5 releases (3 stable)
|1.1.0||Feb 6, 2021|
|1.0.1||Aug 24, 2020|
|1.0.1-snapshot||Aug 13, 2020|
#10 in Email
You can run your own privacy focussed, resource efficient mail server. Samotop docker image is available for your convenience.
- Tiny docker image - only contains statically compiled samotop and openssl, no OS clutter.
- The server will receive mail and write it to a given maildir folder. Another program can pick the folder and process it further.
- STARTTLS can be configured if you provide a cert and identity file.
- Encryption at rest
- Mail relaying
- Antispam features:
- SPF - refuse mail with failing SPF check
- Using cargo:
cargo install samotop-server
- Using docker:
docker pull brightopen/samotop
- locally, run
samotop-server --helpfor command-line reference.
- in docker, run
docker run --rm -ti samotop
Both should produce a usage information not too different from this:
samotop 1.0.1 USAGE: samotop-server [FLAGS] [OPTIONS] --cert-file <cert file path> --identity-file <identity file path> FLAGS: -h, --help Prints help information --no-tls Disable TLS suport -V, --version Prints version information OPTIONS: -n, --name <SMTP service name> Use the given name in SMTP greetings, or if absent, use hostname -b, --base-dir <base dir path> What is the base dir for other relative paths? [default: .] -c, --cert-file <cert file path> Use this cert file for TLS. If a relative path is given, it will be relative to base-dir -i, --identity-file <identity file path> Use this identity file for TLS. If a relative path is given, it will be relative to base-dir -m, --mail-dir <mail dir path> Where to store incoming mail? If a relative path is given, it will be relative to base-dir [default: inmail] -p, --port <port>... SMTP server address:port, such as 127.0.0.1:25 or localhost:12345. The option can be set multiple times and the server will start on all given ports. If no ports are given, the default is to start on localhost:25
You can run these openssl commands in docker as well. This will run an openssl with the current folder mounted under /data and that is also the work dir:
docker run --rm -ti -v "$PWD:/data/" -w "/data/" --entrypoint openssl samotop help
Generate a cert and ID with openssl:
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out Samotop.crt -keyout Samotop.key
openssl s_client -connect localhost:25 -starttls smtp
Debug with STARTTLS:
openssl s_client -connect localhost:25 -debug -starttls smtp
For native-tls, you'd convert to pfx:
openssl pkcs12 -export -out Samotop.pfx -inkey Samotop.key -in Samotop.crt
Extracting pub key from cert:
openssl x509 -pubkey -noout -in Samotop.crt > Samotop.pem
MIT OR Apache-2.0
Unless you explicitly state otherwise, any contribution submitted for inclusion in samotop projects by you, as defined in the Apache-2.0 license, shall be licensed as above, without any additional terms or conditions.