Mailpile v1 is effectively legacy while the Python 3 rewrite is ongoing. Security strategy should prioritize limited exposure, encrypted storage, and minimizing trust in unattended internet-facing deployment.
- Restrict deployment to localhost, VPN, or reverse-proxy allow-list.
- Do not expose admin/web UI directly to the public internet.
- Track project status and migration plans to actively maintained mail clients.
- Freeze plugin/extensions to audited set only.
¶ 2) Protect key and profile material
- Keep Mailpile profile data and key material on encrypted disks.
- Restrict filesystem permissions for config and mail index directories.
- Protect backups with encryption and separate key storage.
- Rotate account credentials and app passwords used by Mailpile.
¶ 3) Secure transport and account integration
- Enforce IMAPS/SMTPS/Submission TLS for all accounts.
- Validate server certificates; do not allow insecure TLS fallback.
- Disable unused account connectors and legacy protocols.
- Monitor failed login/auth events on mail backends.
- Keep host OS patched aggressively.
- Add reverse-proxy rate limits and authentication controls if remotely accessed.
- Monitor for abnormal indexing spikes and unknown session sources.
- Document recovery process for encrypted profile + keys.
¶ Verification commands
grep -R "imap\|smtp\|tls\|host" ~/.mailpile 2>/dev/null | head
ls -ld ~/.mailpile ~/.gnupg
sudo ss -tulpn | grep -E ':33411|:443|:80'
- Mailpile repository (status note in README): https://github.com/mailpile/Mailpile
- Mailpile project site: https://www.mailpile.is/
- Mailpile organization: https://github.com/mailpile