Self hosted email with mfa support?

Can anyone suggest an email server package that we can self host that can support mfa?

Want something private and secure.

When you mean MFA support, are you talking about web mail? Because afaik, IMAP does not offer 2FA.

I use mailcow for my email, but I have it hosted by them. It’s open source though and you can host it yourself as well. They use SOGo as the web mail client and it supports 2FA.

Thanks for your response. Not talking about webmail as imap could still be used to bypass mfa if it wasn’t secured right?

Any ideas on how to setup a secure self hosted private email server?

I don’t understand. How do you want users to access their emails? Using a mail client like Outlook or using a browser (which is what I mean by web mail)?

Using mail clients like the desktop outlook app or mobile client app.

Does Outlook even support MFA in the first place? I’m not too familiar with this topic. How is the user experience? Do users have to enter a TOTP or authenticate using Windows Hello everytime their emails are syncing?

MFA in mail clients doesn’t make sense to me, since you enter the password only once and you expect it to work in the background without user interaction. Maybe this is a special feature of Exchange, but again, I’m not aware that standard SMTP and IMAP support MFA. Many services use app passwords because of that.

Yes mfa is available in outlook. Both for 365 and for Gmail. Mfa is there to help stop brute force attacks and hackers from trying to use stolen credentials from other sites.

The most common on-prem/self-hosted solutions for email with MFA is likely MS Exchange using RSA.