· 7 years ago · Sep 06, 2018, 02:14 PM
1
2############################################################################
3# Section 1: POTOKI
4############################################################################
5
6#total-max-smtp-in 1000
7#total-max-smtp-out 5000
8
9############################################################################
10# Section 2: SOURCE
11############################################################################
12
13<source 127.0.0.1>
14 always-allow-relaying yes # allow feeding from 127.0.0.1
15 process-x-virtual-mta yes # allow selection of a virtual MTA
16 max-message-size 100K
17 smtp-service yes # allow SMTP service
18 remove-received-headers true
19 add-received-header false
20 hide-message-source true
21 remove-header X-Priority
22 pattern-list sender
23</source>
24
25############################################################################
26# Section 3: MAIN SETTINGS / VIRTUAL-MTA-POOL
27############################################################################
28
29smtp-listener 0/0:2525 # listens on all local IPs
30http-mgmt-port 1001
31http-access 0/0 admin
32http-access 0/0 monitor
33#http-access ::1 monitor
34run-as-root no
35
36############################################################################
37# Section 3: BASE SETTINGS FOR LOCALHOST
38############################################################################
39
40<source 0/0>
41 log-connections no
42 log-commands no # WARNING: verbose!
43 log-data no # WARNING: even more verbose!
44 allow-unencrypted-plain-auth yes
45 default-virtual-mta by-smtp-source-ip
46 process-x-virtual-mta yes
47 smtp-service yes
48 always-allow-api-submission yes
49 pattern-list pmta-pattern
50</source>
51
52include /etc/pmta/virtualhost.txt
53
54############################################################################
55# Section 4: BOUNCE SETTINGS
56############################################################################
57
58<bounce-category-patterns>
59 /spam/ spam-related
60 /junk mail/ spam-related
61 /blacklist/ spam-related
62 /blocked/ spam-related
63 /\bU\.?C\.?E\.?\b/ spam-related
64 /\bAdv(ertisements?)?\b/ spam-related
65 /unsolicited/ spam-related
66 /\b(open)?RBL\b/ spam-related
67 /realtime blackhole/ spam-related
68 /http:\/\/basic.wirehub.nl\/blackholes.html/ spam-related
69 /\bvirus\b/ virus-related
70 /message +content/ content-related
71 /content +rejected/ content-related
72 /quota/ quota-issues
73 /limit exceeded/ quota-issues
74 /mailbox +(is +)?full/ quota-issues
75 /sender ((verify|verification) failed|could not be verified|address rejected|domain must exist)/ invalid-sender
76 /unable to verify sender/ invalid-sender
77 /requires valid sender domain/ invalid-sender
78 /bad sender's system address/ invalid-sender
79 /No MX for envelope sender domain/ invalid-sender
80 /^[45]\.4\.4/ routing-errors
81 /no mail hosts for domain/ invalid-sender
82 /Your domain has no(t)? DNS\/MX entries/ invalid-sender
83 /REQUESTED ACTION NOT TAKEN: DNS FAILURE/ invalid-sender
84 /Domain of sender address/ invalid-sender
85 /return MX does not exist/ invalid-sender
86 /Invalid sender domain/ invalid-sender
87 /Verification failed/ invalid-sender
88 /\bstorage\b/ quota-issues
89 /(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee) (has|has been|is)? *(currently|temporarily +)?(disabled|expired|inactive|not activa
90ted)/ inactive-mailbox
91 /(conta|usu.rio) inativ(a|o)/ inactive-mailbox
92 /Too many (bad|invalid|unknown|illegal|unavailable) (user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee)/ other
93 /(No such|bad|invalid|unknown|illegal|unavailable) (local +)?(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee)/ bad-mailbox
94 /(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee) +(\S+@\S+ +)?(not (a +)?valid|not known|not here|not found|does not exist|bad|inval
95id|unknown|illegal|unavailable)/ bad-mailbox
96 /\S+@\S+ +(is +)?(not (a +)?valid|not known|not here|not found|does not exist|bad|invalid|unknown|illegal|unavailable)/ bad-mailbox
97 /no mailbox here by that name/ bad-mailbox
98 /my badrcptto list/ bad-mailbox
99 /not our customer/ bad-mailbox
100 /no longer (valid|available)/ bad-mailbox
101 /have a \S+ account/ bad-mailbox
102 /\brelay(ing)?/ relaying-issues
103 /domain (retired|bad|invalid|unknown|illegal|unavailable)/ bad-domain
104 /domain no longer in use/ bad-domain
105 /domain (\S+ +)?(is +)?obsolete/ bad-domain
106 /denied/ policy-related
107 /prohibit/ policy-related
108 /refused/ policy-related
109 /allowed/ policy-related
110 /banned/ policy-related
111 /policy/ policy-related
112 /suspicious activity/ policy-related
113 /bad sequence/ protocol-errors
114 /syntax error/ protocol-errors
115 /syntax error/ protocol-errors
116 /\broute\b/ routing-errors
117 /\bunroutable\b/ routing-errors
118 /\bunrouteable\b/ routing-errors
119 /Invalid 7bit DATA/ content-related
120 /^2.\d+.\d+;/ success
121 /^[45]\.1\.[1346];/ bad-mailbox
122 /^[45]\.1\.2/ bad-domain
123 /^[45]\.1\.[78];/ invalid-sender
124 /^[45]\.2\.0;/ bad-mailbox
125 /^[45]\.2\.1;/ inactive-mailbox
126 /^[45]\.2\.2;/ quota-issues
127 /^[45]\.3\.3;/ content-related
128 /^[45]\.3\.5;/ bad-configuration
129 /^[45]\.4\.1;/ no-answer-from-host
130 /^[45]\.4\.2;/ bad-connection
131 /^[45]\.4\.[36];/ routing-errors
132 /^[45]\.4\.7;/ message-expired
133 /^[45]\.5\.3;/ policy-related
134 /^[45]\.5\.\d+;/ protocol-errors
135 /^[45]\.6\.\d+;/ content-related
136 /^[45]\.7\.[012];/ policy-related
137 /^[45]\.7\.7;/ content-related
138 // other # catch-all
139</bounce-category-patterns>
140
141<pattern-list sender>
142# rcpt-to /^.*@gmail.com$/ virtual-mta=vmta-pool-v6
143# rcpt-to /^.*@yandex.ru$/ virtual-mta=vmta-pool-v6
144</pattern-list>
145
146#####################################################################################################################################################################################################################
147# Section 5: DOMAIN SETTINGS ########################################################################################################################################################################################
148#####################################################################################################################################################################################################################
149
150#####################################################################################################################################################################################################################
151# MAIL.RU #
152#####################################################################################################################################################################################################################
153
154# domains that resolve to MAIL.RU
155domain-macro mailru mail.ru,bk.ru,inbox.ru,list.ru
156
157<domain $mailru>
158 max-smtp-out 2 # default be nice on concurrent connections
159 max-msg-per-connection 1 # max 500 mails in one session
160 max-errors-per-connection 10 # avoid 'too long without data command' error
161
162 max-msg-rate 180/h
163
164 bounce-upon-no-mx yes # proper mail domains should have mx
165 assume-delivery-upon-data-termination-timeout yes # avoid duplicate deliveries
166 smtp-421-means-mx-unavailable yes
167 smtp-553-means-invalid-mailbox yes
168 bounce-upon-5xx-greeting true
169 connect-timeout 1m
170 smtp-greeting-timeout 5m
171 data-send-timeout 5m
172 retry-after 5m # typical greylisting period
173 bounce-after 30m # default 4d12h
174
175 smtp-pattern-list blocking-errors
176 backoff-max-msg-rate 1/m # send only regular tries during backoff (default unlimited)
177 backoff-retry-after 5m # retry at least every 20m (default 1h)
178 #backoff-notify "" # disable backoff notifications
179 backoff-to-normal-after-delivery yes # revert to normal asap (default no)
180 backoff-to-normal-after never # always revert to normal after 1h (default never)
181
182 dk-sign yes
183 dkim-sign yes
184
185</domain>
186
187# domains that resolve to GMAIL
188domain-macro gmail gmail.ru,gmail.com
189
190<domain $gmail>
191 max-smtp-out 2 # default be nice on concurrent connections
192 max-msg-per-connection 1 # max 500 mails in one session
193 max-errors-per-connection 10 # avoid 'too long without data command' error
194
195 max-msg-rate 180/h
196
197 bounce-upon-no-mx yes # proper mail domains should have mx
198 assume-delivery-upon-data-termination-timeout yes # avoid duplicate deliveries
199 smtp-421-means-mx-unavailable yes
200 smtp-553-means-invalid-mailbox yes
201 bounce-upon-5xx-greeting true
202 connect-timeout 1m
203 smtp-greeting-timeout 5m
204 data-send-timeout 5m
205 retry-after 15m # typical greylisting period
206 bounce-after 1h # default 4d12h
207
208 smtp-pattern-list blocking-errors
209 backoff-max-msg-rate 1/m # send only regular tries during backoff (default unlimited)
210 backoff-retry-after 10m # retry at least every 20m (default 1h)
211 #backoff-notify "" # disable backoff notifications
212 backoff-to-normal-after-delivery yes # revert to normal asap (default no)
213 backoff-to-normal-after never # always revert to normal after 1h (default never)
214
215 dk-sign yes
216 dkim-sign yes
217
218</domain>
219
220# domains that resolve to RAMBLER
221domain-macro rambler rambler.ru
222
223<domain $rambler>
224 max-smtp-out 50 # default be nice on concurrent connections
225 max-msg-per-connection 1 # max 500 mails in one session
226 max-errors-per-connection 10 # avoid 'too long without data command' error
227
228 max-msg-rate 100/m
229
230 bounce-upon-no-mx yes # proper mail domains should have mx
231 assume-delivery-upon-data-termination-timeout yes # avoid duplicate deliveries
232 smtp-421-means-mx-unavailable yes
233 smtp-553-means-invalid-mailbox yes
234 bounce-upon-5xx-greeting true
235 connect-timeout 1m
236 smtp-greeting-timeout 5m
237 data-send-timeout 5m
238 retry-after 15m # typical greylisting period
239 bounce-after 3h # default 4d12h
240
241 smtp-pattern-list blocking-errors
242 backoff-max-msg-rate 1/m # send only regular tries during backoff (default unlimited)
243 backoff-retry-after 10m # retry at least every 20m (default 1h)
244 #backoff-notify "" # disable backoff notifications
245 backoff-to-normal-after-delivery yes # revert to normal asap (default no)
246 backoff-to-normal-after never # always revert to normal after 1h (default never)
247
248 dk-sign yes
249 dkim-sign yes
250
251</domain>
252
253# domains that resolve to YANDEX
254domain-macro yandex yandex.ru,ya.ru
255
256<domain $yandex>
257 max-smtp-out 2 # default be nice on concurrent connections
258 max-msg-per-connection 1 # max 500 mails in one session
259 max-errors-per-connection 10 # avoid 'too long without data command' error
260
261 max-msg-rate 180/h
262
263 bounce-upon-no-mx yes # proper mail domains should have mx
264 assume-delivery-upon-data-termination-timeout yes # avoid duplicate deliveries
265 smtp-421-means-mx-unavailable yes
266 smtp-553-means-invalid-mailbox yes
267 bounce-upon-5xx-greeting true
268 connect-timeout 1m
269 smtp-greeting-timeout 5m
270 data-send-timeout 5m
271 retry-after 15m # typical greylisting period
272 bounce-after 1h # default 4d12h
273
274 smtp-pattern-list blocking-errors
275 backoff-max-msg-rate 1/m # send only regular tries during backoff (default unlimited)
276 backoff-retry-after 10m # retry at least every 20m (default 1h)
277 #backoff-notify "" # disable backoff notifications
278 backoff-to-normal-after-delivery yes # revert to normal asap (default no)
279 backoff-to-normal-after never # always revert to normal after 1h (default never)
280
281 dk-sign yes
282 dkim-sign yes
283
284</domain>
285
286# default domain settings
287<domain *>
288 max-smtp-out 2 # default be nice on concurrent connections
289 max-msg-per-connection 1 # max 500 mails in one session
290 max-errors-per-connection 10 # avoid 'too long without data command' error
291
292 max-msg-rate 60/m
293
294 bounce-upon-no-mx yes # proper mail domains should have mx
295 assume-delivery-upon-data-termination-timeout yes # avoid duplicate deliveries
296 smtp-421-means-mx-unavailable yes
297 smtp-553-means-invalid-mailbox yes
298 bounce-upon-5xx-greeting true
299 connect-timeout 1m
300 smtp-greeting-timeout 5m
301 data-send-timeout 5m
302 retry-after 5m # typical greylisting period
303 bounce-after 1h # default 4d12h
304
305 smtp-pattern-list blocking-errors
306 backoff-max-msg-rate 1/m # send only regular tries during backoff (default unlimited)
307 backoff-retry-after 10m # retry at least every 20m (default 1h)
308 #backoff-notify "" # disable backoff notifications
309 backoff-to-normal-after-delivery yes # revert to normal asap (default no)
310 backoff-to-normal-after never # always revert to normal after 1h (default never)
311
312 dk-sign yes
313 dkim-sign yes
314</domain>
315
316#####################################################################################################################################################################################################################
317# END Section 4: DOMAIN SETTINGS ####################################################################################################################################################################################
318#####################################################################################################################################################################################################################
319
320#####################################################################################################################################################################################################################
321# Section 5: SMTP PATTERN SETTINGS ##################################################################################################################################################################################
322#####################################################################################################################################################################################################################
323
324<smtp-pattern-list common-errors>
325 reply /generating high volumes of.* complaints from AOL/ mode=backoff
326 reply /Excessive unknown recipients - possible Open Relay/ mode=backoff
327 reply /^421 .* too many errors/ mode=backoff
328 reply /blocked.*spamhaus/ mode=backoff
329 reply /451 Rejected/ mode=backoff
330</smtp-pattern-list>
331
332<smtp-pattern-list blocking-errors>
333 #
334 # A QUEUE IN BACKOFF MODE WILL SEND MORE SLOWLY
335 # To place a queue back into normal mode, a command similar
336 # to one of the following will need to be run:
337 # pmta set queue --mode=normal yahoo.com
338 # or
339 # pmta set queue --mode=normal yahoo.com/vmta1
340 #
341 # To use backoff mode, uncomment individual <domain> directives
342 #
343 #AOL Errors
344 reply /421 .* SERVICE NOT AVAILABLE/ mode=backoff
345 reply /generating high volumes of.* complaints from AOL/ mode=backoff
346 reply /554 .*aol.com/ mode=backoff
347 reply /421dynt1/ mode=backoff
348 reply /HVU:B1/ mode=backoff
349 reply /DNS:NR/ mode=backoff
350 reply /RLY:NW/ mode=backoff
351 reply /DYN:T1/ mode=backoff
352 reply /RLY:BD/ mode=backoff
353 reply /RLY:CH2/ mode=backoff
354 #
355 #Yahoo Errors
356 reply /421 .* Please try again later/ mode=backoff
357 reply /421 Message temporarily deferred/ mode=backoff
358 reply /VS3-IP5 Excessive unknown recipients/ mode=backoff
359 reply /VSS-IP Excessive unknown recipients/ mode=backoff
360 #
361 # The following 4 Yahoo errors may be very common
362 # Using them may result in high use of backoff mode
363 #
364 reply /\[GL01\] Message from/ mode=backoff
365 reply /\[TS01\] Messages from/ mode=backoff
366 reply /\[TS02\] Messages from/ mode=backoff
367 reply /\[TS03\] All messages from/ mode=backoff
368 #
369 #Hotmail Errors
370 reply /exceeded the rate limit/ mode=backoff
371 reply /exceeded the connection limit/ mode=backoff
372 reply /Mail rejected by Windows Live Hotmail for policy reasons/ mode=backoff
373 reply /mail.live.com\/mail\/troubleshooting.aspx/ mode=backoff
374 #
375 #Adelphia Errors
376 reply /421 Message Rejected/ mode=backoff
377 reply /Client host rejected/ mode=backoff
378 reply /blocked using UCEProtect/ mode=backoff
379 #
380 #Road Runner Errors
381 reply /Mail Refused/ mode=backoff
382 reply /421 Exceeded allowable connection time/ mode=backoff
383 reply /amIBlockedByRR/ mode=backoff
384 reply /block-lookup/ mode=backoff
385 reply /Too many concurrent connections from source IP/ mode=backoff
386 #
387 #General Errors
388 reply /too many/ mode=backoff
389 reply /Exceeded allowable connection time/ mode=backoff
390 reply /Connection rate limit exceeded/ mode=backoff
391 reply /refused your connection/ mode=backoff
392 reply /try again later/ mode=backoff
393 reply /try later/ mode=backoff
394 reply /550 RBL/ mode=backoff
395 reply /TDC internal RBL/ mode=backoff
396 reply /connection refused/ mode=backoff
397 reply /please see www.spamhaus.org/ mode=backoff
398 reply /Message Rejected/ mode=backoff
399 reply /refused by antispam/ mode=backoff
400 reply /Service not available/ mode=backoff
401 reply /currently blocked/ mode=backoff
402 reply /locally blacklisted/ mode=backoff
403 reply /not currently accepting mail from your ip/ mode=backoff
404 reply /421.*closing connection/ mode=backoff
405 reply /421.*Lost connection/ mode=backoff
406 reply /476 connections from your host are denied/ mode=backoff
407 reply /421 Connection cannot be established/ mode=backoff
408 reply /421 temporary envelope failure/ mode=backoff
409 reply /421 4.4.2 Timeout while waiting for command/ mode=backoff
410 reply /450 Requested action aborted/ mode=backoff
411 reply /550 Access denied/ mode=backoff
412 reply /exceeded the rate limit/ mode=backoff
413 reply /421rlynw/ mode=backoff
414 reply /permanently deferred/ mode=backoff
415 reply /\d+\.\d+\.\d+\.\d+ blocked/ mode=backoff
416 reply /www\.spamcop\.net\/bl\.shtml/ mode=backoff
417 reply /generating high volumes of.* complaints from AOL/ mode=backoff
418 reply /Excessive unknown recipients - possible Open Relay/ mode=backoff
419 reply /^421 .* too many errors/ mode=backoff
420 reply /blocked.*spamhaus/ mode=backoff
421 reply /451 Rejected/ mode=backoff
422</smtp-pattern-list>
423
424############################################################################
425# END Section 5: SMTP PATTERN SETTINGS #####################################
426############################################################################
427
428############################################################################
429# Section 6: LOG AND SPOOL SETTINGS ########################################
430############################################################################
431
432log-file /var/log/pmta/log # logrotate is used for rotation
433
434# All logs
435 <acct-file /var/log/pmta/acct.csv>
436 move-interval 5m
437 max-size 50M
438 delete-after 1d
439 </acct-file>
440
441############################################################################
442# BEGIN: OTHER OPTIONS #####################################################
443############################################################################
444
445sync-msg-create false
446sync-msg-update false
447run-as-root no
448
449#
450# spool directories
451#
452
453<spool /var/spool/pmta>
454 deliver-only no
455 delete-file-holders yes
456</spool>
457
458############################################################################
459# END: OTHER OPTIONS
460############################################################################