Deep dive into scorpiox-email — a complete email stack written in pure C. Full SMTP MTA, IMAP4rev1 server, TLS everywhere, DKIM signing, mail queuing, and a lightweight CLI client. Zero external dependencies.
scorpiox-email is two components in one codebase: a full-featured mail server (scorpiox-server-email) and a lightweight SMTP client (scorpiox-email). The server handles inbound/outbound mail with SMTP MTA on port 25, submission on port 587, and IMAP4rev1 on port 993. The client sends emails via any SMTP relay using libcurl. Both are compiled as static binaries — no runtime dependencies, no OpenSSL.
Full SMTP MTA + IMAP4rev1. Handles inbound delivery, outbound relay, and mailbox access — all in one binary.
Lightweight CLI email sender via libcurl. STARTTLS, SSL, plaintext. Queue, flush, HTML body support.
STARTTLS for SMTP, TLS-from-connect for IMAP. All crypto via mbedTLS — no OpenSSL, no GnuTLS.
Outbound messages are DKIM-signed automatically. Helps deliverability and prevents spoofing.
| Port | Protocol | Component | Security | Description |
|---|---|---|---|---|
| 25 | SMTP | scorpiox-server-email | STARTTLS (optional) | Inbound MTA — receives mail from other servers |
| 587 | SMTP Submission | scorpiox-server-email | STARTTLS (required) | Authenticated sending — used by mail clients and scorpiox-email CLI |
| 993 | IMAPS | scorpiox-server-email | TLS from connect | Mailbox access — IMAP4rev1 over implicit TLS |
| 587 | SMTP | scorpiox-email (client) | STARTTLS / SSL / Plain | Outbound via any relay — libcurl backend |
Source: scorpiox/scorpiox-server-email.c
Source: scorpiox/scorpiox-email.c
--body-file)All server settings are configured via environment variables in your scorpiox-env.txt file.
# ── scorpiox-server-email configuration ── EMAIL_SMTP_PORT=25 # MTA listening port EMAIL_SUBMISSION_PORT=587 # Submission (STARTTLS) EMAIL_IMAP_PORT=993 # IMAPS (TLS from connect) EMAIL_DOMAIN=mail.example.com EMAIL_MAILDIR=/var/mail # Maildir storage root EMAIL_TLS_CERT=/etc/ssl/mail.crt EMAIL_TLS_KEY=/etc/ssl/mail.key EMAIL_ACCOUNTS_FILE=/etc/scorpiox/email-accounts.conf
# ── scorpiox-email client configuration ── SMTP_HOST=smtp.example.com # Relay server SMTP_PORT=587 # Submission port SMTP_USER=user@example.com SMTP_PASS=your-app-password SMTP_FROM=noreply@example.com SMTP_TLS=starttls # starttls | ssl | none
sx email --to admin@example.com --subject "Deploy complete" --body "Build #1234 deployed to production."
sx email --to team@example.com --subject "Weekly Report" --body-file ./report.html --html
# Queue multiple emails sx email --to alice@corp.com --subject "Alert" --body "Server down" --queue sx email --to bob@corp.com --subject "Alert" --body "Server down" --queue # List queued emails sx email --list # Flush queue (send all) sx email --flush # Clear queue without sending sx email --clear
sx email --test # Sends a test message to SMTP_FROM to verify settings
# Start the mail server in daemon mode sx server-email --daemon # Manage accounts sx server-email --add-account admin@mail.example.com sx server-email --list-accounts sx server-email --remove-account old@mail.example.com # Start in TUI mode (interactive) sx server-email --tui
All TLS operations use mbedTLS — embedded, audited, no OpenSSL dependency. STARTTLS for SMTP submission, implicit TLS for IMAP.
Every outbound message is DKIM-signed. Publish your DKIM public key in DNS TXT records for recipient verification.
Authenticated submission on port 587. Credentials checked against the accounts file. Always behind TLS.
One file per message in Maildir format. No shared mbox locks. Clean, filesystem-level isolation per account.
For production deployment, configure SPF, DKIM, and DMARC DNS records. Example:
TXT "v=spf1 a mx ~all"
TXT "v=DMARC1; p=quarantine; rua=mailto:dmarc@example.com"