Before you can run the Stalwart JMAP Docker container, you are going to need a TLS certificate. If you currently don’t have one, you can obtain a free TLS certificate from Let’s Encrypt. Once you have your certificate ready, execute in your terminal:

docker run -d -ti -p 443:8080 -p 11200:11200 \
           -v <BASE_PATH>:/usr/local/stalwart-jmap \
           --name stalwart-jmap stalwartlabs/jmap-server:latest \
           --lmtp-bind-addr= \
           --jmap-url=https://<JMAP_HOSTNAME> \
           --jmap-cert-path=/usr/local/stalwart-jmap/jmap.crt \
           --jmap-key-path=/usr/local/stalwart-jmap/jmap.key \
           --db-path=/usr/local/stalwart-jmap/data \

Before starting the container, make sure to:

  • Replace <BASE_PATH> with the directory on the Docker host where the Stalwart JMAP data will reside.
  • Replace <JMAP_HOSTNAME> with your server’s hostname, for example
  • Replace <RANDOM_KEY> with a random string of at least 64 characters.
  • Store your TLS certificate under <BASE_PATH>/jmap.crt and the private key under <BASE_PATH>/jmap.key.
  • Execute sudo chown -R 1000:1000 <BASE_PATH>.

If everything is correct, you should now be able to access the OAuth login screen at https://JMAP_HOSTNAME/auth.


In order to be able to receive emails from the outside world, you need to enable the LMTP service and configure your Mail Transport Agent (MTA) to deliver messages to Stalwart JMAP over LMTP. Details on how to configure LMTP can be found on the LMTP section. You may also configure LMTP later and continue with the setup instructions.

SMTP (optional)

The JMAP protocol allows clients to submit e-mail messages for delivery without having to interact with an SMTP server. If you wish to enable this functionality, you’ll have to configure an SMTP relay server. Details on how to configure an SMTP relay server can be found on the SMTP relay section. Additionally, it is recommended that you enable DKIM on all your domain names.

Install CLI

In order to manage your Stalwart JMAP instance, you are also going to need to install the Stalwart CLI (command line interface). The CLI tool can be installed by following these instructions on the same server where Stalwart JMAP is running or any other computer with internet access to your server:

  • Linux / MacOS:

    curl --proto '=https' --tlsv1.2 -sSf | sh

    Once the installation is completed, the CLI tool will be available in your home directory at $HOME/.stalwart/stalwart-cli. You may add the $HOME/.stalwart directory to your PATH environment variable or move the stalwart-cli binary to a location that is already on your PATH variable.

  • Windows:

    Download the CLI tool directly from here.

Update password

For security reasons, it is very important that you change the default administrator password before your JMAP server starts accepting connections from the outside world. The default administrator account is admin with password changeme, which can be changed using the following CLI command:

stalwart-cli -u https://JMAP_HOSTNAME -c changeme account update admin -p NEW_PASSWORD

Next steps

Now that you have Stalwart JMAP up and running, you can proceed to create accounts for your users or import them from an existing mail server.