Secure & Modern All-in-One Mail Server (IMAP, JMAP, POP3, SMTP)
Find a file
2024-08-09 10:03:58 +02:00
.github Add enterprise cargo feature + Allow copying SEL licensed code for testing/development purposes (closes #602 closes #601) 2024-07-08 18:37:58 +02:00
crates Fix disabled events setting 2024-08-08 17:54:24 +02:00
img
LICENSES Add enterprise cargo feature + Allow copying SEL licensed code for testing/development purposes (closes #602 closes #601) 2024-07-08 18:37:58 +02:00
resources Fix typos (#599) 2024-07-08 15:28:32 +02:00
tests Fix disabled events setting 2024-08-08 17:54:24 +02:00
.gitignore
Cargo.lock v0.9.1 2024-08-08 12:50:00 +02:00
Cargo.toml Improved error handling (part 1) 2024-07-11 18:44:51 +02:00
CHANGELOG.md Updated README 2024-08-08 14:35:02 +02:00
CNAME
CONTRIBUTING.md CLA -> FLA 2024-08-02 11:22:29 +02:00
Dockerfile
install.sh Fix useradd command (closes #659) 2024-08-09 10:03:58 +02:00
README.md Updated README 2024-08-08 14:35:02 +02:00
SECURITY.md
UPGRADING.md Windows fix 2024-08-01 17:44:24 +02:00

Secure & Modern All-in-One Mail Server (IMAP, JMAP, POP3, SMTP) 🛡️


continuous integration   License: AGPL v3   Documentation

Mastodon   Twitter

Discord   Matrix

Features

Stalwart Mail Server is an open-source mail server solution with JMAP, IMAP4, POP3, and SMTP support and a wide range of modern features. It is written in Rust and designed to be secure, fast, robust and scalable.

Key features:

  • JMAP server:
  • IMAP4, POP3 and ManageSieve server:
  • SMTP server:
    • Built-in DMARC, DKIM, SPF and ARC support for message authentication.
    • Strong transport security through DANE, MTA-STS and SMTP TLS reporting.
    • Inbound throttling and filtering with granular configuration rules, sieve scripting, MTA hooks and milter integration.
    • Distributed virtual queues with delayed delivery, priority delivery, quotas, routing rules and throttling support.
    • Envelope rewriting and message modification.
  • Spam Phishing filter:
    • Comprehensive set of filtering rules on par with popular solutions.
    • Statistical spam classifier with automatic training capabilities.
    • DNS Blocklists (DNSBLs) checking of IP addresses, domains, and hashes.
    • Collaborative digest-based spam filtering with Pyzor.
    • Phishing protection against homographic URL attacks, sender spoofing and other techniques.
    • Trusted reply tracking to recognize and prioritize genuine e-mail replies.
    • Sender reputation monitoring by IP address, ASN, domain and email address.
    • Greylisting to temporarily defer unknown senders.
    • Spam traps to set up decoy email addresses that catch and analyze spam.
  • Flexible and scalable:
    • Pluggable storage backends with RocksDB, FoundationDB, PostgreSQL, mySQL, SQLite, S3-Compatible, Redis and ElasticSearch support.
    • Clustering support with node autodiscovery and partition-tolerant failure detection.
    • Built-in, LDAP or SQL authentication backend support.
    • Full-text search available in 17 languages.
    • Sieve scripting language with support for all registered extensions.
    • Email aliases, mailing lists, subaddressing and catch-all addresses support.
    • Automatic account configuration and discovery with autoconfig and autodiscover.
    • Metrics, tracing, logging and alerts with OpenTelemetry and Prometheus integration.
    • Webhooks for event-driven automation.
    • Disk quotas.
  • Web-based administration:
    • Account, domain, group and mailing list management.
    • SMTP queue management for messages and outbound DMARC and TLS reports.
    • Report visualization interface for received DMARC, TLS-RPT and Failure (ARF) reports.
    • Configuration of every aspect of the mail server.
    • Log viewer with search and filtering capabilities.
    • Self-service portal for password reset and encryption-at-rest key management.
  • Secure and robust:
    • Encryption at rest with S/MIME or OpenPGP.
    • Automatic TLS certificate provisioning with ACME using TLS-ALPN-01, DNS-01 or HTTP-01 challenges.
    • OAuth 2.0 authorization code and device authorization flows.
    • Two-factor authentication with Time-based One-Time Passwords (2FA-TOTP)
    • Application passwords (App Passwords).
    • Automated blocking of hosts that cause multiple authentication errors (aka fail2ban).
    • Access Control Lists (ACLs).
    • Rate limiting.
    • Security audited (read the report).
    • Memory safe (thanks to Rust).

Screenshots

Get Started

Install Stalwart Mail Server on your server by following the instructions for your platform:

All documentation is available at stalw.art/docs/get-started.

Support

If you are having problems running Stalwart Mail Server, you found a bug or just have a question, do not hesitate to reach us on GitHub Discussions, Reddit, Discord or Matrix. Additionally you may purchase a subscription to obtain priority support from Stalwart Labs Ltd.

Roadmap

  • JMAP Calendar, Contacts and Tasks support
  • CalDAV and CardDAV support
  • ActiveSync support

See the enhancement requests page for a full list of proposed features by the community.

Funding

Part of the development of this project was funded through the NGI0 Entrust Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 101069594.

If you find the project useful you can help by becoming a sponsor. Thank you!

Sponsors

These are some of our open-source sponsors:

James BrumondCarl SchwanEli RibbleJAMflow CloudStarsong ConsultingVie.eco


If you would like to support our work, please consider becoming a sponsor.

License

This project is dual-licensed under the GNU Affero General Public License v3.0 (AGPL-3.0; as published by the Free Software Foundation) and the Stalwart Enterprise License v1 (SELv1):

  • The GNU Affero General Public License v3.0 is a free software license that ensures your freedom to use, modify, and distribute the software, with the condition that any modified versions of the software must also be distributed under the same license.
  • The Stalwart Enterprise License v1 (SELv1) is a proprietary license designed for commercial use. It offers additional features and greater flexibility for businesses that do not wish to comply with the AGPL-3.0 license requirements.

Each file in this project contains a license notice at the top, indicating the applicable license(s). The license notice follows the REUSE guidelines to ensure clarity and consistency. The full text of each license is available in the LICENSES directory.

Copyright (C) 2024, Stalwart Labs Ltd.