Category: PowerMTA

  • How to configure Hostname in PowerMTA

    How to configure Hostname in PowerMTA

    By default, PowerMTA uses the server’s hostname. You can specify a custom hostname per Virtual MTA.

    To set a hostname for VitualMTA, add host-name entry as follows.

    
    host-name smtp1.serverok.in
    #domain-key default,smtp1.serverok.in,/etc/pmta/default.smtp1.serverok.in.pem
    
    max-msg-rate 100/h

  • Install PowerMTA

    Install the requirments

    yum install unzip net-tools telnet git gdb -y

    If you already have a mail server remove it.

    yum remove postfix -y

    If you want to keep current mail server, you can run PowerMTA on a port other than 25.

    cd /root/PMTA/
unzip PowerMTA5.0r1.zip
cd /root/PMTA/PowerMTA5.0r1
yum install PowerMTA-5.0r1-201909161531.x86_64.rpm
service pmta stop
service pmtahttp stop
rm -f /usr/sbin/pmtad
rm -f /usr/sbin/pmtahttpd
cd  /root/PMTA/PowerMTA5.0r1/usr/sbin
cp * /usr/sbin
chmod -R 755 /usr/sbin/pmta
chmod -R 755 /usr/sbin/pmtad
chmod -R 755 /usr/sbin/pmtahttpd
cp /root/PMTA/PowerMTA5.0r1/license /etc/pmta

    Restart PowerMTA

    service pmta start
service pmtahttp start

    If you get any error, run powermta in debug mode

    pmtad --debug

    To customoize your PowerMTA install, edit config file

    vi /etc/pmta/config

    After editing config file, you need to restart PowerMTA

    service pmta restart

    Or reload, which is faster

    service pmta reload

    See PowerMTA

  • PowerMTA test using telnet

    To test PowerMTA using telnet, run

    telnet localhost 25

    Now paste following content

    ehlo localhost
mail from: [email protected]
rcpt to: [email protected]
data
Subject: Testing

This is text email.
.
quit

    To see logs

    tail -f /var/log/pmta/pmta.log

    To see PowerMTA queue, run

    pmta show queues

    See PowerMTA

  • PowerMTA IP Rotation

    To setup IP rotation in PowerMTA, configure multiple IP on the server. Setup rDNS for each of these IP, point a sub domain to these IPs same as the reverse DNS entry.

    Here is an exable

    First we need to edit DNS records. Add folowing A records.

    pmta1.sevrerok.in    A       176.123.8.12
pmta2.sevrerok.in    A       176.123.8.13 
pmta3.sevrerok.in    A       176.123.8.17

    Set up rDNS (reverse DNS/PTR Record) with your server provider.

    176.123.8.12 > pmta1.sevrerok.in
176.123.8.13 > pmta2.sevrerok.in
176.123.8.17 > pmta3.sevrerok.in

    Edit PowerMTA config file

    vi /etc/pmta/config

    Find your virtual-mta configuration, replace it with

    
    smtp-source-host 176.123.8.12 pmta1.sevrerok.in
    domain-key default,*,/etc/pmta/default.sevrerok.in.pem
    
    max-msg-rate 400/h
    



    smtp-source-host 176.123.8.13 pmta2.sevrerok.in
    domain-key default,*,/etc/pmta/default.sevrerok.in.pem
    
    max-msg-rate 400/h
    



    smtp-source-host 176.123.8.17 pmta3.sevrerok.in
    domain-key default,*,/etc/pmta/default.sevrerok.in.pem
    
    max-msg-rate 400/h
    



    virtual-mta pmta1
    virtual-mta pmta2
    virtual-mta pmta3

    See PowerMTA

  • PowerMTA route mails through another SMTP server for a domain

    If you want to route emils from PowerMTA though another SMTP server, you can use following config.

    In this example, all outgoing emails to @outlook.com domain will get routed through Amazon SES.

    Edit PowerMTA config file

    vi /etc/pmta/config

    Add folowing

    
    queue-to amazon-ses.route



    auth-username USER_NAME_HERE
    auth-password PASSWORD_HERE
    route email-smtp.us-west-2.amazonaws.com:587
    use-starttls yes
    require-starttls yes

    Restart PowerMTA

    systemctl restart pmta

    See PowerMTA

  • Enable Web Monitor UI in PowerMTA

    PowerMTA comes with a Web Monitor UI, that will show you some stats about your mail server, also able to run some commands, edit PowerMTA configuration file.

    PowerMTA web monitor UI

    To enable Web Monitor UI, you need to white list your IP address in PowerMTA configuration, for this you need a fixed IP Address.

    vi /etc/pmta/config

    Find

    http-access 127.0.0.1 monitor
http-access ::1 monitor

    Add below

    http-access 51.38.246.115 admin

    Replace 51.38.246.115 with your IP address in above line and restart PowerMTA.

    systemctl restart pmta

    Now you will be able to access PowerMTA Web Monitor UI at

    https://YOUR_MAIL_SERVER_IP:8080/

    Web Monitor log file

    tail -f /var/log/pmta/pmtahttp.log

    See PowerMTA

  • PowerMTA allow an IP to sent email

    To allow a web server to send email through PowerMTA with out autentication, you need to edit PowerMTA configuration file

    vi /etc/pmta/config

    Add a source entry for the IP address that you need to allow relaying mails 

    
    always-allow-relaying yes
    smtp-service yes

    Replace IP_ADDRESS with IP address of web server that you need to allow sending email with out autentication.

    Restart PowerMTA

    systemctl restart pmta

    With out source entry, if you try to sent email, you will be rejected with error “550 5.7.1 relaying denied for recipient”.

    Example using swaks

    root@lab:~# swaks --to [email protected] --server smtp1.serverok.in --port 2525
=== Trying smtp1.serverok.in:2525...
=== Connected to smtp1.serverok.in.
<-  220 smtp1.serverok.in ESMTP service ready
 -> EHLO lab.serverok.in
<-  250-smtp1.serverok.in says hello
<-  250-ENHANCEDSTATUSCODES
<-  250-PIPELINING
<-  250-CHUNKING
<-  250-8BITMIME
<-  250-AUTH CRAM-MD5
<-  250-AUTH=CRAM-MD5
<-  250-XACK
<-  250-SIZE 0
<-  250-VERP
<-  250-SMTPUTF8
<-  250 DSN
 -> MAIL FROM:
<-  250 2.1.0 MAIL ok
 -> RCPT TO:
<** 550 5.7.1 relaying denied for recipient in "RCPT TO:"
 -> QUIT
<-  221 2.0.0 smtp1.serverok.in says goodbye
=== Connection closed with remote host.
root@lab:~#

    See PowerMTA

  • Create DKIM in PowerMTA

    To generate DKIM, run the command

    openssl genpkey -algorithm RSA -out private.pem
openssl rsa -pubout -in private.pem -out public.pem

    This will create 2 files. private.pem and public.pem

    Create a file and copy the content of the file private.pem in it.

    /etc/pmta/DOMAIN_NAME_HERE.pem

    Public Key

    The file public.pem contains the public key, which you need to put in your DNS zone.

    public.pem file contains something that looks like the following.

    -----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTt4sgLkVtp3kFkOFcjl
gFbl+62iqhhDSmNosLqW0Pna+rhyBUpPxtCingTi1IO6/vd9MCaTRe89gyTVy8QD
gfERopy+uR3MVrpmHhvaAlqH++HIpJDl/y5PuQz/VRL6bUy6jM0TMmqrEWLUORuc
JcuBP7p7Vwu+cNPuf962YblCqKj5qQlSNPiqVoQvZPYmj6mAvFg0/3dHVcP4j3rC
gfLhSNzBKiQgewkUXoclT8209vGG82ER8nCMwBm16WfCHSAjEmKGAQ01xS32toiZ
Khti9zKgrR2J6kbijMLB2ONQ0gvvbcwRgoJQQ5CkemAGlfsIhEvlfXbD0lkM5PwV
vQIDAQAB
-----END PUBLIC KEY-----

    NOTE: This is just an example, don’t use it.

    You need to remove —–BEGIN PUBLIC KEY—– and —–END PUBLIC KEY—–, and remove line chars, so it looks like one long string. For example

    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTt4sgLkVtp3kFkOFcjl gFbl+62iqhhDSmNosLqW0Pna+rhyBUpPxtCingTi1IO6/vd9MCaTRe89gyTVy8QD gfERopy+uR3MVrpmHhvaAlqH++HIpJDl/y5PuQz/VRL6bUy6jM0TMmqrEWLUORuc JcuBP7p7Vwu+cNPuf962YblCqKj5qQlSNPiqVoQvZPYmj6mAvFg0/3dHVcP4j3rC gfLhSNzBKiQgewkUXoclT8209vGG82ER8nCMwBm16WfCHSAjEmKGAQ01xS32toiZ Khti9zKgrR2J6kbijMLB2ONQ0gvvbcwRgoJQQ5CkemAGlfsIhEvlfXbD0lkM5PwV vQIDAQAB

    Next, you need to edit the DNS record for your domain name. Create a TXT record with the following name

    default._domainkey.DOMAIN_NAME_HERE

    For the value, use

    "v=DKIM1; k=rsa; p=PUBLIC_KEY_HERE"

    Example

    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTt4sgLkVtp3kFkOFcjl gFbl+62iqhhDSmNosLqW0Pna+rhyBUpPxtCingTi1IO6/vd9MCaTRe89gyTVy8QD gfERopy+uR3MVrpmHhvaAlqH++HIpJDl/y5PuQz/VRL6bUy6jM0TMmqrEWLUORuc JcuBP7p7Vwu+cNPuf962YblCqKj5qQlSNPiqVoQvZPYmj6mAvFg0/3dHVcP4j3rC gfLhSNzBKiQgewkUXoclT8209vGG82ER8nCMwBm16WfCHSAjEmKGAQ01xS32toiZ Khti9zKgrR2J6kbijMLB2ONQ0gvvbcwRgoJQQ5CkemAGlfsIhEvlfXbD0lkM5PwV vQIDAQAB"

    Enable DKIM Signing

    To enable DKIM signing, edit

    vi /etc/pmta/config

    Add

    domain-key default,serverok.in,/etc/pmta/default.serverok.in.pem

    You can also add this in virtual MTA settings.

    See PowerMTA

  • Change SMTP port in PowerMTA

    To change SMTP port in PowerMTA, edit file

    vi /etc/pmta/config

    Find line starting with

    smtp-listener

    This line specify port used by PowerMTA server. You can change the power on this line. If you need PowerMTA listen to multiple ports, duplicate the line and change port, this will make PowerMTA work using both ports.

    smtp-listener 0/0:2525
smtp-listener 0/0:25

    This will make PowerMTA work on both port 25 and port 2525

    After editing /etc/pmta/config, you need to restart PowerMTA with

    systemctl restart pmta

    See PowerMTA

  • Create SMTP user in PowerMTA

    Once you have PowerMTA installed, you need to create SMTP user. To create an SMTP user, edit file

    vi /etc/pmta/config

    Find

    #
#    password "changeme"
#

    Add below

    
    password "SMTP_PASSWORD_HERE"
    source {smtpuser-auth}



    smtp-service yes
    always-allow-relaying yes
    require-auth true
    process-x-virtual-mta yes
    default-virtual-mta vmta-1
    remove-received-headers true
    #add-received-headers false
    hide-message-source true



    #smtp-source-host 79.137.44.176 smtp1.serverok.in
    #domain-key default,smtp1.serverok.in,/etc/pmta/default.smtp1.serverok.in.pem
    
    max-msg-rate 100/h

    In above code, replace SMTP_USERNAME_HERE and SMTP_PASSWORD_HERE with SMTP username and password you need.

    in vmta-1, domain-key line that is commented out is used to Enable DKIM signing of out going emails.

    Resatrt PowerMTA

    systemctl restart pmta

    See PowerMTA

  • PowerMTA

    PowerMTA is a highly configurable mail server for email marketing. Unlike general email servers, PowerMTA can be configured to meet your special mail delivery requirements.

    List mails in the queue

    pmta show queues

    To reload PowerMTA

    pmta reload

    PowerMTA config file location

    /etc/pmta/config

    To see mail queue status, run

    pmta show status