"timestamp": "2025-04-01T14:32:10Z", "vmta": "marketing-high-trust", "domain": "gmail.com", "action": "perm-fail", "dsn": "5.7.1", "enhanced_code": "550-5.7.26", "message": "Unauthenticated email from ip [192.0.2.50] is not accepted due to domain's DMARC policy"
If you rely solely on the default PMTA web interface or basic tail -f /var/log/pmta/smtp.log commands, you are flying blind. You are reacting to blacklists and throttling instead of preventing them. powermta monitoring better
<acct-file logs /var/log/pmta/acct.csv> acpt-file-name /var/log/pmta/acct-main-%Y%m%d.csv temp-fail-file-name /var/log/pmta/acct-tempfail-%Y%m%d.csv perm-fail-file-name /var/log/pmta/acct-permfail-%Y%m%d.csv </acct-file> Why? Because CSV is machine-readable. Parse these files into a centralized time-series database. Drop grep . Use Fluentd , Logstash , or Vector to tail PMTA logs and push them into ClickHouse, Datadog, or Elasticsearch . acct-file logs /var/log/pmta/acct.csv>