Unlimited Email Addresses for Your Domain: AWS SES and Registrar Forwarding

Micah Parks
5 min readNov 7, 2023

--

Generated by DALLE 3

A cheapskate’s guide to obtaining unlimited incoming and outgoing email addresses for a domain you own.

Requirements

In order to have unlimited incoming email addresses you will need:

  • A domain registrar with catch-all forwarding (Ex: NameCheap)

In order to have unlimited outgoing email addresses you will need:

  • Edit access to your domain’s DNS records
  • An AWS account
  • Ability to use git
  • Ability to use Docker Compose

This guide is split into three parts:

  1. Introduction
  2. Unlimited incoming
  3. Unlimited outgoing

Introduction

I have personal and business domains. For professionalism, I prefer to send and receive business emails from an address linked to the business’ domain. On the personal side, it’s nice to shield my Gmail account when dealing with untrustworthy sources. For example, under Florida law, email addresses are public record. Scammers use these public records to make email lists. When interacting with the state government, I use a unique Florida-specific email from my personal domain to track the source of incoming messages. Typically, emails sent to this address are spam, making them easy to filter out.

I’ve been using the solution described in this guide to achieve unlimited incoming and outgoing email address for about a year. Other than domain registration fees, I have yet to be charged even a penny. After my AWS free tier has expired, I anticipate the bill being $0.10 per month. This guide’s solution is aimed at achieving these goals for an individual extremely cheaply without the need to host a mail server.

Before continuing with this guide, please know that high quality services like Google Workspace or AWS Workmail can solve this, but these solutions can be pricey and typically charge per email address.

Another route is to self-host an email server. Even for the technically minded, this nightmare consists of high maintenance costs and email deliverability issues.

This guide’s solution is to use domain registrar email forwarding for incoming emails. For outgoing emails there is an open source AWS SES client web interface that can be run from a personal computer.

AWS SES is Amazon Web Service’s Simple Email Service. It’s one of the cheapest, if not the cheapest, programmatic email sending services. At the time of writing this guide, it is 10 cents to send 1,000 emails. AWS SES removes the need to maintain an email server and worry about deliverability problems.

Unlimited incoming

If you own a domain, it’s relatively simple to forward all incoming email to a single email address using a catch-all. The email address can be any address, I use my personal Gmail.

Here’s how to enable a catch-all email for a domain hosted on NameCheap:

Log into NameCheap and navigate to the Domain List page. Click to manage the domain. This will redirect you to the Domain Details page. On this page, reference the below screenshot to find the button to add a catch-all address. This screenshot has the ADD CATCH-ALL button grayed out because there is already a row containing a catch-all.

NameCheap’s domain details page with an arrow pointing to the button that adds a catch-all email address.

Now, any email sent to any address at this domain will be automatically redirected to example@gmail.com. For example, any email sent to john.doe@example.com or jane.doe@example.com will end up in the inbox of example@gmail.com.

This does not allow emails to be sent from any address at this domain, yet. In order to set that up, continue on with this guide.

Unlimited outgoing

Set up AWS SES

You must have an AWS account with SES enabled to use the method described in this guide. Instructions for setting this up may change over time. So in order to future-proof this guide, here is a link to the AWS documentation’s guide on this.

After SES is enabled and setup, create a verified identity for your domain. This will require editing the DNS records for your domain. The SES web interface that is about to be introduced will also work with single email addresses, provided they are verified identities.

The AWS SES page to add a domain verified identity.

Set up the SES client web interface

Before setting up the SES client web interface, ensure you have the latest version of Docker Compose installed. Docker Compose is now bundled with Docker, which is included in Docker Desktop.

Here are Docker Desktop installation links for:

On Ubuntu or other Linux distributions,, I recommend the Docker CLI installation.

After the latest version of Docker Compose is installed, it’s time to install the open source AWS SES client web interface. The project is located at https://github.com/MicahParks/aws-ses-web-ui. Clone the repository to your personal computer.

git clone https://github.com/MicahParks/aws-ses-web-ui.git

In the root directory of the project, create a new file called config.json. Edit the below JSON and write it to config.json:

  • Replace @example.com with your domain preceded by an @ symbol.
  • A default address to send emails from.
  • Your AWS credentials.

Remember your AWS credentials are highly sensitive, do not share them with anyone else.

{
"aswu": {
"allowedFrom": [
"@example.com"
],
"defaultFrom": "John Doe <john.doe@example.com>"
},
"ses": {
"awsRegion": "us-east-1",
"accessKeyID": "my-access-key-id",
"secretKey": "my-secret-key"
}
}

After the config.json file is complete, run the docker-compose.yml file. To do this via the CLI, run the following command:

docker compose up

Once the containers are running, visit http://localhost:8080 to be greeted with the AWS SES client web interface. Use this simple web form to send emails from any of your verified identities.

The AWS SES client web interface email sending form.

Further improvements to this project could include using a persistent PostgreSQL database. The Docker Compose configuration is not sufficiently persistent. The web form only supports text based emails without attachments. Adding support for HTML and attachments would also be an improvement.

Hosting this project on the public internet should only occur if there is an advantage over running the project on a personal computer. Proper encryption and authentication is essential. For a simple solution, I would recommend a TLS reverse proxy with basic HTTP authentication using a strong password.

--

--

Micah Parks
Micah Parks

No responses yet