[storage] data = "{{STORAGE_DATA}}" logs = "{{STORAGE_LOGS}}" queue = "{{STORAGE_DATA}}/queue" blobs = "{{STORAGE_DATA}}/blobs" [lookup] default = "internal" [lookup.internal] hostname = "{{MAIL_HOSTNAME}}" domain = "{{MAIL_DOMAIN}}" [smtp] hostname = "{{MAIL_HOSTNAME}}" bind = ["0.0.0.0:{{SMTP_PORT}}", "[::]:{{SMTP_PORT}}"] concurrency.remote = 10 max-message-size = 52428800 [smtp.auth] directory = "internal" [smtp.session] ehlo-required = true max-recipients = 100 [imap] bind = ["0.0.0.0:{{IMAP_PORT}}", "[::]:{{IMAP_PORT}}"] max-connections = 50 [jmap] bind = ["0.0.0.0:8081", "[::]:8081"] [http] bind = ["0.0.0.0:{{HTTP_PORT}}", "[::]:{{HTTP_PORT}}"] url = "http://{{MAIL_HOSTNAME}}:{{HTTP_PORT}}" [http.auth] directory = "internal" [manager] enable = true [metrics] enable = true [submission] bind = ["0.0.0.0:{{SUBMISSION_PORT}}", "[::]:{{SUBMISSION_PORT}}"] [sieve] bind = ["0.0.0.0:{{MANAGESIEVE_PORT}}", "[::]:{{MANAGESIEVE_PORT}}"] [acme] enable = false [dkim] domain = "{{MAIL_DOMAIN}}" selector = "stalwart" [authentication] directory = "internal" fail2ban = true [authentication.directory.internal] enable = true class = "internal" [authentication.directory.internal.config] backend = "rocksdb" path = "{{STORAGE_DATA}}/auth" [authentication.directory.internal.config.password.schemes] argon2 = true bcrypt = true sha512 = true [authentication.directory.internal.config.password.max] iterations = 10 size = 32 [authentication.directory.internal.config.password.force] iterations = false size = false [authentication.directory.internal.config.throttling] max-auth-per-ip = 10 max-errors-per-ip = 10 window-secs = 600 [authentication.directory.internal.config.heartbeat] enable = false interval-secs = 0 [authentication.fallback] enable = true [authentication.fallback.class] enable = true require-scope = false [authentication.fallback.class.config] verify-email = false verify-subaddress = false [authentication.fallback.class.config.domain] names = [] catch-all = false tag-plus = true tag-hyphen = false [authentication.fallback.class.config.oidc] enable = false discovery-url = "" client-id = "" client-secret = "" allow-signup = false scopes = ["openid", "email", "profile"] grant-type = "authorization-code" auth-url = "" token-url = "" userinfo-url = "" jwt-key = "" jwk-url = "" [storage.data] type = "rocksdb" path = "{{STORAGE_DATA}}/data" [storage.logs] type = "rocksdb" path = "{{STORAGE_DATA}}/logs" [storage.queue] type = "rocksdb" path = "{{STORAGE_DATA}}/queue" [storage.blobs] type = "rocksdb" path = "{{STORAGE_DATA}}/blobs" [storage.fts] type = "rocksdb" path = "{{STORAGE_DATA}}/fts" [storage.privacy] type = "rocksdb" path = "{{STORAGE_DATA}}/privacy" [storage.counters] type = "rocksdb" path = "{{STORAGE_DATA}}/counters" [storage.pool] type = "rocksdb" path = "{{STORAGE_DATA}}/pool" [storage.cache] type = "rocksdb" path = "{{STORAGE_DATA}}/cache" [storage.envelope] type = "rocksdb" path = "{{STORAGE_DATA}}/envelope" [storage.index] type = "rocksdb" path = "{{STORAGE_DATA}}/index" [storage.spam-filter] type = "rocksdb" path = "{{STORAGE_DATA}}/spam-filter" [storage.in-memory] type = "memory" [storage.static] type = "memory" [repository] default = "rocksdb" [repository.rocksdb] driver = "rocksdb" [smtp.queue] retry = [60, 300, 900, 3600, 7200, 21600, 43200] max-retries = 10 max-size = 52428800 notify = ["postmaster@{{MAIL_DOMAIN}}"] path = "{{STORAGE_DATA}}/queue" [smtp.queue.remote] concurrency = 10 timeout = 300 [smtp.outgoing] max-helo = 5 max-recipients = 100 max-connection-age = 600 max-connections = 10 greeting-delay = 0 [smtp.dkim] sign = ["{{MAIL_DOMAIN}}"] keys = [] [smtp.dmarc] reject = false allow-unsigned = true tag-only = false [smtp.spam-filter] enable = true path = "{{STORAGE_DATA}}/spam-filter" [smtp.auth.rate-limit] max-per-ip = 10 window-secs = 600 [http.dashboard] enable = true [http.api] enable = true [http.webmail] enable = false [http.static] enable = true [http.cors] allow-origin = "*" allow-methods = ["GET", "POST", "PUT", "DELETE"] allow-headers = ["Content-Type", "Authorization"] max-age = 3600 [http.tls] enable = false certificate = "" private-key = "" [logging] level = "info" [logging.channel.smtp] enable = true level = "info" [logging.channel.auth] enable = true level = "info" [logging.channel.store] enable = false level = "info" [logging.channel.http] enable = true level = "info"