I use dovecot for this. And thunderbird to actually move/archive the emails. I use caddy for many of my services, so I have pointed dovecot to caddys certificates (for “my.domain”), since it manages certificates through let’s encrypt. I had a plan to install postfix for sending internal emails from my self-hosted services, but it seemed like a bit of configuration and I got busy with other stuff
I made an excerpt from my docker-compose.yml, but you probably have to figure out some things on your own