Inbucket Installation Guide

Prerequisites

Create system user for security isolation and service management:

# Create required user/group
sudo useradd -r -s /bin/false inbucket

Installation Steps

1. Download and Install Binary

Setup the necessary files and directory structure for Inbucket:

# Download latest release
wget https://github.com/inbucket/inbucket/releases/download/v3.0.3/inbucket_3.0.3_linux_amd64.tar.gz

# Extract files
sudo tar xf inbucket_3.0.3_linux_amd64.tar.gz -C /usr/local/bin

# Create directories
sudo mkdir -p /etc/inbucket         # Configuration directory
sudo mkdir -p /var/local/inbucket   # Storage directory
sudo mkdir -p /usr/local/share/inbucket/ui  # Web interface files

2. Service Configuration

Create systemd service file for automated startup and management:

[Unit]
Description=Inbucket Disposable Email Service
After=network.target

[Service]
Type=simple
User=daemon
Group=daemon
PermissionsStartOnly=true

# Logging Configuration
Environment=INBUCKET_LOGLEVEL=error
Environment=INBUCKET_MAILBOXNAMING=full

# SMTP Configuration - Controls email reception
Environment=INBUCKET_SMTP_ADDR=0.0.0.0:25        # Listen on all interfaces
Environment=INBUCKET_SMTP_DOMAIN=example.com     # Primary domain
Environment=INBUCKET_SMTP_MAXRECIPIENTS=100      # Limit recipients
Environment=INBUCKET_SMTP_MAXMESSAGEBYTES=10240000  # Max message size ~10MB
Environment=INBUCKET_SMTP_DEFAULTACCEPT=false    # Strict domain acceptance
Environment=INBUCKET_SMTP_ACCEPTDOMAINS=example.com  # Allowed domains
Environment=INBUCKET_SMTP_DEFAULTSTORE=false     # Strict storage policy
Environment=INBUCKET_SMTP_STOREDOMAINS=example.com   # Domains to store
Environment=INBUCKET_SMTP_TIMEOUT=300s           # Connection timeout

# POP3 Configuration - For email clients
Environment=INBUCKET_POP3_ADDR=127.0.0.1:1100   # Local access only
Environment=INBUCKET_POP3_DOMAIN=example.com    # Service domain
Environment=INBUCKET_POP3_TIMEOUT=600s          # Client timeout

# Web Interface Settings
Environment=INBUCKET_WEB_ADDR=0.0.0.0:9000      # Web UI access
Environment=INBUCKET_WEB_UIDIR=/usr/local/share/inbucket/ui
Environment=INBUCKET_WEB_GREETINGFILE=/etc/inbucket/greeting.html
Environment=INBUCKET_WEB_TEMPLATECACHE=true     # Cache templates
Environment=INBUCKET_WEB_MAILBOXPROMPT=@example.com
Environment=INBUCKET_WEB_COOKIEAUTHKEY=GENERATE_RANDOM_KEY_HERE
Environment=INBUCKET_WEB_MONITORVISIBLE=true    # Show monitor page
Environment=INBUCKET_WEB_MONITORHISTORY=30      # History length

# Storage Configuration
Environment=INBUCKET_STORAGE_TYPE=file          # Storage backend
Environment=INBUCKET_STORAGE_PARAMS=path:/var/local/inbucket
Environment=INBUCKET_STORAGE_RETENTIONPERIOD=24h   # Keep mail for 24h
Environment=INBUCKET_STORAGE_RETENTIONSLEEP=86400s # Cleanup interval
Environment=INBUCKET_STORAGE_MAILBOXMSGCAP=100     # Messages per mailbox

# Service startup configuration
ExecStartPre=/sbin/setcap 'cap_net_bind_service=+ep' /usr/bin/inbucket
ExecStartPre=/bin/mkdir -p /var/local/inbucket
ExecStartPre=/bin/chown daemon:daemon /var/local/inbucket
ExecStart=/usr/bin/inbucket

TimeoutStopSec=20
KillMode=mixed

[Install]
WantedBy=multi-user.target

3. Set Permissions

Configure secure access permissions for storage:

sudo chown -R daemon:daemon /var/local/inbucket
sudo chmod 755 /var/local/inbucket

4. Service Management

Enable and start the Inbucket service:

sudo systemctl daemon-reload      # Load new service file
sudo systemctl enable inbucket    # Start on boot
sudo systemctl start inbucket     # Start now

Nginx Configuration

Setup Nginx with basic authentication:

# Install apache2-utils for htpasswd
sudo apt install apache2-utils

# Create password file
sudo htpasswd -c /etc/nginx/.htpasswd admin

# Nginx configuration
server {
    listen 80;
    server_name mail.example.com;

    location / {
        # Basic Auth
        auth_basic "Restricted Access";
        auth_basic_user_file /etc/nginx/.htpasswd;

        # Proxy settings
        proxy_pass http://localhost:9000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Manage Basic Auth Users

# Add new users
sudo htpasswd /etc/nginx/.htpasswd username

# Delete users 
sudo htpasswd -D /etc/nginx/.htpasswd username

Firewall Rules

Configure network access:

# Allow SMTP for email reception
sudo ufw allow 25/tcp

# Allow web interface access
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

Security Considerations

  1. Cookie Authentication:
    • Generate strong random key
    • Rotate regularly
    • Use SSL/TLS
  2. Domain Restrictions:
    • Limit SMTP domains
    • Configure strict acceptance
    • Enable storage only for allowed domains
  3. Resource Management:
    • Monitor disk usage
    • Set appropriate retention periods
    • Configure message size limits
  4. Access Control:
    • Use SSL for web interface
    • Consider IP restrictions
    • Monitor access logs
    • Regularly update Basic Auth passwords
Edit this page on GitHub
Table of Contents