Powermta - Configuration Guide

log-format-extended "/var/log/powermta/delivery.log" "%t %d %S %p %r" bounce-log "/var/log/powermta/bounce.log"

openssl genrsa -out /etc/powermta/keys/example-dkim.key 2048 openssl rsa -in example-dkim.key -pubout -out example-dkim.pub # Add public key to DNS: mail._domainkey TXT "v=DKIM1; k=rsa; p=..." <domain example.com> bounce-domain bounces.example.com # VERP bounces spf-identity mfrom # Use MAIL FROM for SPF </domain> 6.3 IP Restrictions (Inbound Relay) <accepted-connect 127.0.0.1> allow-submission yes require-auth no </accepted-connect> <accepted-connect 10.0.0.0/8> allow-submission yes require-auth yes auth-plain /etc/powermta/passwd </accepted-connect> 7. Logging & Monitoring 7.1 Delivery Log Format log-format-extended "mail.log" "%ts %d %r %s %S %T %p %b %B" # Fields: timestamp, domain, recipient, status, size, time, IP, bounce, message-id 7.2 Bounce Processing bounce-log /var/log/powermta/bounce.log bounce-category-log /var/log/powermta/bounce-category.log permanent-bounce-after 7d # Suppress after 7 days of soft bounces 7.3 HTTP API & SNMP http-mgmt-port 8080 http-mgmt-interface 0.0.0.0 http-mgmt-auth /etc/powermta/htpasswd snmp-port 161 snmp-community public powermta configuration guide

systemctl start powermta systemctl enable powermta | File | Purpose | |------|---------| | /etc/powermta/powermta.conf | Main configuration | | /etc/powermta/config.d/ | Include directory (modular configs) | | /etc/powermta/license.key | License file | | /var/log/powermta/ | Logs (delivery, bounce, error) | | /var/spool/powermta/ | Queue spool (persistent) | 4. Basic Configuration Directives 4.1 Global Settings # /etc/powermta/powermta.conf smtp-port 25 http-mgmt-port 8080 http-mgmt-interface 0.0.0.0 max-smtp-in 1000 max-smtp-out 1000 smtp-greeting "PowerMTA ESMTP" Queue management max-queue-size 10M # Maximum spool size queue-interval 5s # Dequeue sweep frequency max-delivery-attempts 5 # Per recipient 4.2 Source (Binding) IPs Define which IPs PMTA will use to send mail. log-format-extended "/var/log/powermta/delivery

<source 192.168.1.10> # Warm-up schedule (day 1-30) max-msg-rate 100/h max-smtp-out 5 <schedule warmup> from 00:00 to 23:59 for 1d max-msg-rate 100/h from 00:00 to 23:59 for 3d max-msg-rate 500/h from 00:00 to 23:59 for 7d max-msg-rate 2000/h from 00:00 to 23:59 for 14d max-msg-rate 10000/h from 00:00 to 23:59 for 30d max-msg-rate 30000/h </schedule> </source> 6.1 DKIM Signing <domain example.com> dkim-sign yes dkim-selector mail dkim-key /etc/powermta/keys/example-dkim.key dkim-headers "From:Subject:Date:To" </domain> Generate key: &lt;source 192

http-mgmt-port 8080 http-mgmt-interface 127.0.0.1 Always validate config before reload:

<virtual-mta marketing> source 192.168.1.10 max-smtp-out 50 dns-timeout 30 bounce-log /var/log/powermta/bounce-marketing.log </virtual-mta> <virtual-mta transactional> source 192.168.1.11 max-smtp-out 200 bounce-log /var/log/powermta/bounce-transactional.log </virtual-mta> 5.1 Domain-Specific Throttling Prevent overloading a single domain (e.g., Gmail, Yahoo).