Get in Touch

Course Outline

Introduction to Stalwart

  • What Stalwart is and why it was built
  • Single Rust binary architecture
  • Comparison with traditional mail stacks
  • Licensing: AGPL-3.0 and Enterprise

Installation and Initial Setup

  • System requirements and platform support
  • Installation via Docker and Docker Compose
  • Installation on Linux from binary
  • Database backend selection
  • Bootstrap mode and setup wizard

Core Protocols and DNS

  • SMTP configuration for inbound and outbound
  • IMAP4 and JMAP for mail access
  • POP3 for legacy clients
  • DNS records: MX, SPF, DKIM, DMARC
  • Automated DKIM key rotation

Security and Authentication

  • TLS with ACME certificate provisioning
  • DANE and MTA-STS transport security
  • Authentication backends: internal, LDAP, OIDC, SQL
  • OAuth 2.0 and two-factor authentication
  • Access control lists and permissions
  • Rate limiting and automated IP blocking

Spam and Phishing Protection

  • Built-in spam filter architecture
  • AI and LLM-driven classification
  • Statistical Bayesian classifier
  • DNS blocklists and Pyzor
  • Greylisting and spam traps
  • Phishing and homographic attack protection

Storage and Search Backends

  • Storage options: RocksDB, PostgreSQL, MySQL, SQLite
  • Cloud blob storage with S3 and Azure
  • Caching with Redis
  • Full-text search: built-in vs external engines

Collaboration Services

  • CalDAV and JMAP Calendars
  • CardDAV and JMAP Contacts
  • WebDAV file storage
  • Sharing with ACLs and JMAP Sharing

Multi-Tenancy and User Management

  • Domain and tenant isolation
  • User accounts and groups
  • Mailing lists and aliases
  • Subaddressing and catch-all addresses
  • Disk quotas per user and tenant

Administration and Monitoring

  • WebUI dashboard and statistics
  • CLI for scripting and automation
  • SMTP queue management
  • OpenTelemetry and Prometheus metrics
  • Webhooks for event automation

Clustering and High Availability

  • Peer-to-peer cluster coordination
  • Clustering with Kafka and Redis
  • Read replicas and sharded storage
  • Kubernetes deployment
  • Fault tolerance design

Advanced Configuration

  • Sieve scripting language
  • MTA hooks and milter integration
  • Routing rules and virtual queues
  • Envelope rewriting

Migration and Integration

  • Migrating from Postfix and Dovecot
  • Migrating from Exchange
  • Autoconfig and Autodiscover
  • Automated DNS management
  • API-driven declarative deployments

Requirements

  • Comfortable working on the Linux command line
  • Basic understanding of DNS concepts
  • Familiarity with email fundamentals is helpful but not required

Audience

  • System administrators
  • DevOps and platform engineers
  • IT infrastructure specialists
  • Anyone managing or planning a self-hosted email deployment
 21 Hours

Related Categories