ENSMail is an email forwarding service for the Ethereum Name System.
1. Send mail to
2. ENSMail.org forwards the mail to the ENSIP-5 Text/Email Record for
The ENSMail system consists of 2 components: the Maddy email server and a custom built ENS email resolution service (ENS service).
- Maddy exposes a public SMTP endpoint (over STARTTLS, with DMARC, DKIM, and SPF mail verification).
- Maddy forwards incoming mail to the ENS service over LMTP.
- The ENS service looks up the mail’s RCPT addresses in ENS (it queries text/email records).
- ENS service rewrites the mails RCPT addresses with the email addresses found in ENS, and forwards the mail over LMTP to Maddy
- Maddy receives the re-written mail and forwards it to the remote SMTP server (over STARTTLS, with DANE and MTA-STS server verification).
This diagram documents the SMTP/LMTP message flow for a successful mail forwarding session initiated by
Note: Unlike conventional SMTP servers which maintain an outgoing mail-queue and retry logic for failed deliveries, ENSMail uses connection-stage rejection. If an incoming message can’t be immediately forwarded to its ultimate destination, the message will be rejected.
Development requires go1.17 or later. Run
make test to run unit tests, and
make build to build.
Integration tests are run with
make test-full, but require the following binaries in $PATH:
- mkcert, to generate local TLS certificates.
- maddy.cover, a debug-enabled
maddyexecutable required by the maddy testing suite.
- Generate production TLS certificates (with Let’s Encrypt, or otherwise), and set
TLS_CERT_FILE=<path to cert>and
TLS_KEY_FILE=<path to key>in configs/maddy.env.
HTTP_WEB3_PROVIDER=<http endpoint>in configs/web3.env.
sudo make install(this enables the
- Start with
sudo systemctl start ensmail
Note: Additional system administration steps are required to run a production email system. Please read the maddy installation guide for further information.