Bulk Email Server Guide by williamwiggins

Bulk Email Server Guide

A Complete Guide how to setup a Perfect Bulk Email Server and use it for transactional or newsletter emailing without any sending limits, with IP rotation, domain masking, automatic bounce processing, Feedback loops and everything else that is required for perfect deliverability.

By PowerMTA NiNjA

This guide is meant for those that would like a to start with email marketing or those that already do it but want to improve their current system setup. It can be used with your double opt-in list, a list you bought online, a list you scraped off some site, etc. This really doesn't matter.

Why did I decide to publish it? Mostly to help my customers with their system setup and configuration. Now they can save their money and my time by following this guide to add new IPs, domains, SMTPs, or to even set up a new bulk email system. Another reason is to help newcomers to start with a perfect system setup. It took me years to get everything to the point where it's working how I want. Isn't that nice from me? Yes and no. I know from experience that a lot of those that will follow my guide will need my help. Even tho you will follow a step by step guide it doesn't mean it will be easy. If you do manage to get it to work (even if it's on your fifth try) I salute you. You obviously have enough skills and a nice work ethic to do even bigger things. If you are interested contact me. I am always looking for bright people to help me with my projects. If you do decide to follow my guide please read everything before you start. Have fun and don't send me an email from your new bulk email system.

Before We Begin Let us make one thing clear first. Even tho this is a step by step guide you still have to think on your own and what is even more important. You MUST have more than basic knowledge of: ● Linux ● How email works ● How the internet works I can not write a guide that will be copy/paste from start to finish. We aren't setting up an email account in Outlook. We are setting up a PERFECT bulk email server and even tho you are following a guide you will have to adjust some parts so everything will work with your domains and IPs.

I have to say is this ● Don't rush or you will end up with a system that is full of errors and you won't come close to perfect 10/10 score on mail tester. ● Read everything from start to finish and don't just blindly follow this guide without knowing what is coming in next steps. ● Start the guide with your head clear and rested as I can't do the thinking for you. If you mess up your emails might not get delivered. We have all been there. At some point, it was my first time and I know it was a mess. I didn't know what I was doing, I was sweating like crazy, I was tired but full of adrenaline so I couldn't stop or even leave my computer just to make me a cup of coffee. Before you begin, get yourself: ● Some snacks ● A bottle of water ● A cup o f coffee or an energy drink Don't drink beer. We'll come to that during this guide so make sure you have some. Or maybe you prefer something else as I do.

This one is a bit tricky since you are an adult, but think about your health and go to the toilet before you start. If you are like me you'll forget about the world around you once you begin. Oh, if you have kids wait for them to go to sleep. It took me some time to master everything to the point that I was able to do everything as it should be while the little ones were running around.

Remember Read, Think ..., Do And don't blame me if you fail

Bulk Email Server Guide: Ready? Set… GO! Before we begin you need a server first. I am sure you must be thrilled you are following a guide with such useful tips. And more are on the way! No, seriously you need a server before we can start. And almost anything will do that meet minimum system requirements. If you’ll search around you can find VPS offers with more than enough to run everything we need for testing purposes for as low as 1,5€. A server like this isn’t recommended for production server as it usually comes with no SLA, but it could easily be used as an external MTA/SMTP, but more about this later. For your production server pick a VPS or dedicated server with your preferred hosting provider. In our tests and all years of doing e-mail marketing (read setting up servers) we didn’t have any major problems with providers as far as system configuration goes. There are a few that would not allow for necessary changes to be done, but you just move to the next one if that happens. Most major hosting providers will be just fine for your perfect email server.

Local or external MTAs/SMTPs? There is one more thing we need to go over before we start. There are three different scenarios. Local MTAs/SMTPs Mumara and PowerMTA will run on the same server. Pros: Easy administration, Cheapest Cons: Hosting providers will usually assign IPs in a range to your server so if blacklisting occur they could affect all your IPs. If your provider decides to shut you down your complete operation will stop. External MTAs/SMTPs Mumara will run on one server and PowerMTA will run on one or more servers.

Pros: In a case of blacklistings only one server or IP will be affected. In a case of problems with provider only one sending server is taken down so sending will continue. The server where Mumara is installed does no sending at all so you will never have problems. Cons: More expensive, more servers to configure Hybrid A mix of everything. Mumara and PowerMTA on the same server with integrated external servers with PowerMTA. The best long run scenario, of course, is using external MTAs/SMPTs.

Minimum requirements Let's go over this again now that we know our options. How will your system be setup? Will it use local or external PowerMTA? Local PowerMTA Everything will run on the same server so our server must have enough power. Here are our recommendations: 5-19 IPs/domains ● ● ● ●

VPS or Dedicated server 2 cores 8 GB RAM 20 GB SSD

20-99 IPs/domains ● ● ● ●

VPS or Dedicated server 4 cores 16GB RAM 40 GB SSD

100+ IPs/domains ● VPS or Dedicated server ● 8 cores ● 32GB R AM

● 100 GB SSD Here a saying we all know from Jeremy Clarkson would come in handy, POWER!!!! And more power we have the better. External PowerMTA In this case, Mumara will run on one more powerful server and PowerMTA will be installed on many cheaper servers. Here are our recommendations: Main server – Mumara ● ● ● ●

4 cores 16GB RAM 40 GB SSD 1 IP

MTAs – PowerMTA ● ● ● ●

1 core 1 GB RAM 10 GB HDD 1 IP

This tutorial covers both scenarios.

Buy a server Seriously, we are at the stage where you need your server so if you haven’t already now is the time to pick which scenario you’ll use and then buy 1 or more servers. Like I already said. Almost anything that meets minimum system requirements will do so pick a hosting provider and get your servers up and running. IMPORTANT All your servers no matter what scenario you’ll go with must have CentOS 6 x64 minimal installed. If you’ll pick a different version or distro chances are this tutorial will not be much help to you.

Bulk Email Server Guide: Main Server Install In this guide I am talking about MAIN server and MTA server, so to avoid any unnecessary confusion let me clarify this. The Main server is the server where your Email Marketing Software (EMS) such as Mumara, MailWizz, Interspire Email Marketer, ... is installed. Since we are getting ready to set up a bulk email server with an option to scale it up if needed I recommend you pick a bit more powerful VPS for it. MTA server is a server where PowerMTA is installed. These servers are doing all the sending. This is just one layer of protection to keep your MTA servers away from your Main server. In case there is ever a problem your main server will never be taken down since it's not doing any sending at all. MTA server can be any budget VPS with at least 1GB RAM.

Now let's get back to our Main server. For my own personal use I have: ● ● ● ●

Six core CPU (Intel® Xeon® E5-2620v3) 24 GB RAM (guaranteed) 600 GB SSD UNLIMITED traffic

● 1 IPv4 + IPv6 The price I am paying for my main server is 14.99 € (around $18) per month. And since it is not doing anything wrong and there is no reason for my VPS provider to shut it down I can pay for it for 1 year and get an even lower price. Of course, I never pay for my MTA servers up front. They are the bad guys and could be taken offline at any time. But even if they do I still have enough left and can add a new one in about 30 minutes. The price I'm paying for MTA servers is from 1,5 € - 5 € for each server per month, but more about this later when we'll look at the process of setting up MTA/sending server. In this step you will need: ● A bit more Powerful VPS (I suggest at least 8GB RAM, 16GB recommended). Don't have a server online yet? Get it online in less than a minute. ● Clean install of CentOS 6/7 x64 (minimal recommended) ● SSH client (I suggest Bitvise) Now login as root and follow this steps: First, check your hostname hostname -f

It should be in format hostname.domain.tld. Where hostname is something random like server, main, box, ... Since we want that it's obvious this is a bulk mail server I recommend you stay away from words like mail, email, newsletter, ... In my case this is henry.powermtaninja.science If you didn't set your hostname during your VPS setup or the provider you are using does not have this option follow "How to setup hostname". Install required packages yum -y install wget

Server update yum -y update

Reboot reboot

Now depending on your CentOS version use the appropriate lines. CentOS 6 cd /usr/local/src wget http://centos-webpanel.com/cwp-latest sh cwp-latest

CentOS7 cd /usr/local/src wget http://centos-webpanel.com/cwp-el7-latest sh cwp-el7-latest

The install process can take from 5-20 minutes depending on your VPS specifications, so get a cup of coffee and relax. When the install finishes copy login information and paste it to a safe place. I always create a new text file and save all login details in it. Of course, I save it in a safe place (check Tools). Reboot reboot

The installation is now complete and you can login to control panel and start with basic configuration.

Bulk Email Server Guide: Basic control panel configurations Now that we have a control panel installed we can do all (well most) of configuration in a user-friendly user interface you can access in your browser. You already have all necessary login information (did you save it?) from the previous step. So copy/paste the URL you got and login. It looks something like this NO-SSL http://MAIN_SERVER_IPv4:2030 SSL https://MAIN_SERVER_IPv4:2031 Where "MAIN_SERVER_IPv4" is obviously the IPv4 of your main server so be sure to change it or you will get an error (doh!). I suggest you use SSL. You will get a warning since it's self-signed.

You will see a bit different screen. This is my fully configured server.

The first thing you want to do is set your email address to get rid of the annoying message that shows after login. You can do this in "CWP Settings > Edit Settings" where all you have to do is enter your/some email and click "Save changes".

Change Date & Time Now move to "Server settings > Change Date & Time" and select the time zone you are in and click "Change date & time". I am located in Germany so I picked "Europe/Berlin". If time still isn't correct adjust it manually.

Important! Remember the timezone you set as you will need it later!

Simple PHP.ini Editor

Now go to "PHP Settings > PHP Simple Editor" and change everything like you see in the picture below. Of course, do not set the same timezone as I have. Set it to what you used in step before.

Important! You have to click "Save" next to each field to save the changes. Make sure you uncomment the "date.timezone" option by removing ";" in the front.

Change SSH Port

To make your server safe from script-kiddies I suggest you change the SSH port. Go to "Services Config > SSH Configuration" and search for "Port 22". If needed uncomment it by removing ";" and change it to a number between 10000-60000. Click "Save changes" at the bottom and go back to the main page of control panel dashboard and Restart SSH by clicking on "Restart" next to it.

This is all the basic configuration that had to be done. Of course, there is more to do like add user accounts, create system emails, enable firewall and backups, ... but we'll get to that in the next step.

Bulk Email Guide: DNS Records Now it's time to set DNS records for the domain we'll use on our Main Server in our Bulk Email Network. For the sake of this guide, we are using CloudFlare, but you can use any other DNS hosting. To refresh your memory, the main server is the server where your Email Marketing Software (EMS) is installed (Mumara, Interspire Email Marketer, MailWizz, Mautic, ...). Then we also have MTA servers where PowerMTA is installed. These servers are doing all the sending. This is just one layer of protection to keep your MTA servers away from your Main server. In case there is ever a problem your main server will never be taken down since it's not doing any sending at all. MTA server can be any budget VPS with at least 1GB RAM and you can add as many as you want. Your main server should be a more powerful VPS (16GB RAM recommended). Our Main server is up and running but for now, it only has A and AAAA records (if you have IPv6) set. Take a look at the table below and set your DNS records accordingly.

TYPE A A AAAA AAAA CNAME MX TXT TXT TXT

NAME @ HOSTNAME @ HOSTNAME www @ @ @ _dmarc

VALUE MAIN_SERVER_IPv4 MAIN_SERVER_IPv4 MAIN_SERVER_IPv6 MAIN_SERVER_IPv6 @ HOSTNAME.EXAMPLE.COM @ v=spf1 mx a ptr ~all v=DMARC1; p=none

STATUS OFF OFF OFF OFF OFF OFF OFF OFF OFF

Since this server isn't doing any sending at all there is no need to set DKIM keys, but if you want you can do it from control panel. ● First, login to control panel as root ● Go to " Email > Mail Server Manager" and check boxes like in the picture below. If you don't want Antivirus and rDNS checker just select "Installs DKIM & SPF,

● ● ● ● ●

TYPE TXT

enables DKIM for New Accounts and Domains" and make sure your hostname and domain are correct. This are correct formats: Hostname - hostname.example.com Domain - example.com When everything looks fine, click on "Rebuild Mail Server". It will take a few minutes to complete. Now go to "Email > DKIM Manager" and click on "Edit Records" for your main domain. Search for "default._domainkey" and copy/paste it to your CLoudFlare account like this

NAME VALUE default._domain v=DKIM1; k=rsa; p=YOUR_KEY key

All emails you send from your Main server will now be signed with this DKIM key. If you want to add email accounts on your main doman go to "Email > Add Email Account" and follow instructions there. It's really simple.

Next step is to Install Email Marketing Software. You can use any email marketing application you want Interspire Email Marketer, MailWizz, Mautic, ... I do however suggest Mumara for its easy and full integration with PowerMTA. This is something that none of other email marketing applications has. In a long run, it will save you time and money when you will set up more MTA servers. Mumara also has some unique features and some you will only find with other EMS only if you use expensive add-ons. Continue with Main server setup on my site. Additions steps available online are: ● Add user, domain and create Free SSL ● Installing Email Marketing Software ● Install PowerMTA Management Console ● Tighten Security

Bulk Email Server Guide: Sending/MTA Server Setup Yes, it's time to start with MTA server setup and configuration. These servers will be used to do the actual sending. This are our bad boys.

Let's recap what we already learned in this guide

We can use almost any budget VPS as our MTA server. I use cheap servers from $2 $6 and couldn't be happier with the results. The only real requirement is that the VPS have at least 1 GB RAM. What makes my setup different from what most other people use is that I always use VPS with 1 IP for my MTA server.

Here is why I've been in this business for almost 15 years and saw every possible scenario. Since the lists, I sent to aren't actually mine it is normal that from time to time my sending servers are taken down due to spam complaints. Let's take a look at what happens when you have:

Everything on one server

You bought a super expensive VPS with 128GB RAM and 256 IPs. In case there is a problem you will lose everything and if you don't have a backup and let's be honest, most don't, you will be forced to start from scratch. Can you imagine all those hours of work lost? And guess what, all emails you already sent out and links in them will become useless. Maybe it's better to buy a gun, eh? Another bad thing with setups like this is that usually, your IPs will come in a range. Why is this bad? When blacklistings will start rolling in they will simply blacklist your whole IP range and you are done. Bye, bye inbox!

Multi-Server Install

Now let's take a look what will happen in the same scenario, but this time with my setup. You got so many spam complaints that your VPS provider decides it's time to take you offline. Since all complaints are regarding one MTA only that server will be taken offline.

Your Main server and other MTAs (which should be hosted on other account/providers) will keep working and continue sending emails. You will have to setup a new sending server but by using my guide this shouldn't take you more than 30 minutes once you get used to the process.

Do you see the difference?

With single setup, we were talking about buying a gun. With my setup, this is just a few clicks and a new sending server will be ready to start sending. Of course, it is a lot more work, but believe me, it is worth it. After your whole bulk email system is taken offline you will never sleep again. For me, meh, doesn't really affect me, a few clicks and it's back.

How to begin?

You will need: ● VPS with 1 GB RAM and 1 IP ● CentOS 6 x64 (minimal recommended) Connect to your VPS via SSH using Bitvise and run the following commands: curl -O http://vestacp.com/pub/vst-install.sh bash vst-install.sh --nginx no --apache yes --phpfpm no --named no --remi no --vsftpd no --proftpd no --iptables yes --fail2ban yes --quota no --exim yes --dovecot yes --spamassassin no --clamav no --mysql yes --postgresql no --hostname hostname.example.com --email your@email.com --password YOUR_STRONG_PASSWORD

Be sure to replace hostname.example.com, your@email.com and YOUR_STRONG_PASSWORD. For hostname, the same rules apply as for our Main Server.

Answer Yes with "Y" and press Enter. The installation process of VestaCP will take about 15 minutes. After it's done you will get all login information you'll need. Be sure to save them to that same file!

Raising the Limits

To avoind another reboot later lets rase the limits as this is needed for when we'll install PowerMTA. Edit /etc/security/limits.conf nano /etc/security/limits.conf

And add at the bottom of the file * soft nofile 65535 * hard nofile 65535

Save it with Ctrl+X and reboot your server with reboot

Now it's time to do some basic configurations of our MTA/Sending server and after that, we'll install PowerMTA. When you are done with this sending server set up as many as you can. Host them on different accounts with different VPS providers.

Continue with MTA server setup on my site. Additions steps available online are: ● Basic MTA server configuration ● Install PowerMTA

Bulk Email Server Guide: Basic EMS Config First, I would suggest you look around and get familiar with Mumara. If you worked with Interspire and co you will not have any problems. If you are familiar with WordPress style admin and like it as much as I do, navigating will be a breeze. The next thing you will probably realise is that Mumara comes with everything you ever wanted and need for successful email marketing. Now that you looked around a bit and you know where what is let's begin with the basic configuration that is required for everything to work.

Set your timezone

You might think, meh, I don't care if the time I see in Mumara is correct, but setting up the time to your correct time zone (the same you set in control panel) is very important and here is why. Mumaras internal time is used to set email headers about sent time. So if your time is incorrect your emails will come from past or future. And if you are planning to use campaign schedule or evergreen campaigns you will need your time to be correct in order to set time when you want your emails to start sending. First, click on Profile icon at the top.

Now select the same time zone from the drop-down you selected in control panel before. You should know what time zone your city is located.

Now do the same under 'Settings > Application Settings' if you plan on adding more users or sub-users just to make sure their time is set up correctly and they don't have to worry about this. Continue with EMS configuration on my site. Additions steps available online are: ● Set cron jobs ● Full EMS Guide

Bulk Email Server Guide: Integration with PowerMTA I don't know why but this is where most of the people get stuck. It is probably because they are tired and already have enough of things they aren't used to do. Maybe it's a good idea to take a break. Maybe even stop for today and go out, go watch a movie or play a game. The truth is that this step is really simple and if it didn't exist the whole Mumara to PowerMTA connection step would need about 10 steps to cover everything. Since Mumara is smart enough it will do most of the hard work for us. There are some things that need to be fixed for everything to work but nothing harder than copy/paste. First, go to 'Integrations > PowerMTA Settings' and click on + to add a new PowerMTA server. Now it depends on, are you using local or external (recommended) PowerMTA. Basically, it's the same you just have to change the IP. The picture below shows how I set up local PowerMTA.

If you are using local PowerMTA you can enter everything apart from root pass (another smart one) exactly like in the picture above. If possible always use localhost and run everything on localhost only. Of course, this isn't possible in case of external PowerMTA. In that case, adjust all IPs. When done with everything click 'Next'. Unforgenetly you won't see to the very last integration step if you entered everything correct.

In step 2 enter your IPs and domains separated by commas to appropriate boxes. Make sure the are in the same order as you assigned them in control panel to save time in the next step. Do everything else like in the picture below. When done click 'Next'.

Since you followed my tip and entered IPs and domains in the same order you assigned them in control panel the only thing to do in step 3 is to enter all necessary data for each SMTP. For group I usual just copy/paste domain name. Enter From name, From email, and Reply email and leave everything else as it is. No picture here since this is easier than setting up an account in Outlook. When done click 'Next'. In Step 4 there is nothing to do so just click 'Next'. In Step 5 you will finally see if the info you provided in step 1 was correct. In a case of errors go back and correct your mistakes. If the connection was successful just click 'Next'.

If you did everything correct you will see something similar as on picture below and a file called pmta_server.zip will be downloaded. Save this file as you will need it later. Here is its content Bounce.csv - infor about your bounce accounts DKIM.txt - all your DKIM records FDNS.csv - your reverse DNS htaccess.txt - we will need this for domain masking pmta_config.txt - defoult PowerMTA config file that Mumara creates. Unforgenetly PowerMTA will not start when using this config, but we'll fix this later. ● SMTP.csv - info about your SMTP accounts ● ● ● ● ●

That is it. Your Mumara is connected to PowerMTA. You should be able to send your first email from Mumara but I don't recommend to do it yet. Your configuration is far from perfect.To make it perfect there are still things we must do.

Continue Integration with PowerMTA on my site. Additions steps available online are: ● Bounce emails and Feedback Loops ● Masking domains ● Setting rDNS ● DKIM for sending domains

Bulk Email Server Guide: Tips before you start sending Let's face it the whole setup process required a lot of work and I am sure you want to stay informed with whats going so you can fix little problems before they turn into big ones.

Copy backups

The first thing you will want to do after your whole system is up and running is make sure you have a copy of main servers backups on your local computer. If you didn't copy them yet open Bitvise and connect to your main server. Use SFTP and navigate to /backups and copy all files to your computer. If you didn't enable rsync to another server make sure you copy all backups to your computer at least once per month.

Enable SSH key

To protect your main server from hackers you might want to use SSH keys instead of password when you are logged in. SSH keys the same way DKIM keys work with emails. You copy private key to your computer and public key to your server. If keys don't match you don't get access. To enable SSH keys go to "Server Settings > SSH Key Generator" and follow instructions there.

Check your open ports

During setup, you might have open some ports or completely disabled firewall on your main server. Make sure your firewall is turned on and only ports you really need are opened.

Monitor your blacklists

If you are using Mumara it is already monitoring your IPs and domains, but even so, I suggest you add all your domains and IPs to and be informed by email when the status of IPs or domains changes. This way you can react and request a delisting before it impacts your delivery rates. Click here, create a free account and add your IPs and domains.

Create catch-all emails

Create a catch-all email for all your sending domains and forward them to postmaster@domain.

Check system emails regularly

Make sure you add all your system emails (postmaster and abuse) to a client like Outlook or ThunderBird. Some users will send emails with removal requests.

Check Spammyness of your Emails regularly

You probably checked the score of your email on Mail tester during setup but in case you didn't check it now and also check it at least once per month. The best thing is to send all your campaigns to Mail Tester even if you check the spam score inside your EMS software.

Register all your domains with all major providers that have Feedback Loops program. You can find a list of available FBLs here. Don't forget to add your FBL email addresses to Mumara or other Email Marketing Software.

Add domains to Postmaster Tools

Since Google/Gmail does not have a Feedback Loops for others then ESPs, be sure to add all your sending domains to Googles Postmaster Tools. You will be able to monitor IP and domain reputation, Spam complaints and so on. Click here to start.

Don't use new domains for sending

I don't know why, but most people even those that are in bulk sending for years don't know this. You should never use a newly registered domain for bulk email sending. New domains are added to Day old Bread list (DNSRBL). They say that it's removed from this list after 5 days but from my tests, it's best if you wait 20 days before you start sending from a fresh domain. Mail Tester will show this as URIBL_RHS_DOB.

Mask your IPs

If you are using CloudFlare you can use IP masking feature and hide (to some degree) IPs of your servers. Just click the cloud icon to the right of each DNS record so it will turn orange and bum. If you ping your domain CloudFlare will reply from its IP. Make sure you do NOT mask the subdomain you are using for bulk email sending. If you do your rDNS and SPF will become invalid. I usually mask IP for my root domain and subdomain I am using for domain masking.

CLEAN YOUR LISTS!

If you bought your lists or scraped them off the Internet make sure you clean them before you start sending. It's not enough to process bounces and send to the rest. Bought and scraped lists are full of risky email addresses called Spam Traps. This are old emails that aren't used by their owner and email provider (for example Gmail) is monitoring them for new emails that arrive. If a new marketing email arrives in the email address that was turned into a Spam Trap the provider can be sure that the message is really spam, as the owner abandoned this address years ago. Clean your first 15100 email addresses for free, Register here.

WARM UP YOUR IPS!!!

You put in a lot of time in setting up your new Bulk Email System. Now don't be crazy and start sending without limits. It's really hard to recover your Sender Score if it drops below 50 so follow my Warm Up Guide and start slow.

For more tip visit PowerMTA.NiNjA