30 open-source projects similar to foxcpp/maddy, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Maddy alternative.
Mox is a self-hosted email server that runs as a single compiled Go binary, handling the full lifecycle of sending and receiving email through SMTP, IMAP4rev2, and a built-in webmail application. It is designed to be operated without external dependencies or runtime plugins, with all mail services — including spam filtering, queue management, and web interfaces for administration and account management — contained in one executable. The server distinguishes itself through automated TLS certificate management via ACME, DNS-based autoconfiguration for email clients, and file-based configuration
This project provides a full-stack, containerized mail server platform designed for self-hosting. It functions as a complete mail transfer agent that bundles essential services—including SMTP, IMAP, and POP3—into a unified environment. By leveraging container orchestration, it enables the deployment of private email infrastructure that handles message transport, delivery, and user management within a single, manageable service. The platform distinguishes itself through deep integration with container runtimes and robust configuration flexibility. It supports granular customization via configu
This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider
NeoMutt is a terminal-based electronic mail management system that provides a text-based user interface for reading and composing emails. It functions as a mail manager and client supporting IMAP, POP3, and SMTP protocols, as well as NNTP for newsgroup access. The project distinguishes itself through integrated support for PGP and S/MIME encryption, providing tools for signing and encrypting messages and managing cryptographic keys. It supports modern authentication via OAuth2 and offers specialized MIME-aware reading capabilities for decoding multipart messages and visualizing MIME structure
Stalwart is a self-hosted email and collaboration infrastructure that provides an integrated mail server supporting SMTP, IMAP, POP3, and JMAP protocols. It functions as a comprehensive communication hub, combining email hosting with a collaboration server for shared calendars, contacts, and files. The system distinguishes itself through a distributed architecture that uses peer-to-peer cluster coordination to ensure high availability and fault tolerance. It features a built-in security suite that implements an S/MIME and OpenPGP email gateway alongside automated TLS certificate provisioning
MailKit is a cross-platform .NET email protocol library used to implement IMAP, POP3, and SMTP functionality. It provides specialized client libraries for managing remote mailboxes, retrieving and downloading messages, and composing and transmitting emails to remote servers. The library supports secure identity verification through SASL authentication and OAuth 2.0 token-based flows. It includes capabilities for routing traffic through proxy gateways and decrypting PGP-encrypted content embedded within email bodies. The project covers a broad range of email operations, including folder manag
Boulder is a production-grade implementation of the ACME (Automated Certificate Management Environment) protocol, built around the same infrastructure that powers Let's Encrypt. It functions as a full certificate authority that automates the issuance, renewal, and revocation of TLS certificates, supporting multiple key algorithms including RSA, ECDSA, and experimental post-quantum ML-DSA keys. The project distinguishes itself through its multi-algorithm PKI hierarchy, which builds separate RSA and ECDSA root chains with cross-signing to support dual-algorithm trust paths. It includes a CRL-ba
Certmagic is a Go library for automating the issuance and renewal of TLS certificates. It functions as an automatic HTTPS provisioner and ACME client that handles the full lifecycle of certificates to ensure secure connectivity without manual intervention. The library is distinguished by its support for on-demand TLS provisioning, which generates certificates dynamically during the TLS handshake based on the server name. It also provides automation for wildcard certificates through DNS challenge verification and integrates with the ZeroSSL API for certificate acquisition. The project covers
Mail-in-a-Box is a self-hosted email server appliance that automates the deployment of SMTP, IMAP, and POP3 services on Linux. It functions as a complete suite including a DNS management server, a spam and abuse filter, and a web-based administrative control panel for managing users, aliases, and storage quotas. The project distinguishes itself through a high degree of automation for email security and authenticity. It automatically provisions and maintains SPF, DKIM, DMARC, and DNSSEC records to prevent domain spoofing, while managing the installation and rotation of TLS certificates and enf
Mailcow-dockerized is an open-source email hosting platform that provides a complete, self-hosted infrastructure suite. It bundles message transfer, storage, and security protocols into a modular, containerized environment designed for deployment on private infrastructure. The platform distinguishes itself by integrating a centralized management interface for configuring mail domains and user accounts alongside collaborative tools like shared calendars and contact lists. It includes automated security features such as integrated spam and malware filtering gateways, as well as automated certif
Postal is an open-source mail delivery platform designed for self-hosted sending and receiving of email using standard mail transfer protocols. It serves as a comprehensive email infrastructure that provides full delivery tracking and management of outgoing mail streams. The system includes an SMTP server manager with a web administration interface for configuring server settings and monitoring delivery status. It distinguishes its outbound traffic management through priority-based IP rotation and assignment to help maintain sender reputation. The platform covers incoming email processing an
caddy-docker-proxy is a dynamic HTTP reverse proxy and Docker network ingress controller that automatically generates routing configurations by reading labels from Docker containers. It serves as a service discovery tool that detects container IP addresses in real time to route incoming web traffic to the correct backend targets. The project functions as a distributed proxy orchestrator, capable of pushing generated configurations from a central controller to multiple remote server instances to scale request handling. It automates the issuance and renewal of TLS security certificates for prox
This project is a Kubernetes controller that automates the issuance, renewal, and lifecycle management of TLS certificates. It functions as a native extension to the cluster API, using custom resource definitions and reconciliation loops to maintain the desired state of certificates and trust bundles across distributed services. By integrating directly with the cluster's admission control and secret storage systems, it ensures that cryptographic identities are consistently provisioned and available for application workloads. The project distinguishes itself through its extensive support for a
This project is an email alias management platform and masking proxy designed to protect user privacy. It functions as a gateway that creates unique email addresses to hide a user's primary mailbox, forwarding incoming messages while routing outbound replies through a reverse-proxy to maintain sender anonymity. The system distinguishes itself through advanced domain and privacy controls, including the ability to link personal domains via DNS for branded aliases and catch-all routing. It further secures communications via a PGP encryption gateway that encrypts forwarded email content using pub
This project is a Kubernetes deployment guide and infrastructure provisioner designed for hobbyist and home lab environments. It provides a framework for setting up multi-node clusters across various cloud providers and physical or virtual nodes, acting as a self-hosted cluster orchestrator. The project focuses on security hardening and infrastructure stability through specific implementation guides. This includes a framework for network security that covers host firewalls and encrypted network overlays, as well as detailed instructions for configuring ingress routing to manage external publi
imapsync is an IMAP mailbox synchronization tool and data migration utility designed to copy and synchronize email messages and folder structures between two IMAP servers. It functions as a migration manager for transferring bulk email accounts between different hosting providers, preserving folder hierarchies and message metadata. The tool is distinguished by its ability to automate the transfer of multiple mailboxes sequentially from delimited lists using administrative credentials or user-specific authentication. It supports advanced authentication methods including OAuth2 and XOAUTH2, and
Nodemailer is a comprehensive library for Node.js applications designed to handle the composition, signing, and transmission of email messages. It provides a robust framework for constructing MIME-compliant content, managing complex attachments, and routing messages through various delivery channels, including standard SMTP servers, local mail transfer agents, and cloud-based email services. The library distinguishes itself through a modular, plugin-based transport architecture that allows for custom delivery mechanisms and environment-specific configurations. It includes advanced features fo
BaoTa is a web-based Linux server control panel and system administration dashboard designed for managing hosting environments and system resources. It provides a graphical interface to translate administrative actions into system-level configurations, allowing users to manage Linux servers and web hosting stacks without relying solely on the command line. The platform distinguishes itself through AI-driven server operations, utilizing artificial intelligence for performance analysis and the execution of maintenance tasks via natural language commands. It supports multi-node orchestration, en
Higress is an AI-native and cloud-native API gateway that routes, secures, and optimizes traffic between clients and large language model services. It functions as a centralized entry point for microservices, serving as both a Kubernetes ingress controller and an AI gateway orchestrator. The project distinguishes itself by managing traffic across multiple AI providers using a unified protocol, incorporating token-aware rate limiting and response caching to optimize model inference. It coordinates communication between AI models and external tools to provide real-time context and data, while a
acme-dns is a DNS server and protocol manager designed to proxy TXT records for ACME DNS-01 challenges. It enables the validation of domain ownership for automated certificate issuance without exposing primary DNS zone files or credentials to external clients. The project utilizes CNAME-based delegation to offload verification from a primary zone to a specialized server. It provides a REST API for programmatically updating short-lived validation tokens, which is secured through CIDR-based network restrictions and automated TLS provisioning for the API interface. The system supports stateless
This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It dis
BunkerWeb is a containerized suite of infrastructure tools that functions as a cloud-native web application firewall and Nginx reverse proxy. It provides a security layer for web applications, combining traffic routing with automated SSL certificate management and a web-based security dashboard for monitoring and configuration. The project distinguishes itself through its deep integration with container orchestrators, serving as a Kubernetes ingress controller that automates security settings and service discovery via container labels. It features a plugin-based extension model and a manageme
GAM is a command-line tool for administering Google Workspace and Cloud Identity. It translates command-line arguments into structured API calls, enabling administrators to manage users, groups, organizational units, and domain settings across a Google Workspace environment. The tool handles authentication through OAuth2 flows, service accounts, and workload identity federation, and supports multi-tenant configurations for managing multiple domains or cloud projects from a single installation. GAM distinguishes itself through its batch processing and automation capabilities. It can process la
gomail is a Go SMTP client library used for composing and sending email messages through SMTP servers. It functions as an email message composer and MIME email serializer, converting complex email objects and binary attachments into byte streams according to internet message standards. The library includes an SMTP connection manager that handles server session authentication and transmits multiple messages over a single encrypted connection to reduce network latency. It supports secure email delivery through encrypted data transmission to protect sensitive information during transit. The pro
Mailpile is an encrypted email client and high-volume mail indexer that provides a web-based portal for managing electronic mail. It functions as a private email management system designed to protect user privacy and data control. The project features a search engine optimized for indexing and retrieving large volumes of email on consumer hardware. It includes a Bayesian email filter for automated message classification and tagging. The system supports secure communication through the integration of public-key encryption and signing for sending and receiving messages. Additional capabilities
Cloud-mail is a serverless email backend and routing service built on Cloudflare infrastructure. It provides a cloud-native system for receiving, storing, and processing electronic messages without the requirement for traditional mail server hardware. The platform includes an email data API for querying records and a visual analytics dashboard for tracking mail volume and system performance. It features automated processing capabilities to extract verification codes from message bodies and manages an email archive using persistent object storage for attachments and history. The system handle
Caddy is an extensible, modular web server platform designed for high-performance traffic management and automated security. At its core, it functions as a dynamic HTTP gateway that handles request routing, static asset delivery, and reverse proxying through a chain of configurable handler modules. The system is built on a modular architecture that allows developers to extend server functionality by registering custom components, all managed through a unified lifecycle and provisioning framework. What distinguishes Caddy is its focus on automated infrastructure and zero-downtime operations. I
This project is a command-line tool that automates the entire lifecycle of security certificates using standard domain validation protocols. It functions as a background service to manage the issuance, renewal, and installation of certificates, ensuring that encrypted web traffic remains active without requiring manual intervention. The tool distinguishes itself through extensive support for automated domain ownership verification, including the ability to issue wildcard certificates by programmatically interacting with external domain name system providers. It provides flexible validation op
BillionMail is a self-hosted email infrastructure and marketing platform designed to provide full control over mail delivery, domain management, and subscriber communication. It functions as a comprehensive mail server manager that enables users to deploy and maintain private email environments, including integrated webmail interfaces for direct account access. The platform distinguishes itself by combining high-volume bulk email distribution with sophisticated deliverability tools. It supports multi-tenant infrastructure provisioning, allowing administrators to manage multiple domains and ma