Home
NostrMail¶
A simple email encryption tool based on secp256 key pairs.
How it works:
NostrMail encrypts content using a symetric key derived from a combination of the sender's private key and the receiver's public key.
Both sender and receiver derive a shared secret known only to them, which is used to protect their communications.
This application can use any email server for delivery.
Why have you done this?¶
NostrMail aims to improve privacy for the average pleb by bridging the gap between nostr and email. The two protocols serve different purposes, but they also solve each other's problems. For example, PGP does exist for email but it has not seen mainstream adoption because it relies on an existing key registry.
| Feature | Nostr | NostrMail | |
|---|---|---|---|
| Social Key Registry | |||
| PGP | |||
| Long form content | |||
| Archival Storage | |||
| Ubiquitous |
Obligatory warning¶
Nostrmail uses NIP-04, which has many issues pointed out here. While not perfect, it's better than cleartext.
Usage¶
You'll need docker.
Clone and navigate to the base of the repo directory, then:
docker compose up nostrmail
Navigate to http://localhost:8050
Here are all the services you can run with docker compose up <service name>
| service | purpose | port |
|---|---|---|
| nostrmail | main dashboard site | 8050 |
| alice | "Alice" dashboard for testing | 8051 |
| bob | "Bob" dashboard for testing | 8052 |
| docs | documentation site | 8000 |
| notebook | jupyter notebook for prototyping | 8888 |
Configuration¶
Environment variables¶
Create a .env file and place it in the base of this repo to set the defaults for the above containers.
NOSTR_PRIV_KEY=<your priv key>
EMAIL_ADDRESS=<your public email address>
EMAIL_PASSWORD=<email password>
# email server, assuming gmail
IMAP_HOST=imap.gmail.com
IMAP_PORT=2525
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
# this is where we find pub keys for now (should use NIP-02)
NOSTR_CONTACTS=/nostrmail/address_book.yaml
# the below configuration is for test purposes only
PRIV_KEY_ALICE=<priv key for alice>
EMAIL_ADDRESS_ALICE=yourname+alice@gmail.com
EMAIL_PASSWORD_ALICE=<same email password as above>
PRIV_KEY_BOB=<priv key for bob>
EMAIL_ADDRESS_BOB=yourname+bob@gmail.com
EMAIL_PASSWORD_BOB=<same password as above>
NOSTR_MAIL_IMAGE_TAG=<dockerhub_username>/nostr-mail
Address book/relays¶
Create a file in the local directory called address_book.yaml to specify private contacts.
Here's an example.
contacts:
- username: alice
pubkey: 12697aa72d2269aa632319d000b0548235d1d385dc16260ca77f704e802b5483
- username: bob
pubkey: 8619149c5549fa9970c042da77d9d018c7213e83aa49b89c234da9c298ecb941
- username: asher
pubkey: 86fb0bd1f7edcb17b39e897488f51f1d22ac6bd93aae491fc7cd45c9fb0d4ad8
relays:
- wss://nostr-pub.wellorder.net
- wss://relay.damus.io
Email¶
Configure your email account to allow sending and receiving emails. Here are instructions for gmail.
- Generate an app password (required if using 2-factor auth) See https://support.google.com/accounts/answer/185833?hl=en
- Set
EMAIL_PASSWORDin your.envfile as explained above. - Open gmail settings to enable IMAP
- In the top right, click Settings Settings and then See all settings.
- Click the Forwarding and POP/IMAP tab.
- In the "IMAP access" section, select Enable IMAP.
- Click Save Changes.