Upgrade your email with Stalwart.
One server for your email, calendars, contacts and shared files, with spam and phishing protection built in. Every standard protocol your clients already speak (JMAP, IMAP, POP3, SMTP, CalDAV, CardDAV and WebDAV) supported natively.
What used to take five servers, now takes one.
Compatible with every email client your users already have. Modern JMAP for new apps, full IMAP and POP3 for everything else, and SMTP for delivery.
Learn moreCollaboration
Calendars, contacts and shared files in the same server as the mail. Standard CalDAV, CardDAV and WebDAV for existing clients, and the modern JMAP equivalents for new ones.
Learn moreAnti-spam
Spam and phishing handled before messages reach the user. A statistical filter, public blocklists, sender reputation and AI-driven analysis, with no extra daemon to run.
Learn moreScale & security
Runs as one node or as a cluster across regions. Memory-safe Rust, encrypted-at-rest mailboxes, automatic TLS, and transport security verified end to end.
Learn moreReplace the legacy stack with one platform.
Running mail used to mean stitching together half a dozen separate components (an MTA, a message store, a spam filter, a calendar server, a contacts server, a file server) each with its own configuration quirks. Stalwart collapses all of that into one platform: fewer services to deploy, one configuration to learn, one place to look when something needs attention, and a smaller attack surface.
JMAP & IMAP
Instant multi-device sync over JMAP for new clients, plus full IMAP for the ones already in your fleet.
MTA
An SMTP server that authenticates senders (DKIM, SPF, DMARC, ARC), queues across the cluster and routes per domain, all without a separate relay tier.
Anti-spam
Stop unwanted mail and phishing at SMTP time, with a built-in classifier, blocklists, sender reputation and AI-driven analysis.
Collaboration
Calendars, contacts, file storage and sharing, reachable over both DAV and JMAP, sharing one identity layer with the mail.
Email security from the wire to the mailbox.
Security is a default in Stalwart, not an add-on. Mail in transit between servers stays encrypted and verified end to end, with DANE, MTA-STS and TLS reporting; TLS certificates renew themselves over ACME so nothing breaks at expiry; and mailboxes at rest can be encrypted with the user's own S/MIME certificate or OpenPGP key, so even an operator with disk access cannot read them.
- Encryption at rest with S/MIME or OpenPGP.
- Strong transport security through DANE, MTA-STS, and TLS reporting.
- Automatic TLS provisioning over ACME.
- Automated DKIM key generation, rotation, and DNS publication.
- Granular ACLs, rate limiting, and automatic IP banning.
- Memory-safe implementation in Rust.
- Independently security-audited.
A server that adapts to your environment.
From a single-node setup to a multi-tenant hosting platform, Stalwart fits the storage, search, external directory and DNS infrastructure you already run, instead of asking you to replace it. Mix and match the backends below to match the deployment you have, not the one a vendor would prefer.
- Pluggable storage: RocksDB, FoundationDB, PostgreSQL, MySQL, SQLite, S3, Azure Blob, Redis.
- Full-text search in 17 languages, internal or via Meilisearch, ElasticSearch, OpenSearch, PostgreSQL.
- LDAP, OIDC, SQL, or built-in auth, with 2FA, app passwords, and API keys.
- Automated DNS management on Cloudflare, Route53, Google Cloud DNS, and more.
- Sieve scripting plus Stalwart's expression language.
- Web administration plus a CLI.
Calendars, contacts and file storage in the same server.
Collaboration is part of the core product, not a sidecar. The same sign-in, the same access controls, the same disk quotas and the same monitoring cover mail, calendars, contacts and files. One backup covers all of it; one audit log records all of it.
- Calendar event scheduling with attendee invitations and free/busy lookup.
- Contact management with CardDAV and JMAP for Contacts.
- File storage and secure sharing over WebDAV and JMAP for File Storage.
- iMIP email notifications for invitations and updates.
- Fine-grained sharing through WebDAV ACL and JMAP Sharing.
- Auto-discovery for desktop and mobile clients.
Defence built in, not bolted on.
The spam and phishing filter ships inside the same product as the SMTP server, so unwanted mail is scored and rejected before it reaches the mailbox, with no extra daemon to deploy. Reports, trusted-reply tracking and sender reputation live in the same admin surface as the rest of the server, so an operator never has to chase a problem across two products.
- Built-in DMARC, DKIM and SPF for sender authentication.
- Statistical classifier with automatic training.
- Optional LLM-driven message analysis.
- DNSBL checking of IP addresses, domains, URLs, and hashes.
- Phishing protection against homograph URL attacks, sender spoofing, and other techniques.
- Trusted reply tracking and sender reputation by IP, ASN, domain, and email.
- Greylisting, spam traps, and Pyzor digest filtering.
- Milter and HTTP-based MTA Hooks for SpamAssassin, RSPAMD, and external scanners.
Built to scale to millions of mailboxes.
Stalwart was designed for clustering from day one, not retrofitted. Any node can serve any protocol, no external coordinator is required, and capacity grows by adding nodes, so the same product that handles a small organisation today handles a hosting platform tomorrow.
- High availability, load balancing and fault tolerance.
- Kubernetes, Apache Mesos, and Docker Swarm orchestration.
- Distributed MTA queue with delayed delivery, priority, quotas, routing, and throttling.
- Read replicas, sharded blob storage and in-memory data stores.
- Peer-to-peer cluster coordination using Zenoh; no external coordinator required.
- Optional coordinator-based clustering with Apache Kafka, Redpanda, NATS, or Redis.