Martin Weinelt
33ba1ff52b
Drop most of the existing certificate handling, because we're effectively duplicating functionality that NixOS offers for free with better design, testing and maintainance than what we could provide downstream. The remaining two options are to reference an existing `security.acme.certs` configuration through `mailserver.x509.useACMEHost` or to provide existing key material via `mailserver.x509.certificateFile` and `mailserver.x509.privateKeyFile`. Support for automatic creation of self-signed certificates has been removed, because it is undesirable in public mail setups. The updated setup guide now displays the recommended configuration that relies on the NixOS ACME module, but requires further customization to select a suitable challenge. Co-Authored-By: Emily <git@emilylange.de>
Release branches
For each NixOS release, we publish a branch. You then have to use the SNM branch corresponding to your NixOS version.
- For NixOS 25.11
- For NixOS 25.05
- For NixOS unstable
- Use the SNM branch
master - Documentation
- Use the SNM branch
Features
- Continous Integration Testing
- Multiple Domains
- Postfix
- SMTP on port 25
- Submission TLS on port 465
- Submission StartTLS on port 587
- LMTP with Dovecot
- DANE and MTA-STS validation
- SMTP TLS Reports (RFC 8460)
- Dovecot
- Maildir folders
- IMAP with TLS on port 993
- POP3 with TLS on port 995
- IMAP with StartTLS on port 143
- POP3 with StartTLS on port 110
- Certificates
- ACME
- Custom certificates
- Spam Filtering
- Via Rspamd
- Virus Scanning
- Via ClamAV
- DKIM Signing
- Via Rspamd
- User Management
- Declarative user management
- Declarative password management
- LDAP users
- Sieve
- Allow user defined sieve scripts
- Moving mails from/to junk trains the Bayes filter
- ManageSieve support
- User Aliases
- Regular aliases
- Catch all aliases
- Improve the Forwarding Experience
In the future
- Automatic client configuration
- DKIM Signing
- Allow per domain selectors
- Allow passing DKIM signing keys
- Improve the Forwarding Experience
- User management
- Allow local and LDAP user to coexist
- OpenID Connect
- Depends on relevant clients adding support, e.g. Thunderbird
Get in touch
- Matrix: #nixos-mailserver:nixos.org
- IRC:
#nixos-mailserveron Libera Chat
How to Set Up a 10/10 Mail Server Guide
Check out the Setup Guide in the project's documentation.
For a complete list of options, see in readthedocs.
Development
See the How to Develop SNM documentation page.
Contributors
See the contributor tab
Alternative Implementations
Credits
- send mail graphic by tnp_dreamingmao from TheNounProject is licensed under CC BY 3.0
- Logo made with Logomakr.com