## Maddy Mail Server - default configuration file (2021-03-07) # Suitable for small-scale deployments. Uses its own format for local users DB, # should be managed via maddyctl utility. # # See tutorials at https://maddy.email for guidance on typical # configuration changes. # # See manual pages (also available at https://maddy.email) for reference # documentation. # ---------------------------------------------------------------------------- # Base variables state_dir ${stateDir} $(hostname) = mx.mydomain.com hostname $(hostname) $(primary_domain) = mydomain.com $(local_domains) = $(primary_domain) tls off # ---------------------------------------------------------------------------- # Local storage & authentication # pass_table provides local hashed passwords storage for authentication of # users. It can be configured to use any "table" module, in default # configuration a table in SQLite DB is used. # Table can be replaced to use e.g. a file for passwords. Or pass_table module # can be replaced altogether to use some external source of credentials (e.g. # PAM, /etc/shadow file). # # If table module supports it (sql_table does) - credentials can be managed # using 'maddyctl creds' command. # TODO replace with a static table with password hashes stored in the # config, if possible auth.pass_table local_authdb { table sql_table { driver sqlite3 dsn credentials.db table_name passwords } } # ---------------------------------------------------------------------------- # Outgoing SMTP target.smtp forward_to_vultr { targets tcp://mediocre-vultr.private-domain.com:587 attempt_starttls no auth plain "mediocre-desktop" "XXX" } target.queue outgoing_queue { target &forward_to_vultr autogenerated_msg_domain $(primary_domain) bounce { destination postmaster $(local_domains) { deliver_to &incoming_routing } default_destination { reject 550 5.0.0 "Refusing to send DSNs to non-local addresses" } } } submission tcp://0.0.0.0:587 { limits { all rate 5 1s } auth &local_authdb insecure_auth true source $(local_domains) { # If sending to a local domain, route this to the incoming pipeline # internally destination postmaster $(local_domains) { deliver_to &incoming_routing } default_destination { deliver_to &outgoing_queue } } default_source { reject 501 5.1.8 "Non-local sender domain" } } # ---------------------------------------------------------------------------- # Incoming SMTP msgpipeline incoming_routing { destination postmaster $(primary_domain) { modify { replace_rcpt regexp ".+@mydomain.com" "me@mydomain.com" } deliver_to &local_mailboxes } default_destination { reject 550 5.1.1 "User doesn't exist" } } smtp tcp://0.0.0.0:25 { default_source { destination postmaster $(local_domains) { deliver_to &incoming_routing } default_destination { reject 550 5.1.1 "User doesn't exist" } } } # ---------------------------------------------------------------------------- # IMAP # imapsql module stores all indexes and metadata necessary for IMAP using a # relational database. It is used by IMAP endpoint for mailbox access and # also by SMTP & Submission endpoints for delivery of local messages. # # IMAP accounts, mailboxes and all message metadata can be inspected using # imap-* subcommands of maddyctl utility. storage.imapsql local_mailboxes { driver sqlite3 dsn imapsql.db } #TODO imap tls://0.0.0.0:993 tcp://0.0.0.0:143 { imap tcp://0.0.0.0:143 { tls off auth &local_authdb storage &local_mailboxes }