top | item 45685822

(no title)

audelair | 4 months ago

The documentation needs a lot of work, especially since a lot of it is outdated. But in short, if you setup a reverse proxy, the listeners in Stalwart will listen to anything forwarded to it, so you'll generally want to refer to the HTTP endpoints to map it to the right subdomain. https://stalw.art/docs/http/overview

For instance, you can simply point something like mailadmin.domain.com to Stalwart on port 8080 and it'll just work. In this case, whatever your mail server's host name (i.e. mail.domain.com or whatever) wouldn't really matter.

But then your reverse proxy can handle the other endpoints like /dav/, /.well-known/ on a different subdomain. And mta_sts.domain.com directly handling /.well-known/mta-sts.txt for instance.

For my stack, outside of Caddy's https handling, I kept things simple and exposed 25, 465, 587, 993, and 4190 (smtp, smtps, imaps, and ManageSieve) TCP services binded directly to the host.

Using Caddy's certificates is also documented at the end here: https://stalw.art/docs/server/reverse-proxy/caddy

But it leaves it to you to map things. For instance, if both Caddy and Stalwart are containerized, it's easy to get mixed up on where the bind-mounted or named volumes (depending on how you set it up) will end up placing them. But it does work... just so flexible that it's out-of-scope for Stalwart to document everything.

discuss

No comments yet.