mirror of
https://github.com/dreamhunter2333/cloudflare_temp_email.git
synced 2026-05-07 05:42:50 +08:00
c3058817ff
* feat(admin): add IP whitelist (strict allowlist mode) (#920) - Add enableWhitelist/whitelist fields to IpBlacklistSettings - Implement three-layer access control: whitelist → blacklist → daily limit - Whitelist uses exact match for IPv4/IPv6, regex for patterns - Whitelisted IPs skip blacklist checks (trusted) - Fail-closed when cf-connecting-ip missing under whitelist mode - Frontend: independent whitelist toggle + empty list protection - Backend: backward compatible (old frontends get defaults) - E2E tests: config validation + runtime behavior - Docs: CHANGELOG zh/en updated Closes #920 * fix(admin): address PR review feedback on IP whitelist - Add IPv4-mapped IPv6 (::ffff:x.x.x.x) exact match in isWhitelisted - Include error.message in whitelist regex parse failure log - Include actual/max size in whitelist size limit error message Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(admin): validate whitelist regex on save and preserve existing whitelist on partial update - Reject invalid regex patterns in whitelist at save time to prevent runtime lockout - Preserve existing enableWhitelist/whitelist from DB when older clients omit these fields Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(admin): revert P2 - keep simple ?? defaults for backward compat Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(admin): validate whitelist elements are strings before trimming Prevents 500 error when whitelist contains non-string elements (e.g. numbers, null) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * docs(admin): add IP blacklist/whitelist documentation (zh + en) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(admin): fix fingerprint blacklist bypass when cf-connecting-ip absent, improve e2e tests - Split checkBlacklist into checkFingerprintBlacklist (IP-independent) and checkIpAsnBlacklist - Fingerprint check now runs before the !reqIp early-return to prevent bypass - Add afterEach reset to config test group, extract RESET_SETTINGS constant - Strengthen whitelist-blocks test to deterministic 403 assertion - Add e2e tests: invalid regex rejection, non-string element rejection, fingerprint-blocks-without-IP Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(admin): suppress no-useless-escape lint warning in whitelist regex check Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Cloudflare Temp Email - Free Temporary Email Service
This project is for learning and personal use only. Please do not use it for any illegal activities, or you will be responsible for the consequences.
A fully-featured temporary email service!
- Completely Free - Built on Cloudflare's free services with zero cost
- High Performance - Rust WASM email parsing for extremely fast response
- Modern UI - Responsive design with multi-language support and easy operation
- Address Password - Support setting individual passwords for email addresses to enhance security (enabled via
ENABLE_ADDRESS_PASSWORD)
Deployment Documentation - Quick Start
Documentation | Github Action Deployment Guide
Changelog
See CHANGELOG for the latest updates.
Live Demo
Try it now → https://mail.awsl.uk/
Star History (Click to expand/collapse)
Table of Contents (Click to expand/collapse)
Core Features
Core Features Details (Click to expand/collapse)
Email Processing
- Use
rust wasmto parse emails, with fast parsing speed. Almost all emails can be parsed. Even emails that Node.js parsing modules fail to parse can be successfully parsed by rust wasm - AI Email Recognition - Use Cloudflare Workers AI to automatically extract verification codes, authentication links, service links and other important information from emails
- Support optional random second-level subdomain mailbox creation for selected base domains
- Support sending emails with
DKIMverification - Support multiple sending methods such as
SMTPandResend - Add attachment viewing feature with support for displaying attachment images
- Support S3 attachment storage and deletion
- Spam detection and blacklist/whitelist configuration
- Email forwarding feature with global forwarding address support
User Management
- Use
credentialsto log in to previously used mailboxes - Add complete user registration and login functionality. Users can bind email addresses and automatically obtain email JWT credentials to switch between different mailboxes after binding
- Support
OAuth2third-party login (Github, Authentik, etc.) - Support
Passkeypasswordless login - User role management with support for multi-role domain and prefix configuration
- User inbox viewing with address and keyword filtering support
Admin Features
- Complete admin console
- Create mailboxes without prefix in
adminbackend - Admin user management page with user address viewing feature
- Scheduled cleanup function with support for multiple cleanup strategies
- Get mailboxes with custom names,
admincan configure blacklist - Add access password for use as a private site
Multi-language & Interface
- Both frontend and backend support multi-language
- Modern UI design with responsive layout
- Google Ads integration support
- Use shadow DOM to prevent style pollution
- Support URL JWT parameter auto-login
Integration & Extensions
- Complete
Telegram Botsupport,Telegrampush notifications, and Telegram Bot mini app - Add
SMTP proxy serversupportingSMTPfor sending emails andIMAPfor viewing emails - Webhook support and message push integration
- Support
CF TurnstileCAPTCHA verification - Rate limiting configuration to prevent abuse
Technical Architecture
Technical Architecture Details (Click to expand/collapse)
System Architecture
- Database: Cloudflare D1 as the main database
- Frontend Deployment: Deploy frontend using Cloudflare Pages
- Backend Deployment: Deploy backend using Cloudflare Workers
- Email Routing: Use Cloudflare Email Routing
Tech Stack
- Frontend: Vue 3 + Vite + TypeScript
- Backend: TypeScript + Cloudflare Workers
- Email Parsing: Rust WASM (mail-parser-wasm)
- Database: Cloudflare D1 (SQLite)
- Storage: Cloudflare KV + R2 (optional S3)
- Proxy Service: Python SMTP/IMAP Proxy Server
Main Components
- Worker: Core backend service
- Frontend: Vue 3 user interface
- Mail Parser WASM: Rust email parsing module
- SMTP Proxy Server: Python email proxy service
- Pages Functions: Cloudflare Pages middleware
- Documentation: VitePress documentation site
Important Notes
- When adding domain records in Resend, if your DNS provider is hosting your 3rd level domain a.b.com, please remove the 2nd level domain prefix b from the default name generated by Resend, otherwise it will add a.b.b.com, causing verification to fail. After adding the record, you can verify it using:
nslookup -qt="mx" a.b.com 1.1.1.1