Stalwart

From NixOS Wiki
Revision as of 20:18, 19 April 2024 by Klinger (talk | contribs)

Stalwart is an open-source, all-in-one mail server solution that supports JMAP, IMAP4, and SMTP protocols. It's designed to be secure, fast, robust, and scalable, with features like built-in DMARC, DKIM, SPF, and ARC support for message authentication. It also provides strong transport security through DANE, MTA-STS, and SMTP TLS reporting. Stalwart is written in Rust, ensuring high performance and memory safety.

Setup

/etc/nixos/configuration.nix
services.stalwart-mail = {
  enable = true;
  settings = {
    certificate."snakeoil" = {
      cert = "file://${certs.${domain}.cert}";
      private-key = "file://${certs.${domain}.key}";
    };
    server = {
      hostname = domain;
      tls = {
        certificate = "snakeoil";
        enable = true;
        implicit = false;
      };
      listener = {
        "smtp-submission" = {
          bind = [ "[::]:587" ];
          protocol = "smtp";
        };
        "imap" = {
          bind = [ "[::]:143" ];
          protocol = "imap";
        };
      };
    };
    session = {
      rcpt.directory = "in-memory";
      auth = {
        mechanisms = [ "PLAIN" ];
        directory = "in-memory";
      };
    };
    jmap.directory = "in-memory";
    queue.outbound.next-hop = [ "local" ];
    directory."in-memory" = {
      type = "memory";
      users = [
        {
          name = "alice";
          secret = "foobar";
          email = [ "alice@${domain}" ];
        }
        {
          name = "bob";
          secret = "foobar";
          email = [ "bob@${domain}" ];
        }
      ];
    };
  };
};

See also