Skip to content

KumoMTA Configuration

Posted on:December 14, 2023

KumoMTA uses Lua in place of a more traditional formatted configuration file.

Lua is a surprisingly powerful configuration language, allowing you to either statically define configuration or dynamically build it by pulling from multiple data sources.


In order to make KumoMTA more accessible for those who are accustomed to a static configuration file and don’t need deeper integration, we have developed a set of policy helpers. These helpers are premade Lua policy scripts that implement common use cases by reading formatted TOML and JSON files to configure KumoMTA.


CleanShot 2023-12-19 at 10.58.28@2x.png

Init script

Configuration starts in /opt/kumomta/etc/policy/init.lua, and we will use the example provided in the documentation as a starting point.

  1. ✅ setup sources sources.toml sending IP addresses
  2. ✅ setup dkim_signer dkim_data.toml
  3. ✅ setup automation traffic shaper shaping.toml (ESP policies)
  4. log hooks
  5. ✅ setup queue management queues.toml
  6. Events:
    1. init
      1. storage: data, metadata, logs
      2. shaper
      3. bounce
      4. HTTP listener
      5. SMTP listener
    2. ✅ get_listener_domain listener_domains.toml for relay, oob bounces, and FBLs messages
    3. egress path from shaper
    4. smtp message receive: queue, dkim_signer


DKIM and dkim_data.toml

selector: s1

export SELECTOR=s1
sudo mkdir -p /opt/kumomta/etc/dkim/$DOMAIN
sudo openssl genrsa -f4 -out /opt/kumomta/etc/dkim/$DOMAIN/$SELECTOR.key 1024
sudo openssl rsa -in /opt/kumomta/etc/dkim/$DOMAIN/$SELECTOR.key -outform PEM -pubout -out /opt/kumomta/etc/dkim/$DOMAIN/$
sudo chown kumod:kumod /opt/kumomta/etc/dkim/$DOMAIN -R

Add a TXT record to DNS with the content:

v=DKIM1; k=rsa; h=sha256; p=MIbBa...DaQAB


Automation shaper

The shaping lua helper will include the community managed


Listener domains