About Ephemask
An independent, privacy-first temporary email service.
// What Ephemask is
Ephemask is a disposable email service that gives you an anonymous inbox for a few minutes — enough to receive a verification email, a download link, or a one-off message — and then deletes the inbox and every message in it. It's free for the basic 10-minute inbox; a $4/month or $40/year Premium tier extends the inbox lifetime, allows multiple inboxes, custom domains, vanity addresses, email forwarding, an HMAC-signed webhook, two-factor authentication, and a public REST API.
// Who runs it
Ephemask is built and operated by an independent developer. The codebase is open at github.com/mqmalagris/ephemask — you can audit how messages are stored, when they expire, and which third parties (Stripe, RevenueCat, Google Analytics, AdSense) are involved.
There is no corporate parent, no investors with access to your data, and no advertising contract that requires us to retain message contents.
// How your data is handled
Inbox lifetime. Free inboxes live 10 minutes; Premium inboxes can be created with up to 60 minutes. When the timer expires, the DynamoDB record holding the inbox metadata is deleted automatically by AWS DynamoDB TTL — there is no scheduled job in the middle that could fail and keep your data.
Raw email storage. Incoming messages arrive via Amazon SES, which writes the original .eml file to an S3 bucket. That bucket has a 1-day lifecycle policy, so even the raw payload is purged within 24 hours regardless of inbox TTL. We never copy messages to backup buckets and we never archive them.
Account data (Premium). If you create a Premium account, we store your email (used only for magic-link login), your tier, your custom domains, your forwarding target, your webhook URL + HMAC secret, and your TOTP secret if you've enabled 2FA. Account deletion is a self-serve button on the account page; canceling your subscription is required first to avoid stranded charges.
Anonymous use. The free tier requires no account at all — the API issues a per-inbox token, which is the only thing that authenticates reads of that inbox. We do not associate inbox addresses with IP addresses or browser fingerprints; the only persistent identifier we hold for anonymous users is the inbox token they created.
// What we don't do
- − We don't sell your data. The Premium price ($4/month) is the entire revenue model alongside ads on the free tier.
- − We don't read your messages. The HTML body is rendered in a sandboxed iframe in your browser; the server stores it, exposes it via the API, and deletes it.
- − We don't keep deleted messages. DynamoDB TTL and S3 lifecycle are the source of truth — there's no shadow archive.
- − We don't ship your email address to advertisers. Google AdSense and Google Analytics are loaded on the free tier; Premium turns both off.
// Stack
Backend: Go on AWS Lambda, DynamoDB, SES (inbound + outbound), API Gateway, and S3. Web: Astro 5 + Svelte 5 + Tailwind on Vercel. Mobile: React Native + Expo. Payments: RevenueCat Web Billing on top of Stripe. Infrastructure as code: Terraform.
All of this is published on GitHub.
// Contact
- + support@ephemask.com — general questions and bug reports.
- + legal@ephemask.com — abuse reports, takedown requests, compliance.
- + GitHub Issues — public bug tracker.