HTTP settings | Stalwart Labs

📄️ Overview

Stalwart includes an HTTP service that is enabled by default, serving multiple critical functions. The HTTP service supports several key features, such as JMAP access, WebDAV access, API management, ACME certificate issuance, autoconfig/autodiscover protocols, well-known resources, metrics collection, and OAuth authentication. These functionalities enhance user convenience, improve performance, and provide robust monitoring and security capabilities.

📄️ Settings

Stalwart includes a built-in HTTP server, which primarily serves two functions: handling JMAP, WebDAV requests and processing requests to the REST management API. The following settings can be configured to customize the behavior of the HTTP server.

🗃️ JMAP

4 items

🗃️ WebDAV

2 items

📄️ Access Control

Stalwart provides a flexible access control mechanism that allows administrators to define custom rules for controlling access to the HTTP server. By setting access control rules based on various criteria such as IP address, resource, method name, and more, administrators can ensure secure and tailored access to the server's HTTP services. This flexibility enables the server to be effectively managed and integrated with other systems, meeting diverse operational needs.

📄️ Security

Stalwart provides several security settings that can help enhance the security of the HTTP server. These settings include HTTP Strict Transport Security (HSTS) and CORS policies. By configuring these settings, administrators can enforce secure communication practices and control cross-origin requests to the server.

📄️ Rate limiting

Rate limiting is a strategy to limit network traffic. As the name suggests, it puts a limit on how often someone can repeat an action (such as trying to log into an account) within a given time period.

📄️ Form Handling

Stalwart offers a Form Submissions feature, which allows you to receive form submissions via HTTP and automatically turn them into email messages. This feature is particularly useful for web forms, such as contact forms or feedback forms, where submissions need to be forwarded to a designated group of local recipients on the mail server. The form data is sent via a POST request to the /form endpoint, and the server processes this data, converting it into an email message.