Wildduck stack
This application is managed by ArgoCD
The mail stack consists of several moving parts:
- Haraka with several plugins
- Wildduck plugin to handle incoming mail on port 25 of mail.k-space.ee
- Fight spam with Rspamd
- Fight viruses with ClamAV
 
- Wildduck
- Provide API for interfacing with other systems such as Wildduck webmail, Wildflock e-mail alias generator and Wildduck Kubernetes operator which deals with account provisioning
- Provide IMAP endpoint for accessing mailbox with traditional MUA (mail user agents): Android, iPhone, Thunderbird, Evolution etc
 
- ZoneMTA for handling outbound mail
- Including mail submission from MUA with the help of Wildduck plugin
 
Outside Kubernetes there is NAT rule on the Mikrotik router which rewrites source IP of any TCP port 25 headed traffic to originate from the IP address of the mail exchange.
TODO: Figure out how to automate DH parameters generation:
openssl dhparam -out dhparams.pem 2048
kubectl create secret generic -n wildduck dhparams --from-file=dhparams.pem