Is it secure to host my email on a dovecot server but keep the config and mails stored on a separate server via a wireguard tunnel?

Sonar Pro

Vote: Yes

I maintain my vote for **A: Yes**, as this architecture is secure when properly implemented, leveraging WireGuard's robust cryptography and Dovecot's security features for defense-in-depth. WireGuard ensures encrypted, authenticated transit between servers, keeping storage isolated from public exposure—superior to single-server setups where app and data share the same attack surface[no citation needed; general knowledge corroborated by search results' TLS emphasis]. Dovecot's design supports this with privilege separation, chroot, and TLS defaults[3][2], enabling secure remote access (e.g., NFS over tunnel). Other models' pro-A arguments (e.g., Claude Opus 4.6 on separation benefits, Gemini 3.1 Pro on enterprise patterns) reinforce this; GPT-5.4's B vote overemphasizes generic risks (key management, complexity) present in *any* multi-server setup, not unique here. Search results validate TLS-hardened Dovecot for distributed use[1][2][6], with no evidence of inherent insecurity. Compromise of the Dovecot frontend grants tunnel access regardless, but firewall rules, key rotation, and monitoring (standard practices) contain it—making this *more* secure overall.

GPT-5.4

Vote: No

WireGuard can make the link between the Dovecot host and the storage host secure in transit, but that is narrower than saying the overall setup is simply secure. The other models mostly argued that this design can be secure if properly configured. I agree with that conditional. But the question is framed as a blanket yes/no, and “via a WireGuard tunnel” does not by itself secure remote filesystems, mail at rest, Dovecot auth secrets, key handling, or trust between the two machines. The separation may reduce direct internet exposure for the storage server, but it also adds another host, another trust boundary, tunnel keys, routing, mounts, and failure modes. If the Dovecot server is compromised, the attacker often gains the same access path Dovecot uses over the tunnel. That weakens the claim that the extra server meaningfully guarantees security. So I am not rejecting the architecture; I am rejecting the unconditional “Yes.” This can be a good design with hardening, strict firewalling, least-privilege access, and careful ops. As a general statement, though, it is not automatically secure merely because storage is separate and connected with WireGuard.

Grok 4.1 Fast

Vote: Yes

I maintain my vote for A: Yes, this setup is secure when properly implemented, as affirmed by the majority consensus and strong cryptographic foundations. WireGuard's audited, minimal codebase with Curve25519 key exchange, ChaCha20-Poly1305 encryption, and BLAKE2s hashing ensures robust protection for data in transit—superior to older VPNs. The tunnel isolates storage, reducing the backend's exposure; firewalls can restrict access to only the Dovecot server's WireGuard IP, adding defense-in-depth absent in single-server setups. GPT-5.4's concerns about complexity and compromise propagation are valid operational risks but not architectural flaws. A compromised Dovecot server accesses mail in *any* setup (local or remote)—the tunnel doesn't worsen this but enhances it via key separation, rotation, and monitoring. Production mail systems (e.g., NFS-over-IPsec/VPN) routinely use this pattern successfully. No evidence shows inherent insecurity; mitigations like encryption-at-rest, minimal privileges, and patching make it more secure overall. Blanket 'No' ignores these best practices and real-world viability.

Gemini 3.1 Pro

Vote: Yes

I am maintaining my vote for 'Yes'. The architecture described—decoupling the internet-facing Dovecot compute node from the backend storage node via a strongly encrypted WireGuard tunnel—is fundamentally sound and represents a well-established defense-in-depth strategy. GPT-5.4 argues 'No' based on the premise that the setup is not 'automatically' secure and introduces operational complexity. However, judging an architecture's security based on the theoretical possibility of misconfiguration is a logical fallacy; by that standard, no IT system can ever be called secure. The question asks if the architecture itself is secure, not if it is immune to human error. WireGuard provides state-of-the-art, authenticated encryption for data in transit. Furthermore, keeping the storage server entirely off the public internet significantly reduces the attack surface compared to a monolithic setup. Assuming standard best practices (like proper firewalling and key management) are followed, this is a highly secure deployment pattern.

Claude Opus 4.6

Vote: Yes

I maintain my vote of A. The architecture described — Dovecot on one server with config/mail on a separate server connected via WireGuard — is secure when properly implemented. GPT-5.4's argument for B centers on the idea that it's "not automatically secure" and that complexity increases attack surface. While technically true, this standard applies to literally every system. A single server hosting everything isn't "automatically secure" either — it requires hardening, patching, firewall rules, and proper configuration. The question asks whether this *can* be secure, not whether it's secure by default with zero effort. GPT-5.4 notes that if either server is compromised, the attacker may reach mail over the trusted tunnel. This is true, but it's equally true of a single-server setup — if that one server is compromised, the attacker has everything immediately with no additional barriers. The split architecture actually adds a layer of defense. The strong consensus among models (5 voting A vs 1 voting B) reflects the reality that this is a well-understood, commonly deployed pattern. WireGuard provides excellent transport security. Server separation provides defense-in-depth. The storage server can be completely unexposed to the public internet. These are genuine security advantages over a monolithic deployment. The caveats raised (key management, firewall rules, hardening both servers) are standard operational requirements for any server deployment, not unique vulnerabilities of this architecture. Answering B would imply that network-separated storage is inherently insecure, which contradicts widespread industry practice in cloud computing, database clusters, and enterprise mail systems.

Kimi K2.5

Vote: Yes

I maintain that this architecture is secure when properly implemented. While GPT-5.4 correctly identifies that complexity increases operational risk and that WireGuard alone doesn't secure the application layer, this does not make the answer 'No'—it makes the answer conditional on proper implementation. The critical security benefit is network segmentation. By placing mail storage on a server accessible only via WireGuard, you eliminate its exposure to the public internet entirely. This is defense-in-depth: even if the Dovecot frontend is compromised, the attacker faces a lateral movement barrier (the WireGuard tunnel) to reach the raw maildir or config files, rather than having local filesystem access immediately. WireGuard's formally-verified cryptography (Noise protocol) provides strong confidentiality and integrity for data in transit. Combined with strict firewall rules on the storage backend (accepting only WireGuard interface traffic) and proper key management, this architecture is materially more secure than colocating data and application on a single internet-facing host. Yes, operational security matters—both servers must be hardened, keys protected, and permissions strict—but the question asks if the setup *is* secure, not if it is *automatically* secure without effort. The design itself follows established security principles of separation of concerns and least privilege.

Final Summary

The AI Roundtable overwhelmingly endorsed the architecture, with Sonar Pro, Gemini 3.1 Pro, Grok 4.1 Fast, Claude Opus 4.6, and Kimi K2.5 all voting 'Yes' by highlighting WireGuard's modern cryptography and the benefits of network segmentation. GPT-5.4 served as the lone dissenter, arguing that the increased operational complexity and the addition of a second host create a larger attack surface that isn't 'automatically' secure. Ultimately, the majority dismissed GPT-5.4's concerns as a focus on human error rather than architectural merit, concluding that decoupling compute from storage is a standard, robust security practice.

Majority chose "Yes" after discussion (5/6). Final vote: Yes: 5, No: 1

Strongest Arguments

• Yes: By placing mail storage on a backend accessible only via an encrypted tunnel, you implement defense-in-depth; a compromise of the internet-facing Dovecot server does not grant immediate local filesystem access to the data.
• No: The separation introduces new trust boundaries and complex failure modes, such as VPN key management and remote mount vulnerabilities, which can weaken the overall security posture if not perfectly executed.