I've accumulated a few domain names now, and while I use them for various things I hardly expect much mail traffic through them at all. But I also don't want to have to manage multiple mailboxes when I have a perfectly good Gmail inbox sitting at the centre of my life.
I want a setup where mail is forwarded from *@secondary.com to firstname.lastname@example.org, so after playing around with [OpenSMTPD] (which is rather nice indeed), here's what I came up with.
Email works through three acronyms, and it is very much like a post office:
Gmail does all three: its servers are the MTAs, and its web interface is an MDA and MUA rolled into one.
There are three protocols used for emails, with secure variants too; I've listed them with their default port and secure port.
IMAP and POP3 are for storing mail and SMTP is for sending mail; it's pretty unlikely that you will want to use POP3 these days, I certainly don't, but it can be suitable if you want to download all of your mail and then not interact with the internet for long periods at a time.
OpenSMTPD is a Mail Transport Agent; it's part of the OpenBSD project and runs on Linux quite well. It's also very simple to configure, and like pretty much everything in the OpenBSD project, it's confidently secure.
In this use case, secondary domains use a MX record1 to point to a server running OpenSMTPD, which then accepts all mail for those domains and forwards it to a single address, accomplished as follows:
#/etc/smtpd/domains secondary.com tertiary.net quaternary.org
#/etc/smtpd/secrets memorable-label email@example.com:PASSWORD
#/etc/smtpd/users @ firstname.lastname@example.org
#/etc/smtpd/smtpd.conf # We're accepting external mail listen on eth0 # The domains we want forwarding for table domains file:/etc/smtpd/domains # Credentials to sign in to gmail SMTP servers table secrets db:/etc/smtpd/secrets.db # Mappings of where emails should be forwarded to table users file:/etc/smtpd/users # Required for local mail accept for local alias <aliases> deliver to mbox # If it's not from here, and it is for any of our domains, deliver it according # to our rules accept from ! local for domain <domains> virtual <users> deliver to mbox # Authenticate with gmail's SMTP server and use that to send mail sent from here accept from local for any relay via tls+auth://email@example.com:587 auth <secrets> # !!! Make sure that you're not accepting any old mail to relay or you could # !!! help send spam. This is included in the default config to make you aware. #accept for any relay # If this isn't commented, it probably should be
(Note: There's no reason why firstname.lastname@example.org can't be the same as email@example.com)
I would strongly suggest that you use an Application Specific Password instead of your main password, so that two factor authentication works, and if it's compromised at least your password is okay.2 Also it might not be necessary to use Gmail's SMTP server, but I tend to find that things get flagged as spam if I don't - Your mileage may vary.
And there we go, sign up for whatever you want with your throwaway domains and make up email addresses for them on the spot; filtering can be done in your inbox by recipient as that's not overwritten during forwarding.