Maddy Mail Server - default configuration file (2021-03-07)

Suitable for small-scale deployments. Uses its own format for local users DB,

should be managed via maddyctl utility.

See tutorials at https://maddy.email for guidance on typical

configuration changes.

See manual pages (also available at https://maddy.email) for reference

documentation.

----------------------------------------------------------------------------

Base variables

state_dir ${stateDir}

$(hostname) = mx.mydomain.com

hostname $(hostname)

$(primary_domain) = mydomain.com

$(local_domains) = $(primary_domain)

tls off

----------------------------------------------------------------------------

Local storage & authentication

pass_table provides local hashed passwords storage for authentication of

users. It can be configured to use any "table" module, in default

configuration a table in SQLite DB is used.

Table can be replaced to use e.g. a file for passwords. Or pass_table module

can be replaced altogether to use some external source of credentials (e.g.

PAM, /etc/shadow file).

If table module supports it (sql_table does) - credentials can be managed

using 'maddyctl creds' command.

TODO replace with a static table with password hashes stored in the

config, if possible

auth.pass_table local_authdb {

table sql_table {

driver sqlite3

dsn credentials.db

table_name passwords

}

}

----------------------------------------------------------------------------

Outgoing SMTP

target.smtp forward_to_vultr {

targets tcp://mediocre-vultr.private-domain.com:587

attempt_starttls no

auth plain "mediocre-desktop" "XXX"

}

target.queue outgoing_queue {

target &forward_to_vultr

autogenerated_msg_domain $(primary_domain)

bounce {

destination postmaster $(local_domains) {

deliver_to &incoming_routing

}

default_destination {

reject 550 5.0.0 "Refusing to send DSNs to non-local addresses"

}

}

}

submission tcp://0.0.0.0:587 {

limits {

all rate 5 1s

}

auth &local_authdb

insecure_auth true

source $(local_domains) {

# If sending to a local domain, route this to the incoming pipeline

# internally

destination postmaster $(local_domains) {

deliver_to &incoming_routing

}

default_destination {

deliver_to &outgoing_queue

}

}

default_source {

reject 501 5.1.8 "Non-local sender domain"

}

}

----------------------------------------------------------------------------

Incoming SMTP

msgpipeline incoming_routing {

destination postmaster $(primary_domain) {

modify {

replace_rcpt regexp ".+@mydomain.com" "me@mydomain.com"

}

deliver_to &local_mailboxes

}

default_destination {

reject 550 5.1.1 "User doesn't exist"

}

}

smtp tcp://0.0.0.0:25 {

default_source {

destination postmaster $(local_domains) {

deliver_to &incoming_routing

}

default_destination {

reject 550 5.1.1 "User doesn't exist"

}

}

}

----------------------------------------------------------------------------

IMAP

imapsql module stores all indexes and metadata necessary for IMAP using a

relational database. It is used by IMAP endpoint for mailbox access and

also by SMTP & Submission endpoints for delivery of local messages.

IMAP accounts, mailboxes and all message metadata can be inspected using

imap-* subcommands of maddyctl utility.

storage.imapsql local_mailboxes {

driver sqlite3

dsn imapsql.db

}

TODO imap tls://0.0.0.0:993 tcp://0.0.0.0:143 {

imap tcp://0.0.0.0:143 {

tls off

auth &local_authdb

storage &local_mailboxes

}