Simple SMTP server to forward your emails

If you have many ideas and for each idea you have a domain, like I do, and for each of this domains you want to receive emails, just in case someone wants to rich you, soon you will be in the situation to pay for each of this domains a monthly fee and probably for nothing. As I have all my websites hosted on GCP in containers I thought that it would be cheaper, free actually, to host my own SMTP server to receive all the emails for all the domains, forward them to my gmail account and also to save a copy to Cloud Storage, just to have them there. In this post I will show how this can be done.


Check out this repository if you want to get started to create your own smtp server.


The goals

Let’s start by setting up our goals:

  • a smtp server to receive the email
  • a GCP bucket to store the emails
  • forward the email to another mailbox using Mailgun

The project setup

Create the folder and initialize the golang modules

mkdir smtp-email-forward
cd smtp-email-forward
go mod init

The SMTP server

For this I used this package Add smtpd/server.go file with the following content

package smtpd

import (


// StartServer initialize and start the smtp server on
func StartServer() {
	addr := ""
	logger.Log.Infof("Start listening on: %s", addr)
	err := listenAndServeTLS(
	if err != nil {

func mailHandler(origin net.Addr, from string, to []string, data []byte) {
	logger.Log.Infof("Received mail from %s for %s", from, strings.Join(to, ";"))
	// save the email to GCP bucket
	if config.Config.GCPBucket != "" {
		ctx := context.Background()
		for _, m := range to {
			filename, err := storage.UploadFileToBucket(ctx, m, data)
			if err != nil {
				logger.Log.Errorf("Error saving file %s to bucket: %s", filename, err)
			} else {
				logger.Log.Infof("Save mail from %s for %s to file %s", from, to, filename)
	// forward the emails
	err := forwarder.ForwardEmail(data)

	if err != nil {
		logger.Log.Errorf("Errors forward email:%s", err)

func rcptHandler(remoteAddr net.Addr, from string, to string) bool {
	domain := getDomain(to)
	if domain == "" {
		return false
	for _, b := range config.Config.Domains {
		if b == domain {
			return true
	return false

func getDomain(email string) string {
	at := strings.LastIndex(email, "@")
	if at >= 0 {
		return email[at+1:]
	return ""

func listenAndServeTLS(addr string, certFile string, keyFile string, handler smtpd.Handler, rcpt smtpd.HandlerRcpt, appname string, hostname string) error {
	srv := &smtpd.Server{
		Addr:        addr,
		Handler:     handler,
		HandlerRcpt: rcpt,
		Appname:     appname,
		Hostname:    hostname,
		TLSRequired: false}
	err := srv.ConfigureTLS(certFile, keyFile)
	if err != nil {
		return err
	return srv.ListenAndServe()

What this code does

  • setup the smtp server and start listening on port 2525: StartServer()
  • setup our recipient handler to make sure we accept email for the configured domains: rcptHandler()
  • setup the email handler, the function where we save the emails to a GCP Bucket and we forward de emails: mailHandler()

For logging we will use Uber’s “blazing fast, structured, leveled logging”. Add a new file to the project logger/logger.go

package logger

import (

var Log *zap.SugaredLogger

func InitLogger() {
	logger, err := zap.NewProduction() // or NewProduction, or NewDevelopment
	if err != nil {
		panic("Cannot create the logger")
	defer logger.Sync()
	Log = logger.Sugar()

Next let’s add the implementation of the storage.UploadFileToBucket() function, add the file storage/storage.go with the following content

package storage

import (


type storageConnection struct {
	Client *storage.Client

var (
	client *storageConnection
	once   sync.Once

// UploadFileToBucket uploads the email message to GCP bucket, one folder for each mailbox
func UploadFileToBucket(ctx context.Context, mailbox string, data []byte) (string, error) {
	filename := generateFileNameForGCS(ctx, "email")
	filepath := fmt.Sprintf("%s/%s.eml", mailbox, filename)
	client, err := getGCSClient(ctx)
	if err != nil {
		return "", err
	wc := client.Bucket(config.Config.GCPBucket).Object(filepath).NewWriter(ctx)
	if _, err = wc.Write(data); err != nil {
		return "", err
	if err := wc.Close(); err != nil {
		return "", err
	return filepath, nil

func generateFileNameForGCS(ctx context.Context, name string) string {
	time := time.Now().UnixNano()
	var strArr []string
	strArr = append(strArr, name)
	strArr = append(strArr, strconv.Itoa(int(time)))
	var filename string
	for _, str := range strArr {
		filename = filename + str
	return filename

func getGCSClient(ctx context.Context) (*storage.Client, error) {
	var clientErr error
	once.Do(func() {
		storageClient, err := storage.NewClient(ctx, option.WithCredentialsFile(config.Config.GCPCredentials))
		if err != nil {
			clientErr = fmt.Errorf("Failed to create GCS client ERROR:%s", err.Error())
		} else {
			client = &storageConnection{
				Client: storageClient,
	return client.Client, clientErr

, and the implementation of forwarder.ForwardEmail() function, add the file forwarder/service.go

package forwarder

import (


var forwarders []mailForwarder

type mailForwarder interface {
	ForwardEmail(data []byte, recipient string) error

// InitForwarders initialize all the email forwarders
func InitForwarders() {

// ForwardEmail forwards the email to all the configured forwarders
func ForwardEmail(data []byte) error {
	var errstrings []string
	for _, f := range forwarders {
		if err := f.ForwardEmail(data, config.Config.ForwardTo); err != nil {
			errstrings = append(errstrings, err.Error())
	if len(errstrings) > 0 {
		return errors.New(strings.Join(errstrings, "\n"))
	return nil

This is the abstract implementation of the forwarder, for the concrete implementation we will use mailgun. Add this file forwarder/mailgun.go

package forwarder

import (


type mailgunForwarder struct {
	Domain string
	APIKey string
	URL string

func initMailGun() {
	if config.Config.MailgunDomain != "" && config.Config.MailgunAPIKey != "" {
		logger.Log.Info("Init Mailgun forwarder")
		forwarders = append(forwarders, &mailgunForwarder{
			Domain: config.Config.MailgunDomain,
			APIKey: config.Config.MailgunAPIKey,
			URL: config.Config.MailgunURL,

func (f mailgunForwarder) ForwardEmail(data []byte, recipient string) error {
	// create the client
	mg := mailgun.NewMailgun(f.Domain, f.APIKey)

	// create the message
	message := mg.NewMIMEMessage(ioutil.NopCloser(bytes.NewReader(data)), recipient)
	// create a context
	ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
	defer cancel()
	// Send the message with a 10 second timeout
	resp, id, err := mg.Send(ctx, message)

	if err != nil {
		return err

	logger.Log.Infof("Email sent successfully to mailgun: ID: %s Resp: %s", id, resp)

	return nil

Now, we need to add the configuration package in order to dynamically configure our service. Add the file config/config.go

package config

import (


type args struct {
	ConfigPath string

// Configuration struct ...
type Configuration struct {
	AppName        string   `yaml:"appname" env:"APP_NAME"`
	Hostname       string   `yaml:"hostname" env:"HOST_NAME"`
	Domains        []string `yaml:"domains" env:"DOMAINS" env-separator:","`
	StartTLSCert   string   `yaml:"starttlscert" env:"START_TLS_CERT" env-default:"certs/server.crt"`
	StartTLSKey    string   `yaml:"starttlskey" env:"START_TLS_KEY" env-default:"certs/server.key"`
	GCPBucket      string   `yaml:"gcpbucket" env:"GCP_BUCKET"`
	GCPCredentials string   `yaml:"gcpcredentials" env:"GCP_CREDENTIALS" env-default:"certs/gcpServiceAccount.json"`
	ForwardTo      string   `yaml:"forwardto" env:"FORWARD_TO"`
	MailgunDomain  string   `yaml:"mailgundomain" env:"MAILGUN_DOMAIN"`
	MailgunAPIKey  string   `yaml:"mailgunapikey" env:"MAILGUN_API_KEY"`
	MailgunURL     string   `yaml:"mailgunurl" env:"MAILGUN_URL" env-default:""`

// Config is the application configuration
var Config Configuration

// InitConfig - Initialize the the application configuration
func InitConfig() {
	args := processArgs(&Config)
	// read configuration from the file and environment variables
	if err := cleanenv.ReadConfig(args.ConfigPath, &Config); err != nil {

	// TODO: print configuration values
	logger.Log.Info("Configuration loaded successfully")

// ProcessArgs processes and handles CLI arguments
func processArgs(cfg interface{}) args {
	var a args

	f := flag.NewFlagSet("Example server", 1)
	f.StringVar(&a.ConfigPath, "c", "config.yml", "Path to configuration file")

	fu := f.Usage
	f.Usage = func() {
		envHelp, _ := cleanenv.GetDescription(cfg, nil)
		fmt.Fprintln(f.Output(), envHelp)

	return a

To read the configuration I used an excellent package from Ilya Kaznacheev, because it allows you to read the configuration form the file and from the environment variables combined.

To wrapped up we need to add also the cmd package. Add the file cmd/server.go

package main

import (

func main() {
	logger.Log.Info("smtpd server is starting...")

We are almost done, let’s see if we can build

cd cmd
go build

To actually run the server we need create all the external resources

The Mailgun account

  • navigate to and create a new account
  • and then go to Sending/Overview select API and write down the sandbox domain and the API Key
  • it might be that you must configure an authorized recipient if you used the free account

The GCP bucket

gsutil mb -c nearline gs://$GCP_BUCKET

if you get the error “ServiceException: 409 Bucket smtpd-email-forward-123 already exists.” just change the name of the bucket, as I already use it when I tested the setup.

The GCP service account

# create the service account
gcloud iam service-accounts create smtpd-email-forward-123 \
    --description="A service account to write to the bucker" \

# grab the email
GCP_SERVICE_ACCOUNT=$(gcloud iam service-accounts list --format="value(email)" --filter="displayName=smtpd-email-forward-123")

# give the service account the permission to create objects
gsutil iam ch serviceAccount:$GCP_SERVICE_ACCOUNT:objectCreator gs://$GCP_BUCKET

# create and save the service account key
mkdir certs
gcloud iam service-accounts keys create certs/gcpServiceAccount.json \
  --iam-account $GCP_SERVICE_ACCOUNT

The server certificates

openssl req -x509 -newkey rsa:4096 -keyout ./certs/server.key -out ./certs/server.crt -days 365 -nodes

The default configuration file cmd/config.yml

appname: gcp-smtpd
starttlscert: ../certs/server.crt
starttlskey: ../certs/server.key
gcpcredentials: ../certs/gcpServiceAccount.json

and start up the server

cd cmd

to test your server run the following command on a separate terminal

telnet localhost 2525
From: "Bob Example" <>
To: Alice Example <>
Date: Tue, 15 Jan 2008 16:02:43 -0500
Subject: Test message
Hello Alice.
This is a test message with 5 header fields and 4 lines in the message body.
Your friend,

Done. You have you own smtp server.

Deploy to GCP

You should be able to run this server locally without any issue, but in order to deploy to GCP there are a few more actions to do

Create the Dockerfile

FROM alpine:3.7


ADD ./dist/smtpd /app/smtpd
ADD ./cmd/config.yml /app/config.yml

EXPOSE 2525/tcp

CMD ["/app/smtpd"]

Create the cloudbuild.yaml file

- name: golang:1.13
  entrypoint: /bin/sh
  - '-c'
  - |
    # build server
    env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -ldflags="-s" -o dist/smtpd ./cmd    
- name: ''
  args: [ 'build', '-t', '$PROJECT_ID/smtp-email-forward:${_VERSION_}', '.' ]
- '$PROJECT_ID/smtp-email-forward:${_VERSION_}'
  _VERSION_: 1.0.0

Trigger cloud build to push the image to the registry

gcloud builds submit --config cloudbuild.yaml .

Create the compute instance and set it the smtp server image

PROJECT_ID=$(gcloud config list --format 'value(core.project)')$PROJECT_ID/smtp-email-forward

gcloud compute instances create-with-container $VM_NAME \
    --zone $ZONE \
    --machine-type=e2-micro \
    --tags $VM_NAME-smtp \
    --container-image $DOCKER_IMAGE

Configure the firewall rules

gcloud compute firewall-rules create $VM_NAME-allow-smtp \
    --allow tcp:2525 \
    --source-ranges \
    --target-tags $VM_NAME-http

Test the server

IP_ADDRESS=$(gcloud compute instances describe $VM_NAME \
    --zone=$ZONE \

telnet $IP_ADDRESS 2525

If you setup the port 25 and is not working make sure that you ISP is not blocking the port 25, most of the residential ISP will block the outgoing port 25.

And the last step is to configure you MX record for your domain. Check this article on Wikipedia

In order to avoid unnecessary chargers you should delete all resources used in this tutorial

gcloud -q compute firewall-rules delete $VM_NAME-allow-smtp
gcloud -q compute instances delete $VM_NAME --zone $ZONE
gcloud -q container images delete $DOCKER_IMAGE:1.0.0
gcloud -q iam service-accounts delete $SQL_SERVICE_ACCOUNT


If you only want to be able to forward your email to another mailbox, you can use this project and configure it for unlimited number of domains and an unlimited number of email addresses and save some money. It will cost around 5$/month on GCP.

You can find all the full source code here