To test it out create a new account here. This would give you an actual working email address. Next you could try turning on two factor authentication or logging into IMAP with an application specific password.
This entire webservice is just a front-end to WildDuck API. The web application does not make any database connections, everything is handled by using REST API calls against the API.
Receiving a cleartext message that the server encrypts before storing it to the mail store
3. Sending to the onion network
The following video demonstrates:
Composing a normal email message and addressing it to an onion email address
Sending the message
Receiving the message sent from WildDuck Mail Server to an onion email service
Generated email address is a real address and can be used with any mail client. IMAP is handled by WildDuck, MX messages are received by Haraka and outgoing messages are delivered by ZoneMTA.
All data is stored in a sharded MongoDB database. If there is not enough space then adding a new shard should fix that
Mail daemon processes avoid touching the filesystem (WildDuck and ZoneMTA do not touch file system after startup, Haraka writes and reads messages from a queue and spool folder) and do not execute any shell commands. Daemon processes run as unprivileged
users. All compiled node dependencies are optional and can be removed to avoid potential buffer overflows and such.
Messages sent through SMTP are automatically copied to the Sent Mail folder. This mostly affects POP3 users as IMAP clients usually upload the message by themselves
When sending, non-authorized From: address in the message header is replaced. "From: User Name <otheruser@domain>" becomes "From: User Name <email@example.com>"
Dots in usernames and addresses are ignored. firstname.lastname@example.org is the same as email@example.com
Labels in incoming email addresses are ignored. firstname.lastname@example.org is the same as email@example.com
Moving messages to and out of the Junk Mail folder raises a junk status change event for that message. This is currently not used though
Enabling TOTP based 2FA disables account password for IMAP, POP3 and SMTP
Application Specific Password comes with automatically generated mobileconfig file for iOS/OSX mail applications
Incoming messages are checked against user defined filters. Matching messages can be marked as seen or flagged. Messages can be moved to specific mailbox folder. Messages tagged as spam are moved to Junk Mail folder.
Messages can be forwarded to another email address or uploaded to an URL account wide (all incoming messages are forwarded) or filter based (only messages matching specific filter are forwarded)
All authentication related events are logged and shown in the account security page. This behavior will change in the future as mail clients generate a lot of noise (re-authenticating after short period of time). Such logins should be joined somehow into
This web service also makes use of the built-in GPG encryption feature of WildDuck where all cleartext messages are encrypted with user's public key before stored to disk. The encryption step is applied after filtering step so you could still filter messages by body text.