Welcome to Stalwart
Welcome to Stalwart, an open-source mail and collaboration server designed for the modern internet. Stalwart supports a wide range of protocols including JMAP, IMAP4, POP3, SMTP, CalDAV, CardDAV, and WebDAV, covering email, calendars, contacts, and file storage. Built in Rust, Stalwart is designed to be secure, fast, reliable, and scalable, and is capable of running everything from small personal mail servers to large, distributed enterprise deployments.
System Requirements
Stalwart is a high-performance mail and collaboration server designed to scale efficiently from small personal deployments to large enterprise environments. Its resource requirements (particularly in terms of memory and CPU) are highly dependent on usage patterns, including the number of concurrent connections and the intensity of client activity. This document provides guidance on estimating and managing memory and CPU requirements to ensure optimal performance across different deployment scenarios.
Installation
3 items
Choosing a database
Stalwart employs a modular storage architecture that separates different types of data into four distinct stores. This design provides flexibility and allows each storage component to be optimized independently, depending on the scale and needs of the deployment.
Choosing a directory
In Stalwart, a directory refers to the authentication backend responsible for managing user identities and access credentials. Directories are essential for validating login attempts, retrieving account-related information, and, in some cases, managing user configuration. Stalwart supports both internal and external directory configurations, giving administrators flexibility in how authentication is handled.
Setting up DNS
Correctly configured DNS records are essential for email delivery, client compatibility, and transport security. The records listed below direct incoming mail, authenticate outgoing messages, enforce TLS, advertise policy to remote senders, and allow mail clients to discover and connect to the server automatically.
Securing your server
Stalwart is secure by design. From the moment it's deployed, it applies safe, security-conscious defaults that follow best practices for modern mail server operation. Out of the box, it includes built-in defense mechanisms to protect against common threats. For example, Stalwart can automatically detect and block IP addresses that attempt brute-force password attacks, guess account names, scan for vulnerabilities, or launch SYN flood attacks. These protections operate continuously to reduce the risk of abuse and compromise.
Performance tuning
Stalwart is designed for efficiency and can handle substantial workloads with default settings. For small or personal deployments, extensive performance tuning is rarely necessary; defaults are more than sufficient. For larger-scale or high-traffic environments, fine-tuning specific parameters can help the server remain responsive under load.
Upgrading
At this stage, Stalwart does not yet include an automated upgrade tool, which means all upgrades must be performed manually. This is by design: Stalwart is evolving rapidly, and some newer versions introduce data migrations that can modify or restructure existing data. These operations require supervision to ensure a smooth and safe transition. Automating them too early could increase the risk of data corruption or service disruption.