",
    "body": "## TR;DR\r\nWe often use https://www.minuteinbox.com/ to test CIAM solutions with unique email addresses, but is it perfect? With our domain and OpenTrashmail, we can improve our solution. After a year or two, we can still activate the old account (reset password or OTP access) - it is not possible via 10 min mail (the domain for email is changing, and the old one is not accessible).\r\n\r\n# Setting Up OpenTrashmail with Your Domain for E2E Testing\r\nEmail testing is often a critical part of end-to-end (E2E) testing for applications that send notifications, verification codes, or other important communications. Running our disposable email service gives you full control over test mailboxes and simplifies your testing workflow. Here's how to set up OpenTrashmail:\r\n\r\n## What is OpenTrashmail?\r\n\r\nOpenTrashmail is an open-source disposable email service that we can self-host. It provides temporary email addresses that can be used for testing purposes, allowing us to automatically, via REST JSON API, verify email delivery and content in our test suites, for example, PlayWright test cases, but also with manual verification.\r\n\r\n## Prerequisites\r\n\r\n- A domain we control (e.g., `yourdomain.com`).\r\n- Access to modify our domain's DNS records.\r\n- Docker and/or Docker Compose installed on server/workstation.\r\n- Basic understanding of DNS configuration.\r\n- Basic understanding of Docker and Docker Compose.\r\n\r\n\r\n## Step 1: Configure DNS Records\r\n\r\nFirst, we need to decide on the name for the email domain and set up the proper DNS records (**the hardest part**):\r\n\r\n1. Add an MX record for subdomain:\r\n   ```\r\n   @ IN MX 10 mail.yourdomain.com.\r\n   ```\r\n\r\n2. Add an A record for the mail subdomain pointing to your server's IP (the server must expose the 25 port for SMTP):\r\n   ```\r\n   mail IN A your.server.ip.address\r\n   ```\r\n\r\n## Step 2: Create a Docker Compose File\r\n\r\nCreate a `docker-compose.yml` file with the following configuration:\r\n\r\n```yaml\r\nservices:\r\n  opentrashmail:\r\n    image: hascheksolutions/opentrashmail:1\r\n    container_name: opentrashmail\r\n    ports:\r\n      - \"25:25\"\r\n      - \"80:80\"\r\n    environment:\r\n       - DELETE_OLDER_THAN_DAYS=2\r\n       - DISCARD_UNKNOWN=false\r\n       - DATEFORMAT='D.M.YYYY HH:mm'\r\n       - DOMAINS=mail.yourdomian.com\r\n  tunnel:\r\n     image: cloudflare/cloudflared:latest\r\n     container_name: opentrashmail_tunnel\r\n     environment:\r\n        - TUNNEL_TOKEN=${TUNNEL_TOKEN}\r\n     #restart: unless-stopped\r\n     command: tunnel run\r\n```\r\n\r\nReplace `yourdomain.com`, `TUNNEL_TOKEN` with your actual values. I recommend using Cloudflare Tunnel for secure access to the OpenTrashmail service with reverse proxy and SSL. Please remember that you need to open and forward the 25 port on your server. \r\n\r\n## Step 3: Launch the Container\r\n\r\nRun the following command in the directory containing your `docker-compose.yml` file:\r\n\r\n```bash\r\ndocker-compose up -d\r\n```\r\nThis will download the OpenTrashmail image and start the service in the background.\r\n\r\n## Step 4: Use OpenTrashmail\r\n\r\nOnce the container is running, we should be able to access the OpenTrashmail web interface via Cloudflare reverse proxy or on the host with the HTTP 80 port.\r\n\r\n## Step 5: Integrating with E2E Tests\r\n\r\nNow that OpenTrashmail is running, we can use its API to access the temporary mailboxes created for our domain.\r\n\r\nVia REST JSON endpoint `https://mail-website.yourdomain.com/json/matt@mail.yourdomain.com` we can check the mailbox. There is one disadvantage - the empty mailbox is represented by array response, but with email(s) the structure is like below:\r\n\r\n```angular2html\r\n{\r\n  \"1740855216429\": {\r\n    \"email\": \"matt@mail.yourdomain.com\",\r\n    \"id\": \"1740855216429\",\r\n    \"from\": \"\\\"External ID Factorlabs - Customers (via Microsoft)\\\" \\u003Caccount-security-noreply@accountprotection.microsoft.com\\u003E\",\r\n    \"subject\": \"Your External ID Factorlabs - Customers account verification code\",\r\n    \"md5\": \"35bfa0213771626280517948da315066\",\r\n    \"maillen\": 11120,\r\n    \"body\": \"To access External ID Factorlabs - Customers's apps and resources, please use the code below for account verification. The code will only work for 30 minutes.\\r\\n\\r\\nAccount verification code:\\r\\n13652349\\r\\n\\r\\n\\r\\n                If you didn't request a code, you can ignore this email.\\r\\n             \\r\\nPrivacy Statement: https://go.microsoft.com/fwlink/?LinkId=521839\\r\\nMicrosoft Corporation, One Microsoft Way, Redmond, WA 98052\\r\\n\",\r\n    \"attachments\": []\r\n  },\r\n  \"1740947742229\": {\r\n    \"email\": \"matt@mail.yourdomain.com\",\r\n    \"id\": \"1740947742229\",\r\n    \"from\": \"\\\"External ID Factorlabs - Customers (via Microsoft)\\\" \\u003Caccount-security-noreply@accountprotection.microsoft.com\\u003E\",\r\n    \"subject\": \"Your External ID Factorlabs - Customers account verification code\",\r\n    \"md5\": \"53f3c02c66171e6aa423e0d159f43a14\",\r\n    \"maillen\": 11123,\r\n    \"body\": \"To access External ID Factorlabs - Customers's apps and resources, please use the code below for account verification. The code will only work for 30 minutes.\\r\\n\\r\\nAccount verification code:\\r\\n19739883\\r\\n\\r\\n\\r\\n                If you didn't request a code, you can ignore this email.\\r\\n             \\r\\nPrivacy Statement: https://go.microsoft.com/fwlink/?LinkId=521839\\r\\nMicrosoft Corporation, One Microsoft Way, Redmond, WA 98052\\r\\n\",\r\n    \"attachments\": []\r\n  }\r\n}\r\n```\r\n\r\n## Summary\r\nSetting up OpenTrashmail with your domain provides a reliable way to test email functionality in your applications without external dependencies. It is easy to host and can be used with any domain owned by us. It doesn't need to be your official product or company domain (a subdomain is enough).\r\n\r\nDo you know any other solutions for temporary mailboxes? Share them via LinkedIn or Bluesky.\r\n\r\n## Links\r\n- [OpenTrashmail GitHub Repository](https://github.com/HaschekSolutions/opentrashmail)\r\n- [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel)",
    "datePublished": "2025-03-04",
    "url": "/post/temporary-mail",
    "description": "Reliable email with OpenTrashmail: Improve manual and automated tests for your identity platform(s)",
    "tags": [
      "CIAM",
      "TempMail",
      "Mail BOX",
      "E2E Testing"
    ]
  },
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "eddsa-jcs-2022",
    "verificationMethod": "did:key:z6MksoqpqENZmzzA4nhCPkfcbWtRHVegGV38Yqu2arRc5Er2#z6MksoqpqENZmzzA4nhCPkfcbWtRHVegGV38Yqu2arRc5Er2",
    "created": "2026-03-15T13:35:32Z",
    "proofPurpose": "assertionMethod",
    "proofValue": "z3ebSoryU12qDXHCWg1fBTSML42sDn9cH16REYpKFmmwa2Z4czqKAtrv4xzuuUzFU2f6MkDoqHoimVpnrWy3ZuTeR"
  }
}