Drop-in SMTP gateway that intercepts spam, viruses, and phishing before they reach your inbox. Cascaded ML classifiers, local LLM analysis, ClamAV scanning, and operator feedback loops — fully self-hosted.
RBL/DNSBL, reverse DNS, FCrDNS, HELO validation, SPF, sender reputation, pre-banner detection, greet delay, and rate limiting — all before accepting DATA.
Injection detection, routing-loop detection, RFC 5322 compliance, subject anomaly scoring, and homoglyph/IDN punycode detection on From addresses.
Content-hash blocklist, fuzzy SimHash matching, inline FastText classifier, SURBL/URIBL URL reputation, threat-intel feed lookup, and file-type magic-byte verification — all sub-millisecond.
Cryptographic verification of DKIM signatures, DMARC alignment evaluation, and optional ARC sealing for downstream trust. Runs only after cheap gates pass.
ClamAV scans HTML bodies and attachments via INSTREAM TCP. Infected emails are quarantined immediately with the virus name recorded.
Image attachments are sent to a Tesseract sidecar. Extracted text is fed into classification, catching image-based spam that evades text classifiers.
FastText (<5ms) → Bayesian → transformer. Confident verdicts skip the LLM entirely. Only borderline cases escalate to full AI analysis.
Ollama (local) or Claude (Anthropic API). Produces a spam score, category, confidence, reasoning, and URL risk analysis with full authentication context.
Quarantine releases and spam marks train the classifier. LLM auto-labels bridge knowledge to the fast stages. Clean mail is relayed with RFC 5321 retry.
Built on tokio for async I/O. Idles at ~5 MB RSS, handles thousands of concurrent connections. Full ESMTP-aware sender parsing with per-command timeouts.
Rust + TokioSwitch between Ollama (local, free) and Claude (Anthropic API) from the dashboard — no restart. Supports llama3, qwen2.5, phi4, mistral, and all Claude models.
AI-PoweredFastText (<5ms) → Bayesian (sub-ms) → transformer → LLM. Most emails are decided by fast stages, saving LLM costs and latency. Learns from operator feedback.
Self-LearningHTML bodies and attachments scanned via INSTREAM TCP protocol. Virus name recorded, infected emails quarantined. Signature version shown in the dashboard health panel.
SecurityTesseract sidecar extracts text from image attachments (PNG, JPEG, GIF, TIFF, BMP, WEBP) — including images inside ZIP archives — before classification.
Full SPF, DKIM verification, DMARC alignment evaluation, and optional ARC sealing (RFC 8617). Three-mode enforcement (off/tag/reject) for safe rollout.
RFC CompliantThree automatic detectors: same-domain spoofing, display-name-as-email attacks, and internal-sender collision with Cyrillic homoglyph folding. No manual VIP lists needed.
Zero-ConfigPer-IP and per-domain scores (0.0–1.0) computed hourly from spam/ham/reject/virus ratios. Five tiers drive configurable penalties and bonuses. Phishing guard suppresses bad bonuses.
Strips active content from PDF, OOXML, and legacy OLE attachments — macros, JavaScript, launch actions, embedded files. Fail-open on parse errors. DKIM structure preserved.
NewPeriodic ingestion of URLhaus, Feodo Tracker, and ThreatFox feeds. Sender IPs, URL domains, and attachment hashes checked in-line during both SMTP and analysis phases.
General and domain admin roles, per-tenant policy overlays, three-tier allow/block lists (global/domain/mailbox), mailbox user self-service, and scoped audit logs.
Self-service portal with HMAC-signed links. Periodic digest emails with one-click release. Virus block, high-score confirmation, and per-recipient preferences.
tokio async runtime, ~5 MB idle
Analysis, relay, scheduler
FastAPI + uvicorn, 2 workers
React 18 + TypeScript + Vite
Emails, settings, audit
Task queue, cache, rate limits
Local or cloud LLM inference
Antivirus daemon
Image text extraction sidecar
FastText + Bayesian + transformer
If any component is unavailable — Ollama, ClamAV, classifier, OCR — email is delivered rather than dropped. Availability is never sacrificed for filtering.
All runtime settings live in the database. Change the spam threshold, switch LLM models, toggle SMTP checks, or update rate limits from the dashboard. Changes propagate in 60 seconds.
Your emails never leave your infrastructure. Local LLM via Ollama, local antivirus, local ML classifiers. Cloud API is optional — not required.
# 1. Clone the repository git clone https://github.com/ahmetbuba/postarmor.git cd postarmor # 2. Configure your environment make setup # copies .env.example to .env $EDITOR .env # set DB_PASSWORD, BACKEND_SMTP_HOST, admin credentials # 3. Start all services make up # build + start (~5 min first run, migrations auto-run) make pull-model # downloads llama3.2:3b (~2 GB, one-time) # 4. Open the dashboard open http://localhost # Login with ADMIN_USERNAME / ADMIN_INITIAL_PASSWORD from .env
Point your MX records at port 25. Set BACKEND_SMTP_HOST to your real mail server, or configure per-domain routing from the dashboard.
No SaaS subscriptions. No data leaving your server. Open source, MIT licensed, and ready to deploy.