Sovereign mail infrastructure

Your email, your server, your jurisdiction.

OxiMail is a complete email and collaboration server that runs on your infrastructure. Email, calendar, contacts, tasks, files, chat, video calls — from a single 25 MB binary with no external dependencies. Built in Rust, open source, encrypted at rest.

For every European organisation that can no longer delegate its communications to a US-jurisdiction provider. nFADP, RGPD, NIS2 create the obligation. OxiMail provides the infrastructure.

Request early access View pricing

Architecture

One protocol to replace them all.

The legacy mail stack is a patchwork: IMAP for email, CalDAV for calendars, CardDAV for contacts, SMTP for sending, each with its own authentication, state model, and failure modes. JMAP (RFC 8620) replaces all of them with a single, modern, stateful protocol over HTTP — designed for real-time sync, batch operations, and push notifications from the ground up.

OxiMail is built natively on JMAP. Every object — emails, calendar events, contacts, tasks, files, chat messages — lives in one protocol, one data model, one API. The legacy protocols (IMAP, CalDAV, CardDAV) exist as optional translation layers for backward compatibility with Thunderbird, Apple Mail, and Outlook. They can be disabled with a single parameter.

Four IETF Internet-Drafts are in progress to extend JMAP to tasks, chat, files, and server federation. OxiMail is the reference implementation.

JMAP native

Primary protocol

Email (RFC 8621), Calendars (draft-ietf-calext-jmap-calendars), Contacts (RFC 9610), Tasks, Files, Chat, Sharing (RFC 9670), Sieve (RFC 9661). Real-time push via EventSource and WebSocket. One authenticated session, all data types.

Legacy compatible

Translation layers

IMAP4rev2 (RFC 9051), CalDAV (RFC 4791), CardDAV (RFC 6352). Feature-gated behind --features legacy. Exist for client compatibility, not by design. Disableable in one line of configuration.

Capabilities

One binary. Everything included.

Where others assemble seven services, OxiMail is a single process. 25 MB, zero external dependencies. Download, configure, run.

Email

JMAP Mail · RFC 8621

Full SMTP inbound/outbound, DKIM/SPF/DMARC, spam pipeline with AI scoring, Sieve filtering, encryption at rest per account.

Calendar

JMAP Calendars · CalDAV

Scheduling, recurrence, time zones, iTIP interoperability. Syncs with Thunderbird, Apple Calendar, eM Client.

Contacts

JMAP Contacts · RFC 9610 · CardDAV

Address books with sharing, vCard import/export. Native sync with all major clients.

Tasks

JMAP Tasks · IETF draft

Task lists, priorities, due dates, completion tracking. JMAP-native, no separate service.

Files

JMAP FileNode · IETF draft

File storage with folder hierarchy, sharing, versioning. JMAP-native, accessible from any client. Desktop sync available with OxiMail Sync (Pro).

Chat

JMAP Chat · IETF draft

Real-time messaging over WebSocket. Channels, threads, reactions, read receipts. No Slack, no Teams dependency.

Video calls

WebRTC · SFU

P2P calls (1–3 participants) in Community. Native SFU for larger meetings in Pro. No external video service required.

Spam filtering

6-stage pipeline (Community) · DistilBERT (Pro)

Community: headers, DMARC, DNSBL, reputation, Bayesian, heuristics — eliminates 85% of spam. Pro adds a local DistilBERT ONNX model for the remaining grey zone. All processing on your server — no email transits to an external API.

Encryption

AES-256 · X25519 per account

Three-level encryption at rest: SQLCipher for metadata, X25519+XSalsa20 per account for blobs, AES-256-GCM for outbound. Keys stay on your server.

Efficiency

4× less infrastructure, personnel, and energy.

A typical Open-Xchange deployment for 10,000 mailboxes stacks seven separate services: Dovecot (IMAP), Postfix (SMTP), OX App Suite (Java/Tomcat), MySQL, SpamAssassin, Nginx, and Solr — consuming 10–18 GB RAM and 12–16 vCPU. Each service has its own configuration, its own failure modes, its own security surface, and requires dedicated expertise to maintain.

OxiMail replaces the entire stack with a single Rust binary at 2–4 GB RAM and 4 vCPU. The reduction is threefold:

Infrastructure

One process replaces seven services. At the scale of a hosting provider with one million mailboxes, this eliminates approximately 400 physical servers — a 75% reduction in hardware.

Personnel

One system to configure, monitor, and update — not seven with separate release cycles, separate logs, separate failure modes. One administrator replaces a team.

Energy

4× less RAM and CPU means 4× less electricity, 4× less cooling. The EU Energy Efficiency Directive (2023/1791) makes energy consumption a public procurement criterion. OxiMail turns ESG compliance into a competitive advantage.

25 MB

Single binary

2–4 GB

RAM / 10K mailboxes

4–5×

Total cost reduction

~400

Servers eliminated / 1M mailboxes

Comparison

What matters when you switch.

The questions your DPO, your board, and your finance department are actually asking.

For enterprises and institutions

Your question	OxiMail	Microsoft 365	Google Workspace
Where are my data?	On your server, in your country	Microsoft datacentres (US CLOUD Act)	Google datacentres (US CLOUD Act)
Who controls the encryption keys?	You — per-account keys, on your machine	Microsoft	Google
Can I leave freely?	Open standards, native export, open source	Proprietary formats, high migration cost	Closed ecosystem, high switching cost
Email + Calendar + Contacts + Files + Chat + Video?	All included, one service	All included	All included
Works with Outlook, Thunderbird, Apple Mail?	Yes — IMAP, CalDAV, CardDAV	Outlook native, others limited	Gmail native, others limited
If the provider disappears?	Source code is open (AGPL), you continue	Service interrupted	Service interrupted
Licence cost / user / month	CHF 12–19 (SaaS) or CHF 1 (self-hosted)	CHF 11–55 depending on plan	CHF 6–18 depending on plan
Annual licence cost for 200 users	CHF 2,400 (self-hosted)	CHF 26,400 – 132,000	CHF 14,400 – 43,200
Admin personnel required	1 administrator	Managed by Microsoft	Managed by Google
Energy consumption (server-side)	2–4 GB RAM, 4 vCPU per 10K users	Unknown — Microsoft-operated	Unknown — Google-operated
nFADP / RGPD / NIS2 compliant by design?	Yes — Swiss jurisdiction, self-hosted, auditable	Requires DPA + SCCs + risk assessment	Requires DPA + SCCs + risk assessment

For hosting providers

If you run Open-Xchange today, this is what changes.

Operations metric	OxiMail Pro	Open-Xchange
Stack composition	1 binary (Rust, 25 MB)	7 services (Dovecot + Postfix + OX App Suite + MySQL + SpamAssassin + Nginx + Solr)
RAM per 10,000 mailboxes	2–4 GB	10–18 GB
vCPU per 10,000 mailboxes	4 vCPU	12–16 vCPU
Physical servers for 1M mailboxes	~100 servers	~500 servers
Servers eliminated at 1M scale	~400 fewer servers	—
Operations personnel	1 system per deployment — single config, single log, single update cycle	7 systems — 7 configs, 7 release cycles, 7 failure modes
Energy reduction	75% less electricity and cooling (4× hardware reduction)	Baseline
EU Energy Efficiency Directive (2023/1791)	Compliant — demonstrable 4× reduction	Legacy stack, no reduction path
Licence cost per mailbox	CHF 0.25–0.80 / mailbox / month	OX proprietary licensing
Licence model	AGPL-3.0 dual-licence — open core, commercial embedding	Fully proprietary
Jurisdiction	Switzerland (Activate sàrl, Geneva)	US investors

Pricing

Community and Pro.

Community is a complete server — not a demo, not a crippled version. It runs on SQLite, handles up to 2,000 accounts, and includes every collaboration feature. Pro adds the infrastructure components needed beyond that threshold: PostgreSQL, S3, Elasticsearch, clustering, LDAP, and vertical modules. The physics decide the boundary, not a paywall.

Community

Complete server. Free forever.

CHF 0

AGPL-3.0-or-later · 20 crates

100 JMAP methods — email, calendar, contacts, tasks, files, chat
SMTP inbound/outbound with DKIM, SPF, DMARC
IMAP, CalDAV, CardDAV legacy compatibility
Spam pipeline (6 stages) + Sieve filtering
Encryption at rest (three-level)
P2P video calls (1–3 participants)
Passkey authentication (WebAuthn)
Migration tool (Stalwart → OxiMail, live JMAP import)
Up to 2,000 accounts on SQLite

Pro

Scale beyond 2,000. Enterprise modules.

CHF 1.00

per account / month · enterprise licence

Everything in Community
PostgreSQL + S3 + Elasticsearch backends
Multi-instance clustering (Redis, leader election)
LDAP / Active Directory / SWITCHaai integration
SFU video (4+ participants, recording, simulcast)
DistilBERT AI spam model (local ONNX)
Mailing lists, legal retention, audit log
VoIP, WhatsApp Business, SMS, fax integration
AI assistant with tenant isolation
OxiMail Workspace — JMAP web client (93K LOC)
OxiMail Sync — desktop file sync (5 MB, cross-platform)
Federation at scale (connection pool, monitoring, GDPR)

Managed SaaS: CHF 12–19 / user / month

Platform licensing (hosting providers): CHF 0.25–0.80 / mailbox / month

Scaling thresholds

Accounts	Edition	Stack
Up to 2,000	Community	Single binary + SQLite + filesystem
2,000 – 10,000	Pro	+ PostgreSQL + S3
10,000 – 100,000	Pro	+ Multi-instance + Redis + replication
> 100,000	Pro	+ Horizontal scaling + Citus sharding

Under the hood

Built for correctness, not speed of development.

997 tests. 30 architectural decision records. Every error typed, logged, and surfaced — never swallowed silently. Multi-tenant isolation enforced at the query level: tenant_id mandatory on every database query, verified by automated static analysis.

Clients (Workspace, Thunderbird, Apple Mail, eM Client, mobile) │ ┌───▼──────────────────────────────────────────────┐ │ JMAP HTTP/WS (axum) │ SMTP (tokio) │ IMAP │ │ :443 (TLS) :80 (ACME) │ :25 :587 │ :993 │ └───┬──────────────────────┴──────────────┴────────┘ │ ┌───▼────────────── JMAP DISPATCHER ─────────────────┐ │ batching · back-references · capabilities │ └───┬──────────────────────────────────────────────┘ │ ┌───▼───┬───────┬────────┬──────┬──────┬───────────┐ │ Mail │ Cal │Contact│ Task │ File │ Chat/Meet │ └───┬───┴───┬───┴────┬───┴──┬───┴──┬───┴───────┬───┘ └───────┴────────┴──────┴──────┴───────────┘ ▼ EventBus (tokio broadcast) ┌─────────────────────────────────────────────────┐ │ Store (SQLite) │ BlobStore (FS) │ Search (Tantivy) │ │ tenant_id mandatory on ALL queries (ADR-015) │ └─────────────────────────────────────────────────┘

Rust · SQLite · filesystem · Tantivy full-text search · zero external dependencies · AGPL-3.0-or-later

Early access

Join the early-access programme.

OxiMail is targeting a public release in Q2 2026. Early-access participants get priority onboarding, direct access to the engineering team, and influence over the feature roadmap. We are accepting a limited number of organisations in each sector.

Contact

Get in touch.

Questions about pricing, deployment, partnerships, or press enquiries — use the form below and we will respond within one business day.