The Stalwart Mail Server is a high-performance email solution designed to manage modern communication needs. It supports IMAP, JMAP, and SMTP protocols, offering a robust and efficient platform for email handling. With features like multi-domain support, strong authentication methods, and a lightweight design, it ensures secure and fast operations. The server is optimized for scalability and integrates well with various tools and environments.
Key Features
- JMAP, IMAP4, POP3 and ManageSieve server:
- JMAP server with Sieve Scripts, WebSocket, Blob Management and Quotas extensions.
- IMAP4rev2 and IMAP4rev1 server with support for numerous extensions.
- POP3 server with extensions, STLS and SASL support.
- ManageSieve server for managing Sieve scripts.
- SMTP server:
- Built-in DMARC, DKIM, SPF and ARC support for message authentication.
- Strong transport security through DANE, MTA-STS and SMTP TLS reporting.
- Inbound throttling and filtering with granular configuration rules, sieve scripting, MTA hooks and milter integration.
- Distributed virtual queues with delayed delivery, priority delivery, quotas, routing rules and throttling support.
- Envelope rewriting and message modification.
- Built-in Spam and Phishing filter:
- Comprehensive set of filtering rules on par with popular solutions.
- LLM-driven spam filtering and message analysis.
- Statistical spam classifier with automatic training capabilities.
- DNS Blocklists (DNSBLs) checking of IP addresses, domains, and hashes.
- Collaborative digest-based spam filtering with Pyzor.
- Phishing protection against homographic URL attacks, sender spoofing and other techniques.
- Trusted reply tracking to recognize and prioritize genuine e-mail replies.
- Sender reputation monitoring by IP address, ASN, domain and email address.
- Greylisting to temporarily defer unknown senders.
- Spam traps to set up decoy email addresses that catch and analyze spam.
- Flexible and scalable:
- Pluggable storage backends with RocksDB, FoundationDB, PostgreSQL, mySQL, SQLite, S3-Compatible, Azure, Redis and ElasticSearch support.
- Clustering support with node autodiscovery and partition-tolerant failure detection.
- Full-text search available in 17 languages.
- Sieve scripting language with support for all registered extensions.
- Email aliases, mailing lists, subaddressing and catch-all addresses support.
- Automatic account configuration and discovery with autoconfig and autodiscover.
- Multi-tenancy support with domain and tenant isolation.
- Disk quotas per user and tenant.
- Secure and robust:
- Encryption at rest with S/MIME or OpenPGP.
- Automatic TLS certificate provisioning with ACME using
TLS-ALPN-01, DNS-01 or HTTP-01 challenges.
- Automated blocking of IP addresses that attack, abuse or scan the server for exploits.
- Rate limiting.
- Security audited.
- Memory safe.
- Authentication and Authorization:
- OpenID Connect authentication.
- OAuth 2.0 authorization with authorization code and device authorization flows.
- LDAP, OIDC, SQL or built-in authentication backend support.
- Two-factor authentication with Time-based One-Time Passwords (
2FA-TOTP)
- Application passwords (App Passwords).
- Roles and permissions.
- Access Control Lists (ACLs).
- Observability:
- Logging and tracing with OpenTelemetry, journald, log files and console support.
- Metrics with OpenTelemetry and Prometheus integration.
- Webhooks for event-driven automation.
- Alerts with email and webhook notifications.
- Live tracing and metrics.
- Web-based administration:
- Dashboard with real-time statistics and monitoring.
- Account, domain, group and mailing list management.
- SMTP queue management for messages and outbound DMARC and TLS reports.
- Report visualization interface for received DMARC, TLS-RPT and Failure (ARF) reports.
- Configuration of every aspect of the mail server.
- Log viewer with search and filtering capabilities.
- Self-service portal for password reset and encryption-at-rest key management.