Self-hosters running their own mail security gateway get client-side encryption for their backups in the latest release. Proxmox Mail Gateway 9.1, out now, can now encrypt backups sent to a Proxmox Backup Server target before they leave the host. Email configuration, user-created rule data, and historic statistics are encrypted client-side during transmission and stay encrypted at rest on the backup storage, keeping sensitive filtering setups out of plain view even when the backup repository sits on shared infrastructure.

The platform is built on Debian 13.5 "Trixie" and ships with Linux kernel 7.0 as its stable default. The open-source security stack tracks current upstream releases: SpamAssassin 4.0.2 with continuously updated rulesets, ClamAV 1.4.4, PostgreSQL 17 for the database backend, and ZFS 2.4 for storage. Proxmox Mail Gateway sits as a full mail proxy between the firewall and an internal mail server, filtering all inbound and outbound traffic at the gateway to catch spam, viruses, Trojans, and phishing before it reaches the mailbox.

The web-based quarantine interface picks up several workflow changes. Shared mailboxes can now have quarantined messages marked as "seen" with an inline checkmark toggle, so teams auditing the same mailbox do not duplicate each other's work. The quarantine overview displays both the positive and negative components of a message's spam score at once, making it immediately clear why an email crossed a filtering threshold. External images in quarantined mail can be set to load only on demand behind a "Load Images" button, letting administrators inspect suspicious content without leaking read receipts or pulling in web-based threats. Administrators can also copy a recipient's private quarantine access link straight from the dashboard for sharing through any channel.

The deployment options are what make it practical for a homelab or small-business rack. Beyond the bare-metal ISO and its installation wizard, Proxmox Mail Gateway can be layered on top of an existing Debian install or run as a lightweight LXC container on Proxmox VE, which lets it share a node with virtualized workloads instead of demanding its own machine. Existing installs upgrade in place from version 8.2 or 9.0 through the APT package manager, with a tested upgrade path rather than a reinstall.

The software is open source and available immediately as a free ISO download. Optional enterprise support subscriptions, which add access to the stable update repository and expert support, start at $200 (€190) per host per year with unlimited users and domains. Full release notes and the upcoming roadmap are published in the project wiki.