Sign in Subscribe
Email

Stalwart: Personal Email Server

Stalwart made one of the hardest systems to manage, the easiest thing I've done in a while. Bonus is automatically encrypting all incoming email at rest using OpenPGP key or S/MIME certificate.

Forthright

3 min read

Worth it.

Getting your email to be automatically encrypted at rest using an S/MIME certificate is chefs' kiss.

Prerequisites

What is My Public IP Address
Internet Protocol addresses are similar to house addresses or cell phone numbers. There are two systems in use version 4 and version 6. While version 4 is similar to a home address where multiple people share the same address, version 6 is more similar to a phone number where you
Forthright EngineerForthright
Create and Publish SSH Keys
Secure SHell keys are used to authenticate yourself to a system. You will need them to secure your access to a system without the use of a password. SSH keys come in two pairs. The public keyand the private key. Generate a Key Pair First we generate our key pair.
Forthright EngineerForthright
Create a Personal Data Center
Prerequisites What is My Public IP AddressInternet Protocol addresses are similar to house addresses or cell phone numbers. There are two systems in use version 4 and version 6. While version 4 is similar to a home address where multiple people share the same address, version 6 is more similar
Forthright EngineerForthright
Installing Ubuntu
Prerequisites Create and Publish SSH KeysSecure SHell keys are used to authenticate yourself to a system. You will need them to secure your access to a system without the use of a password. SSH keys come in two pairs. The public keyand the private key. Generate a Key Pair First
Forthright EngineerForthright
DNS Record Types
DNS is the easiest and hardest system to use in info tech.
Forthright EngineerForthright
S/MIME Certificate
Being able to encrypt your emails and sign them so others know you personally sent them, is worth the struggle.
Forthright EngineerForthright

Stalw.art has a STUPID easy process to do the initial install. https://stalw.art/docs/install/platform/linux/

It's as easy as dropping a few commands to get everything setup. We can use Ubuntu 24.04 LTS for this. 

┌[ forthright@mail ] ~
└➤ curl --proto '=https' --tlsv1.2 -sSf https://get.stalw.art/install.sh -o install.sh

┌[ forthright@mail ] ~
└➤ sudo sh install.sh
⏳ Downloading stalwart for x86_64-unknown-linux-gnu...
stalwart
🖥️  Creating 'stalwart' account...
✅ Configuration file written to /opt/stalwart/etc/config.toml
🔑 Your administrator account is 'admin' with password '[REDACTED]'.
🔐 Setting permissions...
🚀 Starting service...
Created symlink /etc/systemd/system/multi-user.target.wants/stalwart.service → /etc/systemd/system/stalwart.service.
🎉 Installation complete! Continue the setup at http://mail:8080/login

Then you add your domain, go create your Lets Encrypt certificate, and make twenty eight DNS entries.

Don't forget to make the proper modifications to your firewall for your virtual machine so it can receive email.

You may need to reach out to IONOS to have them adjust their firewall to allow you to send email.