An Open Source Alternative to Mailstore for Unix

Recently I used Mailstore in a Windows environment and liked the idea of a fast, graphical frontend for searching a-lot-of e-mails and its archiving cababilities. Mailstore is free for private use, but closed-source and not available for Linux or Unix.

As I use offlineimap and the mail system notmuch on my homeserver for archiving e-mails, I came up with this setup, adding netviel behind a reverse proxy to the stack on FreeBSD:

IMAP -- offlineimap -- notmuch -- netviel -- ReverseProxy

OfflineIMAP

OfflineIMAP is a python application to save your IMAP mailboxes locally in the Maildir format.

Install it via a packet manager or from github. I used FreeBSD’s pkg

sudo pkg install offlineimap

After that you need to configure it in ~/.offlineimaprc, mine looks like this:

[general]
accounts = justaname

[Account justaname]
localrepository = Local
remoterepository = Remote

[Repository Local]
type = Maildir
localfolders = ~/mailstorage/Maildir

[Repository Remote]
type = IMAP
remotehost = mail.server.com
starttls = yes
ssl = no
remoteport = 143
cert_fingerprint = a9cacabb927464hhhcaaacc9f59c37ae665c34hab4ba19283d4fbd47
remoteuser = userloginname
remotepass = 1ns4Ne5ecuRePa55!wort!!elf!1

Create the mailstorage directory and execute offlineimap:

mkdir mailstorage && offlineimap

This will take some time. If you have a firewall / packet filter on your mail server, it may block you due to some rate limits. It might be a good idea to whitelist your IP for the first run.

After the inital run you should create a cronjob to sync new e-mails regularly, e.g.

*/10 * * * * /usr/local/bin/offlineimap -c /home/USER/.offlineimaprc

If all e-mails are locally saved, let notmuch do its work.

Notmuch

The FreeBSD port describes notmuch very accurately for what it is:

“Notmuch is a system for indexing, searching, reading, and tagging large collections of email messages in maildir or mh format. It uses the Xapian library to provide fast, full-text search with a convenient search syntax.”

Again, install notmuch via your package manager, from their git repo or a source release

pkg install notmuch

After that run notmuch, this starts an interactive wizard that creates a config file in your home directory, ~/.notmuch-config.

Now you are ready to index not much mail!

notmuch new

For a more detailed getting started page, click here. When the initial indexing is done, you can search your e-mails using notmuch search TERM and read them with notmuch show MAILID. The interface has a lot of search terms, checkout notmuch.readthedocs.io Now is the moment to update your crontab and add an entry for notmuch new.

netviel

“net viel (Swabian for “not much”) allows searching through an e-mail archive indexed with notmuch from a browser.”

Well, that’s it. Installation is done via pip

python3 -m pip install netviel --user

and can be started with

python3 -m netviel

The search interface is accessible on http://127.0.0.1:5000

And yes, you are right, this could be dangerous if you bind it to 0.0.0.0 or something else than localhost.

The author highlights it in the README:

“net viel is meant for local use only. Do not expose this to the Internet as-is. Bad things will happen!"

But I want to have it accessible from all my computers internally. So I put it behind nginx as a reverse proxy, terminating TLS and restricted access to the location with BasicAuth and a simple IP filter:

server {
        listen 5001 ssl http2;
        server_name notmuchhost.local.lol;

        allow 10.0.10.0/24;
        deny all;

        add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
        add_header Referrer-Policy "no-referrer" always;
        add_header X-XSS-Protection "1; mode=block" always;

        ssl_certificate /usr/local/etc/ssl/notmuch.local.lol.crt;
        ssl_certificate_key /usr/local/etc/ssl/notmuch.local.lol.pem;

        location / {
                auth_basic "net viel";
                auth_basic_user_file /usr/local/etc/somewhere/htpasswd;
                proxy_pass http://127.0.0.1:5000;
        }
}

All e-mails and the notmuch database are stored on a ZFS Raid-Z, so deduplication is (more or less) a no-brainer, ZFS’s snapshots help to prevent dataloss by deletion and its check summing bit rot.

If you have questions or remarks, send me an e-mail :)

Happy mailing!