6 posts tagged with "smtp"

This Valentine's Day, we're not just celebrating love and companionship; we're also celebrating the groundbreaking advancements in the Stalwart Mail Server with the release of version 0.6.0. In a world where reliability and flexibility in mail server management are more critical than ever, Stalwart Mail Server takes a significant leap forward with the introduction of distributed SMTP queues and the integration of expressions in configuration files. Let's delve into how these features transform your mail server experience, making it more robust, efficient, and customizable than ever before.

Distributed SMTP Queues: A Heartbeat of Reliability​

The latest iteration of Stalwart Mail Server introduces a feature that's set to be the cornerstone of reliability and fault tolerance—distributed SMTP queues. Gone are the days when your SMTP queue was confined to the local hard drive, a vulnerability that could lead to data loss or downtime in the event of a server crash. With version 0.6.0, Stalwart Mail Server stores your SMTP queues in the database, a move that not only enhances fault tolerance but also paves the way for queue load distribution across multiple servers in a cluster.

Imagine your mail server as the heart of your organization's communication. Just as the heart's reliability is critical to the body's overall function, so is your SMTP queue's reliability to your organization's communication flow. Distributed SMTP queues ensure that if one server in the cluster experiences issues, the heartbeat of your communication doesn't skip a beat. This feature allows other servers in the cluster to pick up the load, ensuring uninterrupted mail flow and significantly reducing the risk of data loss.

This approach allows for a more balanced and efficient handling of email traffic, making your mail server cluster more resilient to individual failures and capable of handling higher volumes of email more effectively.

Expressions: A Language of Flexibility​

The second headline feature of version 0.6.0 is the support for expressions in configuration files. This addition opens up a new realm of flexibility, allowing you to define complex, dynamic criteria for evaluating and handling email messages based on various attributes, such as recipient, sender, remote IP addresses, and other variables.

With expressions, configuring your Stalwart Mail Server becomes akin to coding the DNA of your mail server's behavior. Whether it's routing, filtering, or processing rules, expressions enable you to tailor the mail server's operations to meet your specific needs with precision and adaptability. Consider a scenario where you want to apply specific actions only to emails from a certain domain or IP range, or perhaps to messages that meet a combination of criteria. With expressions, these complex conditions can be easily defined and integrated into your server's configuration, making it smarter and more aligned with your organizational policies.

Celebrate With Us​

As we release Stalwart Mail Server version 0.6.0 this Valentine's Day, we invite you to celebrate not just a day of love but also a milestone in mail server technology. With distributed SMTP queues and expressions in configuration files, we're not just sending you a token of our affection—we're equipping you with the tools to make your mail server environment more resilient, efficient, and tailored to your needs.

So here's to love, to innovation, and to a future where your mail server's reliability and flexibility are the foundation of your organization's communication success. Happy Valentine's Day, and welcome to the new era of Stalwart Mail Server.

In the world of email security, a recent concern has arisen known as SMTP Smuggling, a vulnerability that can be exploited to spoof emails. This blog post will explain what SMTP smuggling is and how Stalwart Mail Server is designed to be immune to this vulnerability. We'll also discuss a new feature we've implemented to protect other servers that might be vulnerable.

Understanding SMTP Smuggling​

SMTP smuggling is an exploitation technique that manipulates SMTP conversations to send spoofed emails from arbitrary addresses. It leverages interpretation differences in the SMTP protocol to bypass security checks like SPF alignment. The technique was identified as effective against multiple email providers and could have significant implications for email security.

Traditionally, the end of data in an SMTP conversation is indicated by a sequence <CR><LF>.<CR><LF> (CR LF stands for Carriage Return and Line Feed, standard text delimiters). However, if an SMTP server improperly interprets this sequence, it can be tricked into starting a new email within the content of an existing email, allowing attackers to inject malicious content and spoof emails that bypass SPF alignment checks.

Research has shown that even large organizations with sophisticated IT infrastructure are not immune to SMTP smuggling attacks. Notable entities such as Ebay, PayPal, Amazon, and even Microsoft, through their use of services like Microsoft Exchange Online, have experienced challenges due to non-compliance with certain RFC specifications. This underscores the importance of adhering to established protocols and standards in email communications. Compliance with these specifications is crucial for ensuring the security and integrity of email systems.

This vulnerability has led to calls for increased vigilance and improved email server configurations to prevent such exploits. For a detailed understanding of SMTP smuggling, please refer to the full article on SEC Consult's blog.

How Stalwart is Protected​

Stalwart Mail Server is designed with robust security measures that inherently protect it from SMTP smuggling attacks. Stalwart only accepts <CR><LF>.<CR><LF> as the terminating sequence for a DATA command. This strict adherence to protocol specifications prevents the ambiguity that can lead to smuggling attacks. Furthermore, when sending outgoing messages, Stalwart Mail Server utilizes the BDAT command whenever available. The BDAT command is not susceptible to SMTP smuggling issues, as it specifies the exact amount of data being sent, leaving no room for misinterpretation.

Protecting other Servers​

While Stalwart Mail Server itself is not vulnerable to SMTP smuggling, we recognize that other servers might be. To help protect the broader email ecosystem, we have introduced in version 0.5.1 a feature to sanitize outgoing messages that might attempt to exploit this bug in other servers. This feature involves applying the transparency procedure described in RFC5321 to outgoing messages even when these messages do not use CRLF as line terminators, which prevents the exploitation of SMTP smuggling vulnerabilities in other servers.

MECSA Compliance​

In our ongoing efforts to enhance email security, we are proud to announce that Stalwart Mail Server 0.5.1 is now compliant with the My Email Communications Security Assessment (MECSA) set by the European Union. MECSA compliance signifies a robust level of security in email communication, and one of the key features in achieving this compliance is the implementation of SMTP sender validation for authenticated users.

SMTP sender validation ensures that authenticated users can only issue MAIL FROM commands that match their login name or any of the email addresses associated with their accounts. Previously, implementing this level of validation required the creation of a Sieve script. However, with our latest update, this functionality is now a straightforward boolean entry in the system settings, defaulting to true for maximum security.

Conclusion​

In summary, Stalwart Mail Server's architecture and its strict adherence to SMTP protocol specifications inherently protect it against SMTP smuggling attacks. Furthermore, our commitment to the security of the email infrastructure extends beyond our server. The new feature to sanitize outgoing messages and our MECSA compliance demonstrate our proactive approach to safeguarding against vulnerabilities and contributing to a more secure email environment

Stay up to date with the latest in email security and Stalwart Mail Server's features by following our blog and updates.

Stalwart Mail Server continues its tradition of constant innovation and advancement with the release of version 0.3.2. Address rewriting has always been a highly requested feature, and we've delivered in a big way. The 0.3.2 update introduces sender and recipient address rewriting using both regular expressions and Sieve scripts. This means you now have the ability to manipulate and manage email addresses like never before, providing unparalleled flexibility in routing your emails.

But that's not all. We've also included support for subaddressing and catch-all addresses using regular expressions. This feature allows you to handle email addressing in more unique and sophisticated ways, aiding in spam management, and simplifying email routing to non-standard addresses.

Lastly, we've introduced dynamic variables in configuration rules. This allows you to use variables within settings that are resolved at runtime, further enhancing the flexibility and control you have over your mail server configuration.

This release is all about providing you with more control, adaptability, and management options for your email. We're incredibly excited to see how you will leverage these features to optimize your mail server. Upgrade to Stalwart Mail Server 0.3.2 and revolutionize the way you manage email addresses.

E-mail filtering is a crucial part of any modern mail server and, for this reason, we're excited to announce the addition of Milter support to the Stalwart Mail Server. This update, driven by user feedback, allows the integration of both new and old Milter filters, supporting versions 2 and 6, which expands the server's capabilities in inspecting, filtering, or modifying emails during processing.

A milter, or "mail filter", is an extension to mail servers based on the Sendmail protocol. Milters allow third-party software to access mail messages as they are being processed in order to filter, modify, or annotate them. By using Milters, a mail server can utilize a variety of functionalities such as spam filtering, virus scanning, and other types of mail processing, beyond what is built into the mail server itself. Milters operate at the SMTP protocol level, which means they have access to both the SMTP envelope and the message contents.

This new feature not only responds to our users' needs but also ensures that Stalwart can work seamlessly with any existing setup. Whether you are seeking better spam protection, antivirus measures, or implementing specific processing rules, milter filtering has got you covered.

Learn more about milter filters and how to set them up in our documentation.

We're thrilled to announce the release of Stalwart Mail Server, our biggest leap forward yet. This version combines the powerful capabilities of Stalwart JMAP, Stalwart IMAP, and Stalwart SMTP servers into one easy-to-install binary, offering you a unified, highly efficient mail server solution.

Here are some of the exciting new features:

• LDAP and SQL authentication support was added, giving you more flexibility and options to integrate Stalwart with your existing infrastructure.
• We've incorporated support for disk quotas to provide better control over your storage resources.
• Subaddressing and catch-all addresses are now supported. These features make the email handling process more flexible and efficient.
• Storage options have been extended with the inclusion of S3-compatible storage. Now you can store your emails and blobs using reliable and scalable solutions such as MinIO, Amazon S3, or Google Cloud Storage.
• In response to user feedback, we've replaced RocksDB with SQLite. Our community told us they wanted an open, trusted database technology with easier access to their data, and we listened!
• For those operating in distributed environments, you can now opt for the FoundationDB backend, supporting millions of users without sacrificing performance.
• Stalwart IMAP is no longer an IMAP-to-JMAP proxy, instead, it now provides direct access to the message store. This significant change has brought a tremendous improvement in performance, reducing latency, and making your mail operations faster than ever.
• We've also made significant strides in enhancing performance by rewriting the JMAP protocol parser and the storage API.
• Lastly, we've made the decision to switch from Actix Web Server to Hyper. This change has allowed us to reduce memory footprint and increase performance, resulting in a more optimized and efficient mail server.

With Stalwart Mail Server, we're delivering a more unified, powerful, and efficient solution that meets your growing email infrastructure needs. We're excited to see how you'll leverage these new capabilities, and as always, we're here to support you every step of the way!

It’s official! We are proud to announce the release of Stalwart SMTP, the next-generation email server solution written in Rust for businesses, organizations, and individuals alike.

Stalwart SMTP is a robust and secure email server that offers a comprehensive set of features to meet the needs of today’s demanding email communications. Whether you’re running a large enterprise or a small business, Stalwart SMTP is designed to handle the most complex email environments with ease.

One of the key features of Stalwart SMTP is its support for advanced email security protocols, including DMARC, DKIM, SPF, ARC, DANE, MTA-STS, and SMTP TLS reporting. This means that you can be sure that your emails are protected from spoofing and phishing attempts, and that your email messages are delivered securely to their intended recipients.

We are confident that Stalwart SMTP will meet the needs of businesses and organizations of all sizes, and we look forward to hearing your feedback and suggestions. To learn more about Stalwart SMTP, visit our website and start exploring the many features and benefits of this powerful email server solution.