Unlimited Email Addresses for Your Domain: AWS SES and Registrar Forwarding
A cheapskate’s guide to obtaining unlimited incoming and outgoing email addresses for a domain you own.
Requirements
In order to have unlimited incoming email addresses you will need:
- A domain registrar with catch-all forwarding (Ex: NameCheap)
In order to have unlimited outgoing email addresses you will need:
- Edit access to your domain’s DNS records
- An AWS account
- Ability to use
git
- Ability to use Docker Compose
This guide is split into three parts:
- Introduction
- Unlimited incoming
- Unlimited outgoing
Introduction
I have personal and business domains. For professionalism, I prefer to send and receive business emails from an address linked to the business’ domain. On the personal side, it’s nice to shield my Gmail account when dealing with untrustworthy sources. For example, under Florida law, email addresses are public record. Scammers use these public records to make email lists. When interacting with the state government, I use a unique Florida-specific email from my personal domain to track the source of incoming messages. Typically, emails sent to this address are spam, making them easy to filter out.
I’ve been using the solution described in this guide to achieve unlimited incoming and outgoing email address for about a year. Other than domain registration fees, I have yet to be charged even a penny. After my AWS free tier has expired, I anticipate the bill being $0.10 per month. This guide’s solution is aimed at achieving these goals for an individual extremely cheaply without the need to host a mail server.
Before continuing with this guide, please know that high quality services like Google Workspace or AWS Workmail can solve this, but these solutions can be pricey and typically charge per email address.
Another route is to self-host an email server. Even for the technically minded, this nightmare consists of high maintenance costs and email deliverability issues.
This guide’s solution is to use domain registrar email forwarding for incoming emails. For outgoing emails there is an open source AWS SES client web interface that can be run from a personal computer.
AWS SES is Amazon Web Service’s Simple Email Service. It’s one of the cheapest, if not the cheapest, programmatic email sending services. At the time of writing this guide, it is 10 cents to send 1,000 emails. AWS SES removes the need to maintain an email server and worry about deliverability problems.
Unlimited incoming
If you own a domain, it’s relatively simple to forward all incoming email to a single email address using a catch-all. The email address can be any address, I use my personal Gmail.
Here’s how to enable a catch-all email for a domain hosted on NameCheap:
Log into NameCheap and navigate to the Domain List page. Click to manage the domain. This will redirect you to the Domain Details page. On this page, reference the below screenshot to find the button to add a catch-all address. This screenshot has the ADD CATCH-ALL
button grayed out because there is already a row containing a catch-all.
Now, any email sent to any address at this domain will be automatically redirected to example@gmail.com
. For example, any email sent to john.doe@example.com
or jane.doe@example.com
will end up in the inbox of example@gmail.com
.
This does not allow emails to be sent from any address at this domain, yet. In order to set that up, continue on with this guide.
Unlimited outgoing
Set up AWS SES
You must have an AWS account with SES enabled to use the method described in this guide. Instructions for setting this up may change over time. So in order to future-proof this guide, here is a link to the AWS documentation’s guide on this.
After SES is enabled and setup, create a verified identity for your domain. This will require editing the DNS records for your domain. The SES web interface that is about to be introduced will also work with single email addresses, provided they are verified identities.
Set up the SES client web interface
Before setting up the SES client web interface, ensure you have the latest version of Docker Compose installed. Docker Compose is now bundled with Docker, which is included in Docker Desktop.
Here are Docker Desktop installation links for:
On Ubuntu or other Linux distributions,, I recommend the Docker CLI installation.
After the latest version of Docker Compose is installed, it’s time to install the open source AWS SES client web interface. The project is located at https://github.com/MicahParks/aws-ses-web-ui. Clone the repository to your personal computer.
git clone https://github.com/MicahParks/aws-ses-web-ui.git
In the root directory of the project, create a new file called config.json
. Edit the below JSON and write it to config.json
:
- Replace
@example.com
with your domain preceded by an@
symbol. - A default address to send emails from.
- Your AWS credentials.
Remember your AWS credentials are highly sensitive, do not share them with anyone else.
{
"aswu": {
"allowedFrom": [
"@example.com"
],
"defaultFrom": "John Doe <john.doe@example.com>"
},
"ses": {
"awsRegion": "us-east-1",
"accessKeyID": "my-access-key-id",
"secretKey": "my-secret-key"
}
}
After the config.json
file is complete, run the docker-compose.yml
file. To do this via the CLI, run the following command:
docker compose up
Once the containers are running, visit http://localhost:8080
to be greeted with the AWS SES client web interface. Use this simple web form to send emails from any of your verified identities.
Further improvements to this project could include using a persistent PostgreSQL database. The Docker Compose configuration is not sufficiently persistent. The web form only supports text based emails without attachments. Adding support for HTML and attachments would also be an improvement.
Hosting this project on the public internet should only occur if there is an advantage over running the project on a personal computer. Proper encryption and authentication is essential. For a simple solution, I would recommend a TLS reverse proxy with basic HTTP authentication using a strong password.