diff --git a/manifests/raw-resources-mail-services/stalwart-loadbalancer-service.yaml b/manifests/raw-resources-mail-services/stalwart-loadbalancer-service.yaml
new file mode 100644
index 0000000..e36a631
--- /dev/null
+++ b/manifests/raw-resources-mail-services/stalwart-loadbalancer-service.yaml
@@ -0,0 +1,57 @@
+---
+# LoadBalancer Service for direct SMTP/IMAP access
+# Use this if you have MetalLB or similar LoadBalancer provider
+apiVersion: v1
+kind: Service
+metadata:
+  name: stalwart-mail-ports
+  namespace: mail
+  labels:
+    app: stalwart
+  annotations:
+    # If using MetalLB, you can request a specific IP
+    # metallb.universe.tf/loadBalancerIPs: 192.168.10.241
+spec:
+  type: LoadBalancer
+  selector:
+    app: stalwart
+  ports:
+    # SMTP - Receiving mail from other servers
+    - name: smtp
+      port: 25
+      targetPort: 25
+      protocol: TCP
+    
+    # SMTP Submission - Sending mail
+    - name: submission
+      port: 587
+      targetPort: 587
+      protocol: TCP
+    
+    # SMTPS - Secure SMTP
+    - name: smtps
+      port: 465
+      targetPort: 465
+      protocol: TCP
+    
+    # IMAPS - Secure IMAP
+    - name: imaps
+      port: 993
+      targetPort: 993
+      protocol: TCP
+    
+    # IMAP - Plaintext IMAP
+    - name: imap
+      port: 143
+      targetPort: 143
+      protocol: TCP
+
+---
+# Instructions:
+# 1. Apply this service: kubectl apply -f stalwart-loadbalancer-service.yaml
+# 2. Get the LoadBalancer IP: kubectl get svc stalwart-mail-ports -n mail
+# 3. If the IP is private (192.168.x.x), set up port forwarding from your router
+# 4. Update DNS (turn OFF Cloudflare proxy):
+#    mail.dvirlabs.com  A  <your-public-ip>  (gray cloud, not orange)
+# 5. Add MX record:
+#    @  MX  10  mail.dvirlabs.com
diff --git a/manifests/raw-resources-mail-services/stalwart-nodeport-service.yaml b/manifests/raw-resources-mail-services/stalwart-nodeport-service.yaml
new file mode 100644
index 0000000..3d10257
--- /dev/null
+++ b/manifests/raw-resources-mail-services/stalwart-nodeport-service.yaml
@@ -0,0 +1,63 @@
+---
+# NodePort Service for direct SMTP/IMAP access
+# Use this if you have a public IP and can port-forward
+apiVersion: v1
+kind: Service
+metadata:
+  name: stalwart-external
+  namespace: mail
+  labels:
+    app: stalwart
+spec:
+  type: NodePort
+  selector:
+    app: stalwart
+  ports:
+    # SMTP - Receiving mail from other servers
+    - name: smtp
+      port: 25
+      targetPort: 25
+      nodePort: 30025  # Expose on node port 30025
+      protocol: TCP
+    
+    # SMTP Submission - Sending mail
+    - name: submission
+      port: 587
+      targetPort: 587
+      nodePort: 30587
+      protocol: TCP
+    
+    # SMTPS - Secure SMTP
+    - name: smtps
+      port: 465
+      targetPort: 465
+      nodePort: 30465
+      protocol: TCP
+    
+    # IMAPS - Secure IMAP
+    - name: imaps
+      port: 993
+      targetPort: 993
+      nodePort: 30993
+      protocol: TCP
+    
+    # IMAP - Plaintext IMAP
+    - name: imap
+      port: 143
+      targetPort: 143
+      nodePort: 30143
+      protocol: TCP
+
+---
+# Instructions:
+# 1. Apply this service: kubectl apply -f stalwart-nodeport-service.yaml
+# 2. Forward ports from your router/firewall to your k3s node:
+#    - 25   → <node-ip>:30025
+#    - 587  → <node-ip>:30587
+#    - 465  → <node-ip>:30465
+#    - 993  → <node-ip>:30993
+#    - 143  → <node-ip>:30143
+# 3. Update DNS (turn OFF Cloudflare proxy):
+#    mail.dvirlabs.com  A  <your-public-ip>  (gray cloud, not orange)
+# 4. Add MX record:
+#    @  MX  10  mail.dvirlabs.com