Gateway

The Gateway is a receive-only SMTP server designed for QA and testing environments. It accepts incoming emails, validates authentication (SPF, DKIM, DMARC, reverse DNS), and stores them with configurable retention.

Key Capabilities

• SMTP Reception: Receive-only server on port 25 with automatic TLS via Let’s Encrypt
• Email Authentication: SPF, DKIM, DMARC, and reverse DNS validation (configurable per inbox or globally)
• Spam Analysis: Optional Rspamd integration for spam detection with per-inbox control
• Chaos Engineering: Simulate delivery failures (latency, errors, connection drops, greylisting, blackhole) to test resilience
• Configurable Encryption: Quantum-safe encryption (ML-KEM-768) by default, with optional plain storage mode
• Web Interface: Angular-based UI at /app for viewing emails and authentication results
• REST API: Programmatic access to emails with auto-generated API keys
• Webhooks: Real-time HTTP notifications for email events with cryptographic signatures
• Configurable Retention: Default 7-day TTL, adjustable via environment variables

Architecture

The Gateway runs as a single container with two integrated components:

• Backend (NestJS): SMTP server, certificate management, REST API, serves the frontend
• Frontend (Angular): Email viewer, authentication results display, inbox management

┌─────────────────────────────────────┐
│  Frontend (Angular)                 │
│  - Served at /app                   │
│  - API calls via /api               │
└──────────────┬──────────────────────┘
               │ HTTP(S)
┌──────────────▼──────────────────────┐
│  Backend (NestJS)                   │
│  - REST API (/api)                  │
│  - SMTP Server (port 25)            │
│  - Let's Encrypt certificates       │
└─────────────────────────────────────┘

Requirements

• Public IP with ports 25, 80, and 443 accessible
• DNS control for your testing domain (A record + MX record)
• Docker (recommended) or Node.js 18+

Links

• GitHub Repository
• Docker Hub

Next Steps

• Configuration - Environment variables and setup options
• API Keys - Authentication for the REST API
• API Reference - REST API endpoints
• Webhooks - Real-time HTTP notifications for email events
• Spam Analysis - Rspamd integration for spam detection
• Chaos Engineering - Simulate delivery failures to test resilience
• Security - Security features and considerations