Hermes Server · macOS Native · Free Beta

Run Your Own BBS
on macOS

Hermes Server is a native macOS application that turns your Mac into a fully-featured BBS. A native SwiftUI sysop dashboard puts you in control — live connections, user management, forums, and security tools, all in one place. Five protocol listeners run simultaneously so anyone can connect, whether they're using a classic Telnet client, an SSH terminal, or a web browser.

No nodes. No fixed limits. Connections scale to what your hardware can handle — the original BBS constraint of ten simultaneous modems is gone.

Download Free Beta Hermes 4 Overview

Connectivity

Five protocol listeners, one server

Hermes Server starts five listeners simultaneously on launch. Classic BBS clients connect on Telnet. Encrypted connections use TELNETS or SSH. Browsers connect via WebSocket. File transfers run over HTTPS. The same BBS — same users, forums, and chat — is reachable from all of them at once.

Telnet

:2300

Plain TCP · host a BBS on macOS

The classic BBS protocol, exactly as it's always worked. PuTTY, SyncTERM, every terminal emulator ever built — they all connect here. Zero configuration for legacy and modern Telnet clients alike.

Telnet over TLS

:2301

TELNETS · Encrypted

Full TLS encryption wraps the connection before any Telnet data is exchanged. Same classic BBS experience, fully private. Certificate is shared with the HTTPS listener and auto-generated on first launch.

HTTPS File Server

:2302

HMAC Tokens · TLS · Auto-Detect

HMAC-SHA256 signed, time-limited URLs for all file transfers. Hermes Terminal detects them automatically via OSC in-band signaling. Generic Telnet clients receive a URL to paste into their browser — it works from any client.

WebSocket BBS Terminal

:2302

Secure WebSocket (wss) · xterm.js · No install

Full ANSI color terminal in any web browser via WebSocket and xterm.js — real cursor control, 16-color ANSI, character attributes. Share a URL and anyone connects instantly. No software required on the client side.

SSH

:2304

SwiftNIO SSH · Ed25519 · Auto-Login

Any standard SSH BBS server client works — ssh user@your-bbs -p 2304 and you're in. Ed25519 host keys, terminal size negotiation, live resize. SSH-authenticated users skip the BBS password prompt entirely.

TLS Certificates

auto

Self-Signed or Let's Encrypt

Self-signed certificate generated on first launch via LibreSSL. Drop in a Let's Encrypt certificate directory and Hermes Server detects and hot-reloads it automatically when renewed. Zero downtime cert rotation.

Administration

Native SwiftUI sysop dashboard

Running a BBS from the command line was never the point. Hermes Server is a full macOS application — the sysop administration console is a proper native SwiftUI interface with a sidebar, live data, and keyboard shortcuts. No web panel, no config files you have to hand-edit.

Live connections view

Connections, not nodes

The original Hermes BBS was limited to ten simultaneous connections — one per modem. That constraint is gone. Hermes 4 uses a connection pool with a configurable soft limit; the dashboard shows every active session in real time, with no artificial ceiling.

Each connection card shows the user's country flag (resolved via geo-IP), the protocol they connected on (Telnet, TelnetS, SSH, WebSocket, or HTTPS), their username, current section of the BBS, time online, and connection status. A live ANSI preview of exactly what they're seeing is one click away. Disconnect any session instantly from the dashboard.

The sysop's own terminal window is a first-class connection — it shows up in the connections panel with a "Local" badge, and the sysop can interact with the BBS directly from the dashboard without opening a separate client.

Live Connections

🇺🇸

sysop

Local · Main Menu

0:04

🇩🇪

janedoe

TelnetS · Reading Forums

12:31

🇯🇵

kenji_r

SSH · Chat #lobby

8:17

🇬🇧

anonymous

Telnet · Login

0:12

User Manager

User accounts

Inline editing for username, name, location, security level, screen settings. Sortable columns, keyword search, password reset, soft-delete with restore. Create new users directly from the dashboard.

Forum Manager

Forums & subforums

Create conferences and subforums, set security levels, control display order, toggle read-only mode. Inline editing — no modal dialogs for routine changes. Message counts and last-post dates at a glance.

Chat Panel

Live chat feed

See all channels simultaneously in the dashboard. Post from the sysop panel without entering chat yourself. Moderation actions — mute, kick — available from context menus on any message.

Activity Log

Connection history

Every connection logged with country flag, IP address, protocol, username, and outcome. Blocked attempts get a single scannable line showing which rule caught them. 30-day automatic pruning.

Features

A complete BBS in one app

Hermes Server ships with the full set of BBS features that made systems like this the center of online community before the web. Forums, private mail with full-text search, internet email, real-time chat, file areas, external door programs — all working, all in the current beta.

Forums & threaded messages

Multi-conference · Per-user read pointers · New-scan at logon

A multi-conference message system organized into conferences and subforums, each with independent security levels and display order. At logon, users see exactly how many new messages are waiting — by subforum — and can step through unread content with a global new-scan. Per-user read pointers track position across sessions so nothing gets lost between visits.

Messages support threaded replies with a visible parent/reply chain. Read forward from your pointer, jump to parent messages, list all direct replies, or walk a thread depth-first. A title list shows subjects and reply nesting at a glance. Posting includes a line editor with quoted-reply support (automatically prefixes the previous message body).

Community voting and polls are built into the forum layer. Single-choice or multi-choice polls with optional anonymity, configurable result visibility, and expiry dates. Results render as an ASCII bar chart in the terminal. Active polls surface in the subforum header.

At logon

Welcome back, sysop.

You have 3 unread email.
You have 47 new messages
in 4 subforums.

Read new now? [Y/n] ▌

New-scan shows counts per subforum. Per-user read pointers track position across sessions.

Internet Email Setup

Inbound

Cloudflare Email Routing forwards messages to the BBS. Configure your domain's MX records and inbound delivery in the sysop dashboard.

Outbound

Amazon SES relay with DKIM signing. Sysops set per-user daily outbound limits and can restrict which users can send internet mail.

Search

SQLite FTS5 full-text search. Gmail-style operators: from:, to:, subject:, has:attachment, date ranges.

Private mail & internet email

BBS mail · FTS5 search · Cloudflare + SES bridge

Private mail between users works exactly as it did in classic Hermes — compose, reply with quoted text, navigate inbox and sent folders, delete per-side. At logon, the unread mail count is shown alongside the forum new-scan. Hermes Terminal provides a native mail UI with HTML rendering, MIME attachment support, and drag-out .eml export.

Internet email bridges the BBS into the wider world. Inbound mail arrives via Cloudflare Email Routing; outbound sends through Amazon SES with multipart MIME and DKIM signing. Sysops configure per-user sending permissions, daily outbound limits, and forwarding rules. The BBS becomes a proper mail node, not just an isolated island.

SQLite FTS5 full-text search indexes all mail with Gmail-style operators. An Advanced Search UI in Hermes Terminal handles complex queries. Gmail mbox import lets users bring their existing email archives into the BBS for unified search.

File areas

HTTPS transfers · ZMODEM fallback · Signed tokens

File areas work as they always have in a BBS — organized sections with access controls, per-user new-file tracking, download counts, and per-file descriptions. Sysops manage areas and files from the dashboard's Files section, with storage usage summaries and soft-delete for removing files without losing metadata.

Downloads use HTTPS with HMAC-SHA256 signed, time-limited tokens — fast, encrypted, and secure. Hermes Terminal detects the transfer URL automatically via OSC in-band signaling and handles it natively with a progress indicator. For classic Telnet clients that can't handle HTTPS, the BBS displays the URL with instructions to paste into a browser. Nothing is blocked.

Full ZMODEM send and receive is also supported as a transfer alternative, with auto-detection from the data stream. Per-user transfer preference lets each user choose Auto (HTTPS for Hermes Terminal, ZMODEM for others), HTTPS only, or ZMODEM only. Files can also be shared directly into chat channels with the /share command.

File Transfer

File: HerTris-v1.2.zip
Size: 143 KB

Protocol: HTTPS

Hermes Terminal: downloading…
████████████████░░░░ 78%

HTTPS auto-detected by Hermes Terminal. Legacy clients receive a browser URL. ZMODEM available as fallback.

Security & Moderation

Modern boards face modern threats

A public BBS is reachable from everywhere. Hermes Server gives you the tools to stay in control — geo-IP intelligence, country and IP blocklists, activity logging, and sandboxed door program execution.

Geo-IP

Country identification

Every incoming connection is resolved to a country and ISP via geo-IP. Country flags surface in the live connections view and the activity log — at a glance you can see where your users are coming from.

Blocklists

Country & IP blocking

Block whole countries with a checkbox in the dashboard. Add specific networks with CIDR notation (192.0.2.0/24, 2001:db8::/32). Each blocked attempt logs a single line showing which rule caught it.

Activity Log

Connection audit trail

Every connection and disconnect logged with IP, country, protocol, and username. Blocked attempts and idle timeouts get single-line entries. Port scanner noise is filtered so real signal isn't buried. 30-day auto-pruning.

Idle Timeout

Pre-login cleanup

A configurable pre-login idle timeout sweeps connections that stall at the login prompt without authenticating. Bot probes and port scanners that connect but don't log in are automatically swept out.

Door Sandbox

Isolated externals

External door programs — both 68K emulated classics and modern DOOR32.SYS doors — run in a hardened per-session sandbox with drop-file isolation, configurable ulimits, and SIGKILL escalation for processes that refuse to exit.

TLS

Encrypted by default

TELNETS and HTTPS listeners are encrypted from the first byte. All passwords are salted and hashed with SHA-256. File transfer tokens are HMAC-signed with a per-install 32-byte random key.

Sample Activity Log

09:04 🇺🇸 CONNECT ssh · sysop

09:07 🇩🇪 CONNECT telnets · jane

09:11 🇨🇳 BLOCKED country

09:14 🇷🇺 BLOCKED cidr

09:18 🇬🇧 IDLE pre-login timeout

09:22 🇯🇵 CONNECT websocket · kenji

Current Status

Free beta. Actively developed.

Hermes Server is version 0.1.0 — early development, but fully functional. The sysop dashboard, all five protocol listeners, forum system, private mail, internet email, file areas, real-time chat, SSH access, WebSocket browser terminal, geo-IP blocking, and sandboxed door games are all working in the current beta. This is a passion project, not a commercial product. The beta is free and always will be.

macOS via direct download. Requires Apple Silicon. Hermes Terminal (the companion client) is available for both macOS and iOS.

Download for Mac Full Feature Overview

Actively developed · v0.1.0 · macOS & iOS

Explore

More of Hermes 4

Hermes 4

The full overview — all features, both apps, the client-server architecture, and the story of why Hermes 4 exists.

68K

Door Games

68K emulation running the original Hermes external programs on Apple Silicon. Classic door games alongside modern DOOR32.SYS doors.

Downloads

Download Hermes Server for macOS, Hermes Terminal for macOS and iOS (TestFlight), and the classic Hermes BBS source code.

Run Your Own BBS on macOS