Underground Forum
- #1
Balanced PMTA configuration
In this example, we will configure PowerMTA with IP rotation, set up mail sending to achieve inbox delivery during the initial stages of the campaign, and configure logging for progress monitoring.PowerMTA configuration file setup
IP rotation configuration
To set up rotation, we will need to configure outgoing connections, create a new SMTP user, a pool, and add new VMTAs.In this example, we have 1 domain and 4 IP addresses.
# SOURCE OF OUTGOING CONNECTIONS
<source 0/0> # PowerMTA will use all available outgoing IP addresses without restrictions
log-connections yes # Register all incoming and outgoing SMTP connections
log-commands yes # Enables logging
allow-unencrypted-plain-auth yes # Use unencrypted Plain authentication for SMTP connections
</source>
# USERS/VIRTUAL-MTA / VIRTUAL-MTA-POOL / VIRTUAL-MTAS
<smtp-user user> # Login
password password # Password
source {smtpuser-auth}
</smtp-user>
<source {smtpuser-auth}>
smtp-service yes # Allows incoming letters from other servers via SMTP protocol
always-allow-relaying yes # Accept and send letters (Relay) from any senders
require-auth true # Required authentication
process-x-virtual-mta yes # Process X-Virtual-MTA title in outgoing messages
default-virtual-mta pmta-pool # Use pmta pool below by default
remove-received-headers true # Hide received-headers
add-received-header false # Hide received-headers
hide-message-source true # Hide message-source
</source>
# VIRTUAL MTA POOL
<virtual-mta-pool pmta-pool>
virtual-mta pmta-vmta1
virtual-mta pmta-vmta2
virtual-mta pmta-vmta3
virtual-mta pmta-vmta4
</virtual-mta-pool>
# BEGIN VIRTUAL MTAS
<virtual-mta pmta-vmta1> # Virtual MTA 1
smtp-source-host 000.00.000.001 mydomain.com # IP address and domain
domain-key dkim5,mydomain.com,/etc/dkim.key # DKIM key selector and path to dkim key
</virtual-mta>
<virtual-mta pmta-vmta2> # Virtual MTA 2
smtp-source-host 000.00.000.002 mydomain.com
domain-key dkim5,mydomain.com,/etc/dkim.key
</virtual-mta>
<virtual-mta pmta-vmta2> # Virtual MTA 3
smtp-source-host 000.00.000.003 mydomain.com
domain-key dkim5,mydomain.com,/etc/dkim.key
</virtual-mta>
<virtual-mta pmta-vmta4> # Virtual MTA 4
smtp-source-host 000.00.000.004 mydomain.com
domain-key dkim5,mydomain.com,/etc/dkim.key
</virtual-mta>Adding an smtp-user will enable login and password authentication, as well as the configuration and management of VMTAs.
In this example, I have hidden the Received and Message-Source headers to ensure that your local IPs are not exposed anywhere.
Next, I created 4 VMTAs and added them to a virtual MTA pool so that PMTA can rotate all 4 IP addresses.
Mail sending configuration
Next, we will configure mail sending for all mail services by default.If you need settings for a specific mail service, such as Gmail, specify <domain gmail>.
# DEFAULT DOMAIN SETTINGS
<domain *> # Settings for all domains by defaults
use-starttls yes # Turn ON/OFF TLC
require-starttls no # Use TLS only if it is supported by a server
max-smtp-out 1 # Default be nice on concurrent connections
max-msg-per-connection 1 # The maximum number of messages that can be sent for one SMTP connection
max-rcpt-per-message 1 # limits the number of recipients in one letter
max-errors-per-connection 10 # Avoid 'too long without data command' error
reuse-ssl-session yes # Responsible for re-use of SSL/TLS sessions between SMTP connections
max-msg-rate 100/h # Message limit per hour to the domain, better to start with a low value
bounce-upon-no-mx yes # Proper mail domains should have mx
assume-delivery-upon-data-termination-timeout yes # Avoid duplicate deliveries
smtp-421-means-mx-unavailable yes # interpret the error with the SMTP 421 code as the inaccessibility of the MX server
smtp-553-means-invalid-mailbox yes # Consider the error 553 as a unimportant address
bounce-upon-5xx-greeting true # Reject (BOUNCE) Message if the server returns a 5xx error code
connect-timeout 1m # Maximum waiting time to establish a connection with a remote SMTP server
smtp-greeting-timeout 5m # Waiting time for greeting from a remote SMTP server
data-send-timeout 5m # Waiting time for sending data via SMTP connection
retry-after 30m # Typical greylisting period
bounce-after 3d # Default 4d12h
smtp-pattern-list blocking-errors # Use the list of templates by which PowerMTA defines critical delivery errors
backoff-max-msg-rate 1/h # Send only regular tries during backoff (default unlimited)
backoff-retry-after 1h,3h,6h,12h # Retry at least every 20m (default 1h)
backoff-to-normal-after-delivery yes # Revert to normal asap (default no)
backoff-to-normal-after 1h # Always revert to normal after 1h (default never)
dkim-sign yes # Enable DKIM support
</domain>The number of outgoing connections and messages has been limited to avoid blocking in the initial stages.
The backoff mode uses the default settings.
DKIM support is enabled.
Logging configuration
Next, we will configure logging.These parameters will allow you to monitor and analyze mail delivery and bounces.
# All logs
<acct-file /var/log/pmta/acct.csv> # Path to Accounting File storage place
move-interval 5m
max-size 25M
delete-after 7d
</acct-file>
# HardBounce logs
<acct-file /var/log/pmta/hardbounces.csv> # Path to HardBounce logs storage place
records r
records rb
record-fields r *
record-fields rb *
move-interval 5m
max-size 50M # MB
delete-after 7d
</acct-file>
# SoftBounce logs
<acct-file /var/log/pmta/softbounces.csv> # Path to SoftBounce logs storage place
records t
record-fields t *
move-interval 5m
max-size 50M # MB
delete-after 7d
</acct-file>
# Delivery log # Path to Delivery logs storage place
<acct-file /var/log/pmta/success.csv>
records d
record-fields d *
move-interval 5m
max-size 50M # MB
delete-after 7d
</acct-file>The full configuration file is available at the link:
Content of this hidden block can only be seen by members of: Verified