Hi, so whenever we restart he stalwart service, a certain port keeps changing. I’m not sure what that port is responsible for, it isn’t one of the standard email ports. My latest restart it was set to port 34773. So my questions are:
Thank you,
Hello,
It happens to me too when Stalwart is not root or does not have CAP-NET privileges to bind below 1024. In this case error is logged and a random port is provided. However this port is not indicated in the logs you would need an external tool like ss to check.
Quick correction to the thread: Stalwart doesn’t fall back to a random port. It binds exactly the addresses you configure and aborts on a bind failure; setup and recovery use a fixed 8080. A changing high port each restart is almost certainly an OS/Docker ephemeral source port or a leftover/custom listener rather than the server choosing one. ss -ltnp will show which process actually owns it.
If the underlying goal is binding privileged ports (<1024) as non-root, run with CAP_NET_BIND_SERVICE (systemd AmbientCapabilities=CAP_NET_BIND_SERVICE), or use RUN_AS_USER so the process binds as root then drops privileges.