KumoMTA is a modern, high-performance mail transfer agent (MTA) designed for high-volume email sending. This guide will walk you through the process of setting up and configuring KumoMTA for optimal performance and deliverability.
Prerequisites
Before beginning the installation, ensure you have:
- System Requirements:
- Linux-based operating system (Ubuntu 20.04+ recommended)
- Minimum 4GB RAM
- 20GB+ disk space
- Static IP address
- Proper DNS configuration
- DNS Configuration:
- Valid SPF record
- DKIM setup
- DMARC policy
- Reverse DNS (PTR) record
Installation
1. System Preparation
First, update your system and install dependencies:
# Update system packages
sudo apt update && sudo apt upgrade -y
# Install required dependencies
sudo apt install -y \
build-essential \
libssl-dev \
pkg-config \
git \
curl \
wget
2. Installing KumoMTA
Download and install KumoMTA:
# Download the latest release
wget https://github.com/KumoCorp/kumomta/releases/latest/download/kumomta.deb
# Install the package
sudo dpkg -i kumomta.deb
Configuration
1. Basic Configuration
Create the main configuration file:
-- /opt/kumomta/etc/policy/init.lua
kumo.on('init', function()
-- Configure logging
kumo.configure_logging({
level = 'INFO',
format = 'json',
destination = '/var/log/kumomta/main.log'
})
-- Configure SMTP listener
kumo.start_esmtp_listener {
listen = '0.0.0.0:25',
hostname = 'mail.yourdomain.com',
max_message_size = '50MB'
}
end)
2. Queue Configuration
Set up the message queue:
-- /opt/kumomta/etc/policy/queue.lua
kumo.on('queue_message', function(msg)
-- Set default queue parameters
msg:set_meta('queue', 'default')
msg:set_meta('retry_interval', '5m')
msg:set_meta('max_retries', 3)
end)
3. DKIM Configuration
Configure DKIM signing:
-- /opt/kumomta/etc/policy/dkim.lua
kumo.on('smtp_server_message_received', function(msg)
-- Load DKIM key
local dkim_key = kumo.load_dkim_key {
domain = 'yourdomain.com',
selector = 'default',
key_path = '/opt/kumomta/etc/dkim/private.key'
}
-- Sign the message
msg:dkim_sign(dkim_key)
end)
Performance Tuning
1. Resource Allocation
Optimize system resources:
-- /opt/kumomta/etc/policy/performance.lua
kumo.on('init', function()
-- Configure worker threads
kumo.configure_workers {
count = 4, -- Adjust based on CPU cores
max_connections = 1000
}
-- Configure memory limits
kumo.configure_memory {
max_heap_size = '2GB',
max_message_size = '50MB'
}
end)
2. Rate Limiting
Implement rate limiting:
-- /opt/kumomta/etc/policy/rate_limiting.lua
kumo.on('smtp_server_message_received', function(msg)
-- Rate limit by domain
local domain = msg:get_meta('domain')
if not kumo.rate_limit(domain, {
max_requests = 100,
window = '1m'
}) then
return kumo.reject(550, 'Rate limit exceeded')
end
end)
Monitoring and Logging
1. Log Configuration
Set up comprehensive logging:
-- /opt/kumomta/etc/policy/logging.lua
kumo.on('init', function()
kumo.configure_logging {
level = 'INFO',
format = 'json',
destination = '/var/log/kumomta/main.log',
rotation = {
max_size = '100MB',
max_files = 10
}
}
end)
2. Metrics Collection
Configure metrics collection:
-- /opt/kumomta/etc/policy/metrics.lua
kumo.on('init', function()
kumo.configure_metrics {
destination = 'prometheus',
port = 9090,
path = '/metrics'
}
end)
Security Configuration
1. TLS Configuration
Set up TLS for secure communication:
-- /opt/kumomta/etc/policy/tls.lua
kumo.on('init', function()
kumo.configure_tls {
certificate = '/opt/kumomta/etc/tls/cert.pem',
private_key = '/opt/kumomta/etc/tls/key.pem',
protocols = {'TLSv1.2', 'TLSv1.3'}
}
end)
2. Access Control
Implement access control:
-- /opt/kumomta/etc/policy/access.lua
kumo.on('smtp_server_message_received', function(msg)
local client_ip = msg:get_meta('client_ip')
-- Check against allowlist
if not kumo.is_allowed_ip(client_ip) then
return kumo.reject(550, 'Access denied')
end
end)
Testing and Validation
1. Basic Testing
Test the configuration:
# Check configuration syntax
sudo kumomta check-config
# Test SMTP connection
telnet localhost 25
# Send test email
echo "Subject: Test" | sendmail -f sender@yourdomain.com recipient@example.com
2. Monitoring Setup
Set up monitoring:
# Install monitoring tools
sudo apt install -y prometheus node-exporter
# Configure Prometheus
cat > /etc/prometheus/prometheus.yml << EOF
scrape_configs:
- job_name: 'kumomta'
static_configs:
- targets: ['localhost:9090']
EOF
Troubleshooting
Common issues and solutions:
- Connection Issues:
- Check firewall settings
- Verify DNS configuration
- Check network connectivity
- Delivery Problems:
- Verify SPF/DKIM/DMARC records
- Check IP reputation
- Review bounce messages
- Performance Issues:
- Monitor system resources
- Check queue status
- Review rate limits
Conclusion
Setting up KumoMTA requires careful attention to configuration, security, and performance tuning. By following this guide, you’ll have a robust, high-performance email server capable of handling high-volume email sending while maintaining good deliverability rates.
Remember to:
- Regularly monitor system performance
- Keep software updated
- Maintain security configurations
- Monitor email deliverability metrics
- Review and adjust rate limits as needed
With proper configuration and maintenance, KumoMTA can provide a reliable and scalable solution for your email sending needs.