# Require incoming application traffic to use TLS smtp-server-tls-certificate /etc/pmta/certs/pmta.crt /etc/pmta/certs/pmta.key allow-starttls yes require-starttls-before-auth yes # Attempt opportunistic outbound TLS for destination domains use-starttls yes require-tls no Use code with caution. Prevent Open Relaying
PowerMTA Config File Link: A Complete Guide to Configuration and Setup powermta config file link
Your email-sending application can then select which vMTA to use by setting a special header ( X-virtualMTA ), directing transactional and marketing traffic through different sets of IP addresses. # Require incoming application traffic to use TLS
For extremely high-volume sending, you can use a feature called "rollups" to prevent a single slow domain from affecting deliveries to other domains. Verify that the changes were correctly applied by
Verify that the changes were correctly applied by checking the listener status and active IP bindings. pmtacmd show status pmtacmd show listeners Use code with caution. 6. Security and Compliance Hardening
The Ultimate Guide to PowerMTA Configuration Files and Optimization
<source 203.0.113.0/24> # Your office network always-allow-relaying yes smtp-service yes </source>