D
DramWell Docs
Knowledge Base/mail/overview
Mail Server

Mail Server Overview

How DramWell's self-hosted Stalwart mail server is deployed, what protocols it handles, and how to access the admin interface.

intermediate7 min read

Overview

DramWell runs a self-hosted mail server for all platform email — transactional messages, team inboxes, and system notifications. The server runs Stalwart v0.15, a modern open-source mail server with native JMAP support, deployed as a Docker container on a dedicated VPS with an nginx reverse proxy handling HTTPS termination.

Self-hosting gives DramWell complete control over deliverability reputation, data residency, and configuration — at the cost of requiring operational ownership of the server.

Architecture

Component Details
Mail Server Stalwart v0.15 running in Docker
Host VPS at 187.77.223.121
Domain mail.dramwell.ai
Reverse Proxy nginx (handles HTTPS/443 with LetsEncrypt TLS)
SMTP Direct port binding — port 25 (inbound relay) and 587 (submission)
IMAPS Direct port binding — port 993 (IMAP over TLS with ACME-managed cert)
JMAP HTTPS via nginx reverse proxy — api.mail.dramwell.ai

Why Two TLS Strategies

nginx handles TLS for HTTPS (443) and obtains its certificate from LetsEncrypt via certbot. Stalwart manages its own ACME certificates for SMTP (587) and IMAPS (993) because those protocols require direct port binding and cannot be proxied through nginx without protocol-layer changes. Both certificate stores are renewed automatically.

JMAP Protocol

Stalwart's primary API protocol is JMAP (JSON Meta Application Protocol), a modern replacement for IMAP that operates over HTTPS. DramWell uses JMAP for all programmatic mail operations — creating accounts, sending mail, managing folders, and querying message metadata. The JMAP discovery endpoint is https://mail.dramwell.ai/.well-known/jmap.

Accessing the Admin Panel

The Stalwart web admin panel is available at https://mail.dramwell.ai/admin. Access requires the Stalwart superuser account credentials, which are stored in Supabase Vault under the key stalwart_admin_credentials. Never use the superuser account for day-to-day operations — it has unrestricted access to all server configuration.

The admin panel provides:

  • Principal management (accounts, domains, distribution lists)
  • Server configuration (SMTP, IMAP, JMAP settings)
  • Security settings (blocked IPs, auto-ban thresholds, TLS configuration)
  • Queue management (message queues, delivery retries)
  • Reporting (delivery reports, spam reports, authentication failures)

API Access

All programmatic administration is performed via Stalwart's REST API at https://mail.dramwell.ai/api/. Authentication uses HTTP Basic auth with the admin credentials. Bearer tokens are not supported.

Key API endpoints:

  • GET /api/principal — List all principals (accounts, domains, groups)
  • POST /api/principal — Create a new principal
  • GET /api/principal/{name} — Get a specific principal's details
  • PATCH /api/principal/{name} — Update a principal using the array patch format
  • DELETE /api/principal/{name} — Delete a principal

The PATCH format for all updates is an array of operations:

[{"action": "set", "field": "fieldName", "value": "newValue"}]

Related Articles

Was this article helpful?