User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
services:stalwart [2025/02/17 06:34] willyservices:stalwart [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
Line 1: Line 1:
-====== Stalwart Mail Server ====== 
- 
- 
-**work in progress** 
- 
-[[https://stalw.art/|Stalwart]] Step into the future with Stalwart, the open-source e-mail powerhouse blending modern features with unparalleled security, speed, and scalability.  
- 
-I choose Stalwart because it's a new approach to serving mail. Instead of a bunch of interconnected tools, which are often a mess to setup, it's a one piece written from the ground up with a modern approach to email. 
- 
-Please check [[selfhost:email|this page]] to understand the choices done in this page. I assume that you are installing the email server on your **external** server, and not on the home server. 
- 
-===== Installation ===== 
- 
-Gentto ships with a reasonably recent release of Stalwart, do all you need to do is emerge it: 
-<code bash> 
-echo "net-mail/stalwart-mail ~amd64" >> /etc/portage/package.accept_keywords/stalwart 
-emerge -vp stalwart-mail 
-</code> 
- 
- 
- 
- 
- 
- 
- 
- 
- 
- 
-<code bash> 
-seradd -m -d /data/daemons/stalwart stalwart 
-mkdir /data/stalwart 
-chown stalwart:stalwart /data/stalwart 
-</code> 
- 
-<file - docker-compose.yml> 
-name: stalwart 
-services: 
-  mail-server: 
-    tty: true 
-    stdin_open: true 
-    ports: 
-      - 2443:443 
-      - 10025:125 # port 25 seems to create troubles in podman... 
-      - 2080:8080 
-      - 2587:587 
-      - 2465:465 
-      - 2143:143 
-      - 2993:993 
-      - 4190:4190 
-      - 2110:110 
-      - 2995:995 
-    volumes: 
-      - /data/stalwart:/opt/stalwart-mail 
-    container_name: stalwart-mail 
-    image: stalwartlabs/mail-server:latest 
-    networks: 
-      - stalwart-net 
- 
-networks: 
-  stalwart-net: {} 
-</file> 
- 
-Note that i have used all ports above 1024 to avoid issues with root-only ports in rootless containers. 
- 
-<code bash> 
-podman compose pull 
-podman compose up 
-</code> 
- 
-Note your admin usernamne and password like: 
-<code> 
-[mail-server] | 🔑 Your administrator account is 'admin' with password 'xxxx'. 
-</code> 
- 
-Change the SMTP port to //125// to match the above compose file 
- 
- 
-===== Configuration ===== 
- 
-From the web UI. 
- 
-Set hostname to your main email server. 
- 
-Stop uneeded services. 
- 
-Create domain. 
- 
-Configure DNS properly 
- 
-Create account. 
- 
-Open ports from remote to local: 
-<code bash> 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 25 : 10.100.0.1 . 10025 } 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 587 : 10.100.0.1 . 2587 } 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 465 : 10.100.0.1 . 2465 } 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 143 : 10.100.0.1 . 2143 } 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 993 : 10.100.0.1 . 2993 } 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 4190 : 10.100.0.1 . 4190 } 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 995 : 10.100.0.1 . 2995 } 
-nft add rule wg prerouting iifname "enp1s0" dnat ip to tcp dport map { 110 : 10.100.0.1 . 2110 } 
-</code> 
- 
-Link certificates. Create a certificate in GUI with these values:  
-<code> 
-%{file:/opt/stalwart-mail/etc/certs/fullchain.pem}% 
-%{file:/opt/stalwart-mail/etc/certs/privkey.pem}% 
-</code> 
-and **copy** the certs from /etc/letsencrypt/live/mydomain/[fullchain|privkey].pem to /data/stalwart/etc/certs 
-(create folder and make files readable!) 
- 
- 
- 
- 
  

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information