feedback-loop { process-fbl yes fbl-address fbl@example.com fbl-action remove # Auto-suppress complained addresses fbl-suppression 90d } IP Reputation & Blacklist Checks --------------------------- Note: Requires subscription to a DNSBL service. dnsbl zen.spamhaus.org { reject-message "Your IP is blacklisted - see spamhaus.org" reject-on-failure yes timeout 5s } Whitelist trusted IPs (e.g., internal mail relays) access-rule whitelist-intranet allow 10.0.0.0/8 access-rule whitelist-intranet allow 172.16.0.0/12 --------------------------- Logging & Monitoring --------------------------- log-format extended { format "[%d] %t %r %s %p %i %b %e %c %h" } log-domain-stats { interval 1h file /var/log/pmta/domain-stats.csv domains all } log-connections { file /var/log/pmta/conn.log max-size 100M rotations 10 } log-errors { file /var/log/pmta/errors.log level warn } --------------------------- Resource Limits --------------------------- smtp-server { max-connections 500 max-clients 200 queue-size 500000 memory-limit 2G disk-limit 50G } --------------------------- Queue Management --------------------------- queue { max-size 2000000 max-age 7d delivery-interval 5s retry-interval 5m,15m,30m,1h,2h,4h,8h,12h,1d dead-letter-expire 30d tempfail-retries 8 } --------------------------- Source Binding (Multi-IP Sending) --------------------------- source-address 192.0.2.10 # This IP belongs to hotmail-pool virtual MTA # and also used for generic outbound source-address
# Optional: listen on multiple interfaces interface 0.0.0.0 max-message-size 50M log-connections yes log-session no dns-timeout 10s idle-timeout 300s max-recipients 1000 max-failures 20 soft-bounce-limit 5 slow-start yes slow-start-initial 10 slow-start-max 100 slow-start-period 30s smtp-service Virtual MTA (vMTA) Definitions --------------------------- Each vMTA can have separate IP pools, throttles, and sending profiles. virtual-mta hotmail-pool smtp-service outbound source-ip 192.0.2.10 192.0.2.11 192.0.2.12 # Rotate source IPs max-smtp-out 30 max-msg-rate 20000/h # Soft throttle max-msg-rate-per-connection 10 connect-timeout 30s idle-timeout 60s use-starttls yes require-tls false dns-timeout 10s sample powermta configuration file
virtual-mta gmail-pool smtp-service outbound source-ip 192.0.2.20 192.0.2.21 max-smtp-out 20 max-msg-rate 15000/h connect-timeout 45s use-starttls yes require-tls true domain-throttle gmail.com max-msg-rate 12000/h max-conn 12 virtual-mta feedback-loop { process-fbl yes fbl-address fbl@example
# Require authentication for relaying auth-require true auth-scheme LOGIN auth-source file /etc/pmta/auth.db sample powermta configuration file