PMTA PMTA configuration

  • Thread starter Underground Forum
  • Start date
  • Tags
    pmta server
Underground Forum

Underground Forum

  • #1

What is the main configuration file of PMTA​

This is a file which is located in the etc/pmta/ directory of your server and responsible for the rules of sending mail from a particular domain/ip address.

Two files are responsible for the configuration of your mail server, config and virtualhost.txt
the config file contains static information, and the virtualhost.txt file contains dynamic information.

After each editing of these files, it is necessary to restart the config with the CLI command: pmta reload

# Section 1 STREAMS​


#####################################################################################################################################
# Section 1: STREAMS
#####################################################################################################################################

total-max-smtp-in 1000
total-max-smtp-out 5000

#####################################################################################################################################

# Section 3 MAIN SETTINGS​


#####################################################################################################################################
# Section 3: MAIN SETTINGS / VIRTUAL-MTA-POOL
#####################################################################################################################################

smtp-listener 0/0:2525        # Port PMTA
http-mgmt-port 1050
http-access 127.0.0.1 monitor
http-access ::1 monitor
http-access 180.183.74.0/24 admin
run-as-root no

#####################################################################################################################################
In the smtp-listener line, you can specify the port number for connecting to pmta, the default is 2525.
http-mgmt-port - is responsible for the connecting port to the web monitoring panel.
In the http-access line, you can enter your ip address to access the web monitoring panel.
A value of 0/24 means that any last digit will be allowed.
If you need to register several ip addresses, then you can simply copy this line and write any other ip address below.

# Section 4: BOUNCE SETTINGS​


#####################################################################################################################################
# Section 4: BOUNCE SETTINGS
#####################################################################################################################################

<bounce-category-patterns>
    /spam/ spam-related
    /junk mail/ spam-related
    /blacklist/ spam-related
    /blocked/ spam-related
    /\bU\.?C\.?E\.?\b/ spam-related
    /\bAdv(ertisements?)?\b/ spam-related
    /unsolicited/ spam-related
    /\b(open)?RBL\b/ spam-related
    /realtime blackhole/ spam-related
    /http:\/\/basic.wirehub.nl\/blackholes.html/ spam-related
    /\bvirus\b/ virus-related
    /message +content/ content-related
    /content +rejected/ content-related
    /quota/ quota-issues
    /limit exceeded/ quota-issues
    /mailbox +(is +)?full/ quota-issues
    /sender ((verify|verification) failed|could not be verified|address rejected|domain must exist)/ invalid-sender
    /unable to verify sender/ invalid-sender
    /requires valid sender domain/ invalid-sender
    /bad sender's system address/ invalid-sender
    /No MX for envelope sender domain/ invalid-sender
    /^[45]\.4\.4/ routing-errors
    /no mail hosts for domain/ invalid-sender
    /Your domain has no(t)? DNS\/MX entries/ invalid-sender
    /REQUESTED ACTION NOT TAKEN: DNS FAILURE/ invalid-sender
    /Domain of sender address/ invalid-sender
    /return MX does not exist/ invalid-sender
    /Invalid sender domain/ invalid-sender
    /Verification failed/ invalid-sender
    /\bstorage\b/ quota-issues
    /(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee) (has|has been|is)? *(currently|temporarily +)?(disabled|expired|inactive|not activa
ted)/ inactive-mailbox
    /(conta|usu.rio) inativ(a|o)/ inactive-mailbox
    /Too many (bad|invalid|unknown|illegal|unavailable) (user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee)/ other
    /(No such|bad|invalid|unknown|illegal|unavailable) (local +)?(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee)/ bad-mailbox
    /(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee) +(\S+@\S+ +)?(not (a +)?valid|not known|not here|not found|does not exist|bad|inval
id|unknown|illegal|unavailable)/ bad-mailbox
    /\S+@\S+ +(is +)?(not (a +)?valid|not known|not here|not found|does not exist|bad|invalid|unknown|illegal|unavailable)/ bad-mailbox
    /no mailbox here by that name/ bad-mailbox
    /my badrcptto list/ bad-mailbox
    /not our customer/ bad-mailbox
    /no longer (valid|available)/ bad-mailbox
    /have a \S+ account/ bad-mailbox
    /\brelay(ing)?/ relaying-issues
    /domain (retired|bad|invalid|unknown|illegal|unavailable)/ bad-domain
    /domain no longer in use/ bad-domain
    /domain (\S+ +)?(is +)?obsolete/ bad-domain
    /denied/ policy-related
    /prohibit/ policy-related
    /refused/ policy-related
    /allowed/ policy-related
    /banned/ policy-related
    /policy/ policy-related
    /suspicious activity/ policy-related
    /bad sequence/ protocol-errors
    /syntax error/ protocol-errors
    /syntax error/ protocol-errors
    /\broute\b/ routing-errors
    /\bunroutable\b/ routing-errors
    /\bunrouteable\b/ routing-errors
    /Invalid 7bit DATA/ content-related
    /^2.\d+.\d+;/ success
    /^[45]\.1\.[1346];/ bad-mailbox
    /^[45]\.1\.2/ bad-domain
    /^[45]\.1\.[78];/ invalid-sender
    /^[45]\.2\.0;/ bad-mailbox
    /^[45]\.2\.1;/ inactive-mailbox
    /^[45]\.2\.2;/ quota-issues
    /^[45]\.3\.3;/ content-related
    /^[45]\.3\.5;/ bad-configuration
    /^[45]\.4\.1;/ no-answer-from-host
    /^[45]\.4\.2;/ bad-connection
    /^[45]\.4\.[36];/ routing-errors
    /^[45]\.4\.7;/ message-expired
    /^[45]\.5\.3;/ policy-related
    /^[45]\.5\.\d+;/ protocol-errors
    /^[45]\.6\.\d+;/ content-related
    /^[45]\.7\.[012];/ policy-related
    /^[45]\.7\.7;/ content-related
    // other # catch-all
</bounce-category-patterns>

<pattern-list sender>
#        rcpt-to /^.*@gmail.com$/ virtual-mta=vmta-pool-v6
#        rcpt-to /^.*@yandex.ru$/ virtual-mta=vmta-pool-v6
</pattern-list>

#####################################################################################################################################

In this section list you will find the most common reports and return error codes.

# Domain settings​

#####################################################################################################################################
# HOTMAIL #
#####################################################################################################################################

domain-macro hotmail hotmail.fr,live.com,hotmail.co.uk,hotmail.it,windowslive.com,live.fr,hotmail.de,hotmail.es,live.co.uk,live.it,hotmail.co.jp,live.com.mx,live.nl,live.de,live.cn,live.ru,live.ca,live.com.ar,hotmail.co.th,live.com.au,live.jp,live.se,live.cl,live.com.pt, live.be, live.dk, hotmail.com.tr, livemail.tw, live.no, hotmail.se , hotmail.com.tw,live.co.kr,hotmail.co.nz,live.at,live.in,hotmail.gr,hotmail.be,live.hk,live.ie,msn.cn,hotmail.co.kr,hotmail.no,hotmail.ch,live.co.za,hotmail.com.hk,live.com.my,live.com.sg,hotmail.fi,hotmail.my, hotmail.co.id, hotmail.sg, hotmail.com.au, hotmail.co.za, hotmail.dk, hotmail.rs,live.com.ph, hotmail.ph, hotmail.com.vn, hotmail.cz, bobdickey.com, bodystructure.com, bramsonsco.com, brokerlosangeles.com, brturner.com, brundagerealty.com, buenavistaproperty.com, buhrfiend.com, buyersnetwork.com, calderonrealty.net, calpremium.com, camparealestate.com, capemaymorrows.com, carllacey.com, carlosandteam.com, carolinafallprotection.com, carolnorthcott.com, carrengineering.com, casasarizona.info, cbaininc.com, cbcsteele.com, cclfinancial.com, centre-pointe.com, chandlerscott.org, chattanoogarealestateco.com, childrensservicescenter.org, ckgtherealtor.com, classified-ads.com, cmchildcare.org, cnnpropertymanagement.com, colme.org, colonialrestaurant.com, columbusmetrohomes.com, communitycare707.com, commxx.com, compassroads.com, cpsweb.org, crawfordsprinklercompany.com, crgllc.com, cri-ri.com, crownwarehousing.com, ctvet.com, dallisketchum.com, danielconstruction.com, dannyks.com, davesmolizer.com, dineseptembers.com, djshomeexperts.com, dkschools1.org, doe.com, dorothyharmon.com, drmarkou.com, duanelpeterson.com, dubas.com, dysertconcrete.com, e3acquisitions.com, earnwithvern.net, easyrentalsnj.com, ecmontereybay.com, elia-inc.com, elpasorealestateconsultants.com, email.itt-tech.edu, email.msn.com, enviromedservices.com, eptexrealtor.org, equity1realty.com, erhartfire.org, eswinc.com, eurihea.com, evansrealestateinc.com, everreadyelectric.net, excelemp.com, fbcnn.org, fbcripley.com, filanninoandtiangco.com, finkelectric.com, fintzrealty.net, floressierra.com, forpages.com, fosterheatingandair.com, fourriversrealty.net, fuae.net, fullerisford.com, gallowayrealestateinc.com, ggelec.com, glenwoodgsca.com, godsgang1.net, graneted.com, granitecresthomes.com, greg41.com, gregrich.com, hanleyappraisals.com, hannamfg.com, haxtechnologies.com, heatingcoolingoutlet.com, hellevik.com, hellorick.com, hensenhomes.com, hicksre.com, hol.gr, holyspiritschool.net, homeelegance.com, homestratumgroup.com, hotmail.ca, hotmail.co.jp, hotmail.co.uk, hotmail.com, hotmail.com.au, hotmail.es, hotmail.fr, hotmail.it, ijango.com, ilreoagent.com, imaxrealtors.com, innovateconsulting.com, innsofamerica.com, interactionintl.org, invesmart.net, investcorprealestate.com, invictus63.com, irenthomes.net, ITMORTGAGE.COM, jacarisupply.com, jagodik.com, jamesbrooksco.com, jamisonrealtors.com, janegregory.com, janneyteam.com, jbwalkers.com, jdhomes.net, joshuaregroup.com, joyparadise.com, jrcollinsrealtor.com, kaucky.com, kbwappraisals.com, kdrsteel.com, keithscustomcarpentry.com, kfigeneralcontractor.com, kienerappraisal.com, kristimartinez.com, kristyhairston.com, lakesidesf.org, lamonicas.com, laurarosca.com, lauriegoode.com, lauriesmithbl.com, lcmeats.com, legentwprealty.com, leisurevillas.com, leopursley.com, lideramos.com, lindstrom.org, littlefieldrealtyco.com, live.ca, live.cn, live.co.uk, live.com, live.com.au, live.com.mx, live.de, live.fr, live.ie, live.jp, livingindoors.com, lorrainegrifo.com, lpfhomes.com, lrpm.net, luzamo.com, marionconst.com, martinez-quevedo.com, matasgreekpizza.com, meltonent.com, merletenney.com, mikehillzone.com, milesappraising.com, mloves2sellrealty.com, msn.com, myallegiant.com, mycasasgrandes.com, MYSTICSHOREFG.COM, navitasfitness.com, nenanasd.org, ngoan.com, nhcsd.com, norlightsmontessori.com, northshoresproperties.com, oeinc.org, ohioland4u.com, olsonlawoffice.net, p2000inc.com, palomacervantes.com, palsa.net, patriciapotoy.com, paulettemckoy.com, peabodycorner.com, peggyshovecolumb.com, pinnacleli.com, plasa.com, pridehomebuilders.com, PrimeEstateRealty.net, principleregroup.com, promaxid.com, pwrprod.com, qrmconcrete.com, raptisrealestate.com, re4000.com, realestatevision.net, realridge.com, realstar.com, realteamvj.com, realtymartga.com, reginahaslam.com, rentthelakeshore.com, richconstructioninc.com, richmondcoldstorage.com, riverislandcc.net, rkramer.net, rnbmail.com, robinbender.com, rogershore.com, roggero.com, roknowsrealestate.com, royal1realty.com, royalre.net, rtelectric.net, ryantom.com, sacredheart-florissant.org, saintbrunoschool.com, sberealty.com, seabreezeenterprises.com, selahec.org, selltodaybuytomorrow.com, serenityidaho.com, sevenspringsindiana.com, sheppards.info, sherlockhomesre.com, shownbymichelle.com, sibleypoland.com, skeesicks.net, smoothmag.com, snowwhiteservicesinc.com, socalbrokers.org, sorianogroup.net, sos3.com, southmanproperties.com, springfieldfire.net, sscobra.com, staceypower.com, s-tay.com, stillwaternj.com, stjohnsmg.org, stjohnsvet.com, stmarybashacatholic.org, stricklandrealestate.com, strublera.com, summitautomation.com, svdp-xavier.com, sweetbayproperties.com, synergyrealestate.net, tambercontracting.com, tarheelappraisals.net, teamredtruckrealtor.com, texaslawnlandscape.com, thearagongroupllc.com, themonacorealtygroup.com, theworldwideproperty.com, tldirtwork.com, todayssalonandspa.com, tomwatts.com, topteamrealty.net, triopines.com, tysonlmg.com, upwvsc.org, victoriachristian.org, vilai.com, viocomputers.com, vpappraisal.com, w.cn, wardcrosby.com, waysidefurnitureinc.com, webuypecans.com, westonfire.com, windowslive.com, wkrealestate.net, wyliesrestaurant.com, yhotmail.com, yourkeytc.com, zubs-subs.com

<domain $hotmail>
  use-starttls no
  max-smtp-out 1                                                  # default be nice on concurrent connections
  max-msg-per-connection 1                                       # max 500 mails in one session
  max-rcpt-per-message 1
  max-errors-per-connection 10                                    # avoid 'too long without data command' error
  reuse-ssl-session no

  max-msg-rate 2/m

  bounce-upon-no-mx yes                                           # proper mail domains should have mx
  assume-delivery-upon-data-termination-timeout yes               # avoid duplicate deliveries
  smtp-421-means-mx-unavailable yes
  smtp-553-means-invalid-mailbox yes
  bounce-upon-5xx-greeting true
  connect-timeout 1m
  smtp-greeting-timeout 5m
  data-send-timeout 5m
  retry-after 30m                                                 # typical greylisting period
  bounce-after 3d                                                 # default 4d12h

  smtp-pattern-list blocking-errors
  backoff-max-msg-rate 1/h                                        # send only regular tries during backoff (default unlimited)
  backoff-retry-after 1h,3h,6h,12h                                # retry at least every 20m (default 1h)
  backoff-to-normal-after-delivery yes                            # revert to normal asap (default no)
  backoff-to-normal-after 1h                                      # always revert to normal after 1h (default never)

  dk-sign yes
  dkim-sign yes
 
</domain>
Here you can set mail sending rules for different mail services. Each macro is responsible for sending to a specific mail service. You can also add new macros to existing ones yourself.

The macro # DEFAULT DOMAIN SETTINGS # is responsible for the default settings for all mail services.
#####################################################################################################################################
# DEFAULT DOMAIN SETTINGS #
#####################################################################################################################################

<domain *>
  use-starttls no
  max-smtp-out 1                                                  # default be nice on concurrent connections
  max-msg-per-connection 1                                       # max 500 mails in one session
  max-rcpt-per-message 1
  max-errors-per-connection 10                                    # avoid 'too long without data command' error
  reuse-ssl-session no

  max-msg-rate 25/m

  bounce-upon-no-mx yes                                           # proper mail domains should have mx
  assume-delivery-upon-data-termination-timeout yes               # avoid duplicate deliveries
  smtp-421-means-mx-unavailable yes
  smtp-553-means-invalid-mailbox yes
  bounce-upon-5xx-greeting true
  connect-timeout 1m
  smtp-greeting-timeout 5m
  data-send-timeout 5m
  retry-after 30m                                                 # typical greylisting period
  bounce-after 3d                                                 # default 4d12h

  smtp-pattern-list blocking-errors
  backoff-max-msg-rate 1/m                                        # send only regular tries during backoff (default unlimited)
  backoff-retry-after 10m,30m,1h,2h                                # retry at least every 20m (default 1h)
  backoff-to-normal-after-delivery yes                            # revert to normal asap (default no)
  backoff-to-normal-after 10m                                      # always revert to normal after 1h (default never)

  dk-sign yes
  dkim-sign yes
  deliver-local-dsn no
</domain>
Everything between the <domain></domain> tags is the rules for sending mail to a particular domain.
Let's look at the most basic settings in normal mode.
max-smtp-out - number of outgoing streams. If you set the value = 1, then each time you connect to the server, mail will be sent through 1 stream.
max-msg-per-connection - number of emails per connection. If set to 1, each ip will open 1 connection and send 1 message.
max-msg-rate - maximum sending speed limit per second/minute/hour.

Settings in backoff mode


If your emails start bouncing back due to spam, the mailing list will automatically go into backoff mode.
backoff-max-msg-rate - limits the number of outgoing messages; if set to 0/h, it stops sending messages completely.
backoff-retry-after - the parameter is responsible for when the next time an attempt will be made to send mail. For example, if after 10 minutes the email is returned due to spam, then the next time pmta will try to send the email is after 30 minutes, 1 hour, 2 hours, etc.
backoff-to-normal-after-delivery - if set to yes, the mailing list will automatically return to normal mode if this time the letter was not rejected by the server.

# Section 5 SMTP PATTERN SETTINGS​


#####################################################################################################################################
# Section 5: SMTP PATTERN SETTINGS
#####################################################################################################################################

<smtp-pattern-list common-errors>
  reply /generating high volumes of.* complaints from AOL/    mode=backoff
  reply /Excessive unknown recipients - possible Open Relay/  mode=backoff
  reply /^421 .* too many errors/                             mode=backoff
  reply /blocked.*spamhaus/                                   mode=backoff
  reply /451 Rejected/                                        mode=backoff
</smtp-pattern-list>

<smtp-pattern-list blocking-errors>
 
  #AOL Errors
    reply /421 .* SERVICE NOT AVAILABLE/ mode=backoff
    reply /generating high volumes of.* complaints from AOL/ mode=backoff
    reply /554 .*aol.com/ mode=backoff
    reply /421dynt1/ mode=backoff
    reply /HVU:B1/ mode=backoff
    reply /DNS:NR/ mode=backoff
    reply /RLY:NW/ mode=backoff
    reply /DYN:T1/ mode=backoff
    reply /RLY:BD/ mode=backoff
    reply /RLY:CH2/ mode=backoff
    #
    #Yahoo Errors
    reply /421 .* Please try again later/ mode=backoff
    reply /421 Message temporarily deferred/ mode=backoff
    reply /VS3-IP5 Excessive unknown recipients/ mode=backoff
    reply /VSS-IP Excessive unknown recipients/ mode=backoff
    #
    # The following 4 Yahoo errors may be very common
    # Using them may result in high use of backoff mode
    #
    reply /\[GL01\] Message from/ mode=backoff
    reply /\[TS01\] Messages from/ mode=backoff
    reply /\[TS02\] Messages from/ mode=backoff
    reply /\[TS03\] All messages from/ mode=backoff
    #
    #Hotmail Errors
    reply /exceeded the rate limit/ mode=backoff
    reply /exceeded the connection limit/ mode=backoff
    reply /Mail rejected by Windows Live Hotmail for policy reasons/ mode=backoff
    reply /mail.live.com\/mail\/troubleshooting.aspx/ mode=backoff
    #
    #Adelphia Errors
    reply /421 Message Rejected/ mode=backoff
    reply /Client host rejected/ mode=backoff
    reply /blocked using UCEProtect/ mode=backoff
    #
    #Road Runner Errors
    reply /Mail Refused/ mode=backoff
    reply /421 Exceeded allowable connection time/ mode=backoff
    reply /amIBlockedByRR/ mode=backoff
    reply /block-lookup/ mode=backoff
    reply /Too many concurrent connections from source IP/ mode=backoff
    #
    #General Errors
    reply /too many/ mode=backoff
    reply /Exceeded allowable connection time/ mode=backoff
    reply /Connection rate limit exceeded/ mode=backoff
    reply /refused your connection/ mode=backoff
    reply /try again later/ mode=backoff
    reply /try later/ mode=backoff
    reply /550 RBL/ mode=backoff
    reply /TDC internal RBL/ mode=backoff
    reply /connection refused/ mode=backoff
    reply /please see www.spamhaus.org/ mode=backoff
    reply /Message Rejected/ mode=backoff
    reply /refused by antispam/ mode=backoff
    reply /Service not available/ mode=backoff
    reply /currently blocked/ mode=backoff
    reply /locally blacklisted/ mode=backoff
    reply /not currently accepting mail from your ip/ mode=backoff
    reply /421.*closing connection/ mode=backoff
    reply /421.*Lost connection/ mode=backoff
    reply /476 connections from your host are denied/ mode=backoff
    reply /421 Connection cannot be established/ mode=backoff
    reply /421 temporary envelope failure/ mode=backoff
    reply /421 4.4.2 Timeout while waiting for command/ mode=backoff
    reply /450 Requested action aborted/ mode=backoff
    reply /550 Access denied/ mode=backoff
    reply /exceeded the rate limit/ mode=backoff
    reply /421rlynw/ mode=backoff
    reply /permanently deferred/ mode=backoff
    reply /\d+\.\d+\.\d+\.\d+ blocked/ mode=backoff
    reply /www\.spamcop\.net\/bl\.shtml/ mode=backoff
    reply /generating high volumes of.* complaints from AOL/    mode=backoff
    reply /Excessive unknown recipients - possible Open Relay/  mode=backoff
    reply /^421 .* too many errors/                             mode=backoff
    reply /blocked.*spamhaus/                                   mode=backoff
    reply /451 Rejected/                                        mode=backoff
</smtp-pattern-list>

#####################################################################################################################################
# END Section 5: SMTP PATTERN SETTINGS
#####################################################################################################################################

This section contains error codes, in case of which the mailing list will be switched to backoff mode.

Section 6: LOG AND SPOOL SETTINGS​


#####################################################################################################################################
# Section 6: LOG AND SPOOL SETTINGS
#####################################################################################################################################

log-file /var/log/pmta/log        # logrotate is used for rotation

# All logs
 <acct-file /var/log/pmta/acct.csv>
     move-interval 5m
     max-size 25M
     delete-after 7d
 </acct-file>
 
 # HardBounce logs
<acct-file /var/log/pmta/hardbounces.csv>
    records r
    records rb
    record-fields r *
    record-fields rb *
    move-interval 5m
    max-size 50M # MB
    delete-after 7d
</acct-file>

# SoftBounce logs
<acct-file /var/log/pmta/softbounces.csv>
    records t
    record-fields t *
    move-interval 5m
    max-size 50M # MB
    delete-after 7d
</acct-file>

# Delivery log
<acct-file /var/log/pmta/success.csv>
    records d
    record-fields d *
    move-interval 5m
    max-size 50M # MB
    delete-after 7d
</acct-file>

#####################################################################################################################################

The <acct-file /var/log/pmta/acct.csv></acct-file> tag is responsible for the acct.csv file that will be updated every day. This is the most important file, it will store all data about the mailing list, delivered and undelivered letters, recipients, etc.
move-interval - controls how often the acct.csv file is updated. With a value of 5m, the file will be updated every 5 minutes.
max-size - maximum file size.
delete-after - the period of time after which the file will be deleted.


Standard PMTA configuration files:

Please, Login or Register to view URLs content!
 
Last edited:
Top