All-in-one secure mail and collaboration server covering IMAP, JMAP, SMTP, CalDAV, CardDAV, and WebDAV in a single memory-safe Rust binary.
Stalwart is an open-source, Rust-built mail and collaboration server that replaces fragmented stacks of separate MTAs, spam filters, calendar servers, and contact managers with a single secure, scalable platform. It speaks every major email and groupware protocol — JMAP, IMAP4rev2, POP3, SMTP, CalDAV, CardDAV, and WebDAV — and enforces modern transport security standards including DMARC, DKIM, SPF, ARC, DANE, and MTA-STS without any third-party dependencies.
The server ships with a built-in LLM-driven spam and phishing classifier, Sieve scripting, greylisting, DNS blocklist checking, and collaborative digest filtering via Pyzor. Its pluggable storage layer supports RocksDB, PostgreSQL, MySQL, SQLite, S3-compatible object stores, Azure Blob, FoundationDB, and Redis, making it adaptable to anything from a small home lab to a multi-thousand-user enterprise cluster.
Stalwart supports peer-to-peer cluster coordination or external pub/sub brokers — Redis, NATS, Zenoh, or Kafka — enabling horizontal scaling across dozens or hundreds of nodes with fault tolerance and high availability. Automatic ACME certificate provisioning via Let’s Encrypt, OpenTelemetry and Prometheus observability, multi-tenancy with domain isolation, and OAuth 2.0 / OpenID Connect authentication make it genuinely production-ready out of the box.
A web-based administration dashboard provides real-time statistics, queue management, DMARC/TLS report visualization, and self-service password reset, reducing operational overhead for teams without dedicated mail infrastructure expertise.
Architecture
Stalwart is structured as a Cargo workspace of roughly 25 specialized crates, each owning exactly one protocol or infrastructure concern — IMAP, SMTP, JMAP, DAV, spam-filter, coordinator, NLP, store, and trc are all separate, independently compiled units. Protocol session managers are generic over a shared Arc<Inner> state and spawned independently under Tokio, so all protocols operate concurrently without cross-protocol coupling. A central coordinator crate provides a pluggable pub/sub abstraction — Redis, NATS, Zenoh, Kafka, or standalone peer-to-peer — that decouples cluster event routing from protocol and storage logic entirely. Enterprise capabilities such as license validation, LLM-based spam classification, and per-account limits are isolated behind a Cargo enterprise feature flag and compile-time gated, keeping the community binary lean while sharing all other infrastructure. Dependency injection is achieved through Rust’s Arc ownership model rather than runtime IoC frameworks, making the ownership model explicit, auditable, and memory-safe without garbage collection.
Tech Stack
The server is written entirely in Rust (over 98% of codebase) targeting a single deployable binary with jemalloc as the default allocator for non-MSVC targets. Async concurrency runs on Tokio with aws-lc-rs as the TLS crypto backend via Rustls 0.23. Storage is feature-flag-selectable at compile time across RocksDB (default), PostgreSQL, MySQL, SQLite, FoundationDB, S3-compatible object stores, Azure Blob, and Redis. Full-text search ships with a built-in in-process engine and optional Meilisearch, Elasticsearch, or OpenSearch backends. Cluster coordination uses pluggable pub/sub backends with no hard runtime dependency on any specific broker. NLP for 17-language tokenization is implemented in a dedicated in-house crate. The web administration interface is bundled as a compressed resource and unpacked at startup — no separate web server required. Docker multi-stage builds use cargo-chef for reproducible, fast layer caching, with LTO and binary stripping enabled in release profiles for production deployment.
Code Quality
The test suite covers all major protocols with dedicated directories for IMAP (ACL, CONDSTORE, COPY/MOVE, IDLE, FETCH, body structure), SMTP (inbound, outbound, queue management, reporting), JMAP (calendar, contacts, mail, files, core compliance), and WebDAV — tests simulate real network-level interactions with mock DNS and virtual infrastructure rather than pure unit stubs. Rust’s type system enforces error handling through exhaustive result types and a structured typed event system in the trc crate: panics are reserved for programmer errors; all protocol and I/O failures propagate as structured errors. Clippy warnings for large futures, lossy casts, and sign loss are enabled project-wide. The project approaches 1.0 with deliberate architectural control — external contributions are temporarily limited to bug fixes, reflecting a conscious trade-off between community breadth and internal consistency as the schema finalizes. Documentation is extensive: comprehensive README, dedicated docs site, SECURITY policy, UPGRADING guides per major version, and structured inline comments in core modules.
What Makes It Unique Stalwart’s defining achievement is implementing the full modern groupware protocol suite — JMAP for Mail, Calendars, Contacts, and File Storage alongside IMAP4rev2, POP3, SMTP with all authentication extensions, CalDAV, CardDAV, and WebDAV — within a single memory-safe binary, a combination previously requiring multiple separate servers. The coordinator abstraction with pluggable pub/sub backends enables true multi-node clustering without hard-wiring any specific message broker, letting operators choose from Redis, NATS, Zenoh, Kafka, or a built-in peer-to-peer mode depending on operational preference. The compile-time enterprise feature gating is architecturally clean: LLM spam classification, license-bound account limits, and AI email analysis are genuinely isolated in separate source files rather than runtime flags, so the community binary is not merely a restricted enterprise build. The built-in NLP pipeline for 17-language full-text indexing and the integrated Bayesian spam classifier with collaborative filtering eliminate the need for external search or anti-spam services even in a minimal deployment.
Stalwart is dual-licensed: the core server and all standard protocol implementations are released under the GNU Affero General Public License version 3.0 (AGPL-3.0-only), while enterprise features are governed by the Stalwart Enterprise License 2.0 (SELv2). The AGPL requires that the full source of any modified version you run as a network service must be made available to users — this is a strong copyleft obligation that matters for SaaS providers or hosting companies building on Stalwart, but has no practical impact on organizations simply running the server internally for their own users. Commercial use of the AGPL version is permitted; there are no mailbox limits in the open-source build. The enterprise license (SELv2) is a per-domain, per-mailbox commercial subscription and activates additional capabilities including LLM-driven spam classification, advanced alerting, and enterprise-tier support. Sponsors contributing $5 USD per month or more on Open Collective automatically receive an enterprise license, making it accessible to individuals and small teams.
Running Stalwart yourself means you are responsible for the full operational stack: provisioning a server with adequate CPU and RAM for your mailbox count, managing DNS records (MX, SPF, DKIM, DMARC, TLSA for DANE), handling TLS certificate renewal (automated via ACME, but requires DNS or HTTP challenge access), performing database backups, monitoring disk growth as email accumulates, and applying binary updates by replacing the server executable. The single-binary architecture simplifies deployment considerably compared to multi-component stacks, and the web admin dashboard reduces day-to-day management burden, but you still own uptime, security patching, and capacity planning entirely.
Compared to a managed email service, self-hosting Stalwart means no third-party SLA, no managed DDoS mitigation, and no 24/7 support unless you purchase an enterprise subscription from Stalwart Labs LLC. The enterprise tier adds priority support with response-time commitments and access to a private support portal. The community support portal at support.stalw.art and Discord server cover the open-source tier. Organizations with strict uptime requirements or no dedicated infrastructure team should weigh the operational overhead carefully against the data sovereignty and cost benefits of self-hosting.