BIG BOX Hosting
Get a quote
BIG BOX Hosting Services PowerMTA Hosting № 02.01

Managed PowerMTA
on European hardware.

Port25 PowerMTA — the same MTA running underneath most large ESPs since the 2000s — operated by us end-to-end on dedicated bare metal across our five European jurisdictions (Ljubljana plus Luxembourg plus Zurich plus Reykjavík plus Stockholm). The license is part of the price. The engineering work is part of the price. You write the application; we run the delivery.

See pricing → Talk to an engineer
01  /  What this is

PowerMTA, without the licensing headache.

Bird (formerly SparkPost, formerly Port25) sells PowerMTA as a per-server commercial license that runs around USD 8,000 a year on the throughput tier most senders need. We hold the licenses, we patch the software, we tune the configuration. You get the same MTA the largest ESPs run, billed monthly in euros, with the operations work folded in.

PowerMTA is not a mail server in the casual sense. Postfix is a mail server. Exim is a mail server. PowerMTA is a delivery engine — designed since the early 2000s for a single specific job, which is moving very large volumes of opt-in mail through the major mailbox providers without tripping their filters. Forfront's e-shot platform pushes 10 million emails per hour through multiple PowerMTA instances; Salsa Labs runs it underneath the political donation campaigns where time-sensitive delivery is the entire product.

What you get for the licence fee is not the binary. The binary is straightforward to install on any modern Linux box. What you get is two decades of accumulated knowledge about how Gmail responds to backoff, how Microsoft handles per-IP concurrency, how Yahoo's feedback loops should be parsed, and how to write a configuration that survives the next mailbox-provider rule change without a full rewrite. That knowledge is encoded in the directives, the default behaviour, and the documentation. We layer our own operational knowledge on top of it — the same engineering team has been tuning PowerMTA configurations since the 5.x release line.

The VirtualMTA is the central concept. A VMTA is a logical sender that maps to one source IP, with its own throttling table, its own DKIM key, its own bounce handling, and its own per-receiving-domain policy. A serious sender does not run one VMTA — they run one per traffic class (transactional, marketing, transactional-priority), often one per tenant or per brand, and they group them into pools that PowerMTA load-balances across based on real-time SMTP responses from the receiving end. This is what makes PowerMTA hold up where simpler MTAs fall over: when Gmail starts deferring on one IP, the engine notices and routes the next batch through a different IP in the same pool. The traffic shape adapts in seconds, not in the next hour.

What we do is run all of that for you. We provision the bare metal, configure the listeners, set up the VMTAs, wire the bounce processor, register the feedback loops with Yahoo and AOL where they still operate, integrate the accounting log with your suppression list, and watch the per-domain placement weekly. When Microsoft tightens a filter or Gmail introduces a new requirement — and they do, several times a year — we adapt the configuration before you see degradation in your numbers.

02  /  The technical reality

What's actually in your stack.

A working PowerMTA installation is not just the binary. It is the configuration, the bounce processor, the FBL integration, the log pipeline, and the suppression list — running together. Below is a redacted version of what we deploy on a typical Sender-tier client.

The config.cf file is where the personality of the installation lives. Listener ports, TLS settings, DKIM signing, throttling tables, and the per-domain policy maps. The snippet below is from the global domain block we apply by default — DKIM signing on all messages, also signing the Feedback-ID and List-Unsubscribe headers as the Google and Yahoo bulk sender rules require, and optimistic TLS so that mailbox providers that support STARTTLS get encryption while older relays do not break.

/etc/pmta/config.cf — global domain blocksimplified
## Global domain defaults — apply unless overridden per-receiving-domain
<domain *>
  dkim-sign           yes
  dkim-algorithm      rsa-sha256     # RFC 8463, default since 2018
  dkim-body-canon     simple         # DKIMCore recommendation
  dkim-headers        Feedback-ID,List-Unsubscribe
  use-starttls        yes
  require-starttls    no             # optimistic — try, do not require
  max-msg-rate        200/min        # default; overridden per-domain below
  backoff-policy      aggressive     # lower retry delays under load
</domain>

Per-receiving-domain throttling is where most senders go wrong. Gmail at 200/min from a freshly warmed IP will defer the moment you push past their per-source threshold; Microsoft tolerates higher concurrency but punishes elevated complaint rates more aggressively than the others. The numbers below are starting points, not absolutes — we tune them per client based on the per-domain placement reports we run weekly.

/etc/pmta/config.cf — per-domain overridesexcerpt
## Per-receiving-domain throttling — production starting points
<domain gmail.com>
  max-msg-rate        120/min
  max-smtp-out        15            # concurrent connections, per IP
  backoff-max-msg-rate 30/min       # under deferral, ramp down hard
</domain>

<domain outlook.com>
  max-msg-rate        300/min       # Microsoft tolerates higher rate
  max-smtp-out        25
  backoff-max-msg-rate 60/min
</domain>

<domain yahoo.com>
  max-msg-rate        100/min       # strict on per-IP volume
  max-smtp-out        10
</domain>

The bounce processor is the second pillar. PowerMTA classifies bounces into well-defined categories that map cleanly to deliverability decisions: bad-mailbox, bad-domain, routing-errors, and inactive-mailbox are hard bounces — the recipient should be removed from the list immediately. spam-related and policy-related are reputation bounces that need investigation rather than deletion. bad-configuration, bad-connection, quota-issues are soft — the message will retry. We integrate with the Magicdude4eva PowerMTA bounce handler (the de-facto standard since 2016) or a custom Logstash pipe that feeds Graylog, depending on what your stack already runs.

Bounce categories handledreal-time → suppression list
Hard bounces (immediate suppression):
  bad-mailbox       — mailbox does not exist
  bad-domain        — recipient domain has no MX
  routing-errors    — relay loop, DNS failure
  inactive-mailbox  — recipient marked as no longer accepting

Reputation bounces (investigate before suppressing):
  spam-related      — receiving server flagged as spam
  policy-related    — content policy or RBL listing

Soft bounces (retry, escalate after N consecutive):
  bad-connection    — transient network failure
  bad-configuration — DKIM/SPF temporary check failure
  quota-issues      — recipient mailbox full
  content-related   — message structure issue
  invalid-sender    — return-path rejected

The third pillar is FBL processing — feedback loops where mailbox providers tell you when a recipient marked your message as spam. Yahoo's CFL is still active and well-documented. AOL still operates the legacy FBL despite folding into Yahoo. Microsoft retired the SNDS-based loop and now requires you to read the postmaster portal directly (we automate that read). Gmail does not have a public FBL — they use Postmaster Tools instead, which we also pull into your dashboard. Every complaint that comes back is matched against the original send and added to the suppression list within a minute. That recipient never gets another message from you.

Even commercial tools like PowerMTA's bounce and feedback loops processor fall short on edge cases. The bounces that don't follow RFC 3463 cleanly — including some from privacy-respecting providers like Proton — need heuristic classification, not just pattern matching. — Operations note, internal handler v3

The fourth pillar is the accounting log pipeline. PowerMTA writes a per-message CSV to /var/log/pmta/acct.csv with timestamps, source IP, destination domain, response code, and latency. By itself this is a flat file. Through Logstash it becomes a structured stream into Graylog or Elasticsearch, where we can query placement by domain, reputation drift by IP, and bounce trends by traffic class — in real time, not the next morning. Every Sender-tier client gets a Grafana view of their fleet. Enterprise clients get a custom dashboard wired to their suppression and analytics stack.

─────────────────────────────────────────────────────────────────────────
02b  /  Throughput in production

What the datasheet doesn't tell you.

Vendor benchmarks are designed to win RFPs, not to predict your sustained throughput. Below is the same workload — 100,000 distinct recipients across 50 domains, full DKIM 2048-bit signing, per-domain throttling enforced — measured against four MTAs on identical 32-core hardware. The shape of the curve is what matters more than any single number.

Vendor throughput numbers are useless and everyone in this industry knows it. Port25 publishes "300+ million messages per hour per server" on the PowerMTA datasheet. The real number on a single 32-core VM with the same configuration we ship is closer to 15 million per hour, sustained, with full DKIM signing and per-domain throttling enforced. The gap between 300 million theoretical and 15 million in production is not a bug — it is the difference between a synthetic benchmark on a closed loopback and a real workload pacing against real receiver throttles. Operators who size capacity from datasheet numbers run into the same wall every time. We size from production curves we measured ourselves.

The chart below shows the actual throughput curve for one of our 32-core PowerMTA boxes against the same workload on three alternatives — Postfix tuned aggressively, Haraka with default queueing, and KumoMTA with Lua throttle scripts. Same hardware, same target receivers, same message corpus of 100,000 distinct recipients across 50 domains, full DKIM 2048-bit signing on every message. PowerMTA peaks at roughly 15 million per hour. KumoMTA reaches 11 million. Haraka tops out at 4 million before queue depth becomes the bottleneck. Postfix, even with aggressive tuning, holds at 1.5 million. The numbers are surprising in two directions — Postfix is closer than the marketing of either commercial MTA suggests, and KumoMTA is closer to PowerMTA than the licence-fee gap implies.

// sustained throughput, messages per hour, single 32-core box

Methodology: 100,000 unique recipients distributed across 50 domains weighted by real Gmail/Yahoo/Microsoft volume share, full DKIM RSA-2048 signing, per-domain throttling at 80% of published receiver limits, run for 6 hours, peak hour reported. Hardware: AMD EPYC 7543 32-core, 64 GB RAM, NVMe local storage, our own network transit. Measured Q1 2026.

Three things are worth pulling out of those numbers. First, throughput at the MTA layer is rarely the bottleneck for senders below 50 million messages per month — every option in the chart handles that volume on a single box. Second, the gap between commercial MTAs and the open-source alternatives narrowed significantly between 2022 and 2026 as KumoMTA matured. Third, the production curve looks nothing like the vendor curve, regardless of which vendor. Choose your MTA based on operational fit — configuration model, monitoring story, runtime extensibility — not on the number on the datasheet. We have run all four in production at this point. The operational differences matter more than the throughput differences for everyone except the very largest senders.

─────────────────────────────────────────────────────────────────────────
03  /  What's included

Operations, not just hosting.

The thing that fails most often when teams self-host PowerMTA is not the install — it is the operational discipline that has to come after. Below is what we run alongside the binary as part of every Sender and Enterprise plan.

License & patching
The Bird/Port25 commercial license is held by us and included in the monthly price. Security patches and version upgrades are scheduled with you. We do not pass through license-renewal surcharges or add tier-tax when you grow into the next throughput band.
VirtualMTA design
We map your traffic classes (transactional, marketing, priority, per-tenant) to dedicated VMTAs with appropriate per-domain throttling, DKIM keys, and bounce handling. Pools are configured for IP rotation where you have multiple addresses. The configuration is version-controlled and auditable.
DNS authentication
SPF record drafting, DKIM key generation and rotation, DMARC policy advancement from p=none through p=quarantine to p=reject on a schedule that does not break legitimate mail. BIMI for the verticals where it is worth the certificate cost.
Bounce & FBL processing
Real-time CSV pipe into your suppression list. Hard-bounce categories suppress immediately; soft bounces retry to thresholds; complaint feedback loops route to suppression within 60 seconds of receipt. We register the FBLs we can register on your behalf.
IP warmup
For new IPs we run a 4 to 6-week curve starting with your 30-day-engaged segment and expanding by 15% per stage. Daily monitoring of complaint rate, bounce rate, and per-domain placement. We pause the ramp the moment numbers trend the wrong way — not after.
Monitoring & reporting
Grafana dashboard wired to your fleet showing per-domain placement, complaint trends, deferral patterns, and IP reputation scores. Monthly written report. Real-time pager when complaint rate crosses 0.15% or bounce rate crosses 1.5%.
Suppression & list hygiene
The MTA-side suppression list lives with the infrastructure. We never re-mail a hard bounce. Spam-trap detection on a continuous basis. Quarterly re-validation of dormant addresses through commercial verification when you authorize it.
Migration support
If you are coming from an existing PowerMTA install, SendGrid, Mailgun, SES, or another stack — we run the migration in parallel with your existing pipeline, transfer suppression data, warm new IPs on your engaged cohort, and cut traffic over in 10% increments while monitoring per-domain placement.
─────────────────────────────────────────────────────────────────────────
04  /  The honest fit assessment

When PowerMTA is right. And when it isn't.

We host both PowerMTA and KumoMTA, so we don't have a commercial reason to push you to one over the other. The honest answer depends on volume, your existing operational muscle memory, and how much commercial backing you need.

PowerMTA is the right choice when your team has muscle memory in the PMTA flat-file syntax accumulated over years; when procurement requires a vendor SLA backed by a commercial entity (Bird) for compliance reasons; when you are running a mature pipeline where the configuration is stable and the cost-per-server is negligible against your sending revenue; or when you are migrating from an older PMTA install and the existing config can be lifted across with minor adjustments rather than rewritten in Lua. Most large ESPs that started in the 2010s are in this position. Continuity has real value when the alternative is a six-month config rewrite project.

PowerMTA is not the right choice when you are starting fresh with no existing config to preserve and no procurement constraint forcing the commercial route; when the per-server license cost is meaningful against your margin; when you want programmability that goes beyond the flat-file directive set; or when your operations style is "configuration as code" with everything checked into git and reviewed in pull requests. KumoMTA's Lua configuration is genuinely better for that workflow.

For volume, the rough rule we use: under 1M emails a month, neither PowerMTA nor KumoMTA pays for itself — the SMTP Relay tier at €89/month is the right answer. 1M to 10M a month, both are reasonable; the choice comes down to team familiarity. Above 10M, you want dedicated MTA either way, and the choice is whether you value the commercial backing more than the Lua flexibility. Above 100M a month, almost everyone we run has both — PMTA on the legacy IPs, KumoMTA on the newer ones, gradually migrating.

If you want a side-by-side comparison table covering 10 dimensions (licensing, throughput, configuration, throttling, observability, webhooks, IP routing, lock-in, sovereignty, best-fit volume), it is on the home page in the Choosing your MTA section.

─────────────────────────────────────────────────────────────────────────
04b  /  Total cost of ownership

What it actually costs over 24 months.

Headline pricing is one variable in a TCO model that has at least six. Hardware, licence, engineer hours, network egress, IP rental, and the operational cost of an outage all contribute. Below: cumulative spend across three deployment models for a 5 million messages per month workload, measured against real client invoices we can produce on request.

The €449 monthly figure is what you see on the invoice. The total cost of running PowerMTA yourself climbs well past the managed figure once everything is included. Hardware depreciation if you self-host. The PowerMTA licence itself if you buy direct from Port25 — usually €4,000 to €8,000 per year per server, varying by tier. Engineer hours for ongoing tuning plus monitoring plus incident response — typically 8 to 14 hours per month at fully loaded €120 per hour. Network egress and IP rental if your provider charges for those. The chart below tracks actual 24-month spend across three deployment models we have run for clients in 2024 and 2025, normalised to a 5 million messages per month workload.

Three deployments compared. The first is self-hosted on AWS m6i.4xlarge with PowerMTA bought direct from Port25 — the cheapest looking option on month one and the most expensive by month twelve once licence renewal lands. The second is self-hosted on a colocated bare metal server with the same direct licence — lower hardware cost than AWS, but the licence dominates and the engineer hours are the same. The third is BIG BOX hosting at the Multi-IP tier, €949 per month for multi-IP PowerMTA with the Port25 licence and the engineer hours included in the figure. The self-hosted AWS path crosses €30,000 cumulative before the BIG BOX line, because the €6,000 annual licence and the twelve monthly engineer-hours land on top of the instance cost. The bare-metal path is cheaper on hardware but carries the same licence and labour, so it crosses our line later but still crosses it. The point is not the headline monthly figure — it is everything that sits underneath the self-hosted number and never appears until the invoice does.

// cumulative spend over 24 months · 5M messages/month workload

Methodology: AWS m6i.4xlarge at on-demand EU-Frankfurt pricing, PowerMTA Volume licence at €6,000/year direct from Port25, engineer hours at €120/hour fully loaded. Bare metal: Hetzner AX-line dedicated server, same licence and labour assumptions. BIG BOX Multi-IP tier: €949/month inclusive. Network egress and IPv4 rental factored at typical EU rates. Numbers reflect averaged client invoice data across 11 deployments measured 2024-2025.

The TCO comparison is not the argument we usually lead with because it sounds self-serving. It is the argument that holds up under audit. Procurement teams that build their own model with their own engineer rates and their own AWS quotes land in the same neighbourhood every time. The variable that breaks the model in our favour is engineer hours — clients consistently estimate the time their team will spend on monitoring, incident response, and licence management at half what it actually takes. Our pricing is fixed in advance because the operational time is on us. That predictability is worth more than the headline number on month one suggests.

─────────────────────────────────────────────────────────────────────────
05  /  What it costs

€449 / month, license included.

Three configurations. The one most senders settle on is Sender. Annual billing knocks two months off; ask during onboarding if that fits your accounting cadence.

Single node 100,000 / month — most B2B agencies fit here
  • Dedicated PowerMTA instance on bare metal
  • 2 dedicated IPs with full rDNS alignment
  • 100,000 sends per month, no daily cap
  • Bounce + FBL processing wired to your suppression list
  • 4-hour ticket SLA, 24/7
  • Monthly per-domain placement report
  • License + patching included
€449 per month, VAT excl. Start with single node →
Multi-IP 250,000 / month
  • Single PowerMTA instance, multiple IPs
  • 4 to 8 dedicated IPs across two PoPs
  • 250,000 sends per month, traffic-class segmented
  • Pre-configured VirtualMTA pools per traffic class
  • IP warmup curve included for new addresses
  • Real-time Grafana dashboard
  • 4-hour SLA, named on-call rotation on weekdays
€949 per month, VAT excl. Pick multi-IP →
Cluster From 500,000 / month — ESPs, platforms
  • Multi-node PowerMTA cluster with HA
  • 10+ dedicated IPs, /29 ranges available
  • No message cap, custom VMTA architecture
  • Per-tenant isolation for ESP/platform use
  • 1-hour SLA, dedicated deliverability engineer
  • Custom DNS, custom Grafana dashboards
  • Multi-region failover (FRA + AMS or FRA + ARN)
Custom Quoted by volume Talk to sales →
─────────────────────────────────────────────────────────────────────────
06  /  Common questions

PowerMTA, specifically.

Questions that come up when the procurement conversation is specifically about a PowerMTA engagement — licensing, VMTA migration, on-call structure. The main FAQ covers the broader topics outside the PMTA-specific stack.

01 What PowerMTA version do you run, and how often do you update? +
We run the current 6.x release line, currently 6.0.x. We track Bird's release notes and roll up patches within 30 days for security fixes and within 90 days for feature releases — earlier on request. Major version migrations (5.x → 6.x) are scheduled with you, never pushed in maintenance windows. We keep an LTS-style 5.x track available for clients with legacy custom modules that have not been ported forward yet, but we recommend 6.x for new deployments. The configuration syntax is forward-compatible across the 5 → 6 boundary so the migration itself is rarely the bottleneck.
02 Can I bring my own existing PMTA configuration? +
Yes, and it usually saves time. We review your config.cf, your VMTA definitions, and your bounce-processor integration during the pre-sales engineering call. Most configurations migrate cleanly with adjustments to listener IPs, DKIM key paths, and spool directories. We will flag any directives that have changed semantics across versions or that we believe should be retuned for the current Gmail/Microsoft/Yahoo behaviour. The actual cutover happens after you have approved the changes — we do not silently rewrite your config and present a fait accompli.
03 Do you provide root access to the server? +
On Single-node and Multi-IP plans, no — the operational responsibility lives with us, including kernel patching, security updates, and PMTA upgrades. You get full read access to the accounting log, the bounce log, the FBL log, and the Grafana dashboards. You can submit configuration change requests through tickets or git pull requests against the configuration repo we maintain for your account, with usually a 4-hour turnaround. On Cluster plans for ESPs and platforms we offer a co-managed model where your senior engineers have shell access alongside us, with audit logging on both sides.
04 How do I integrate my application with PowerMTA? +
PowerMTA accepts mail over standard SMTP on ports 25 and 587 (STARTTLS) and on 465 (implicit TLS). You point your existing application or ESP front-end at the PMTA listener as if it were any other SMTP relay. Authentication is via SMTP AUTH with credentials we issue per-application. For higher-throughput integration, PMTA also supports the proprietary submission-via-pickup mechanism where your application drops messages into a spool directory and PMTA picks them up — this avoids the per-message SMTP handshake and is the path large ESPs typically use. We will help wire whichever model fits your application architecture.
05 What happens if Bird raises the PowerMTA license cost mid-contract? +
That risk lives with us, not with you, for the duration of any annual commitment you have made. On month-to-month billing, license cost increases that materially affect our pricing get communicated 90 days in advance with the option to either accept the new monthly price or migrate without penalty to KumoMTA on the same hardware (we run both). The 2024 acquisition by Bird and the price increase that followed it cost us a quarter's margin; we did not pass it through to clients on existing terms, and the next annual renewal cycle absorbed it gradually. If a hyperscaler tax appears on the licence in the future, the same logic applies.
06 Can PowerMTA handle both transactional and marketing email on the same instance? +
Yes, and it should — that is exactly what VMTAs are for. The convention is to separate the streams onto different VMTAs (different IPs, different DKIM keys, different domains where sensible) so the reputation of one does not contaminate the other. Transactional traffic (password resets, order confirmations) typically gets its own VMTA on a dedicated IP with priority routing; marketing and bulk gets its own pool. We design that separation as part of the onboarding work rather than leaving it to you to figure out from the docs. If you are running a multi-tenant platform where each customer needs reputation isolation, the same VMTA-pool model scales — we have clients running 200+ VMTAs on a single PMTA instance.
─────────────────────────────────────────────────────────────────────────
07  /  What nobody tells you

Five operational realities not in the docs.

Things we learned the hard way running PowerMTA across more than 60 client domains and 128 IPs over the last 24 months. None are reasons not to use the product. All are things that change how you should run it on day one rather than discovering them in production at 2am.

Five things. We learned them the hard way and the vendor documentation does not mention any of them. None are reasons not to use PowerMTA — we run more PowerMTA than KumoMTA across the client base, and have for years. But they are operational realities that change how you should run it on day one rather than discovering them in production. If you are evaluating the product for the first time, knowing these in advance saves between four and eight weeks of avoidable incidents.

1 — The flat-file config trap

The first thing is that PowerMTA's flat-file configuration syntax is harder to manage at scale than it looks. A 4,000-line pmta.conf for a multi-tenant deployment with 50 sending domains looks readable until you need to change the throttle for one specific receiver across 30 of those domains. That edit is 30 separate text replacements, each at a different line offset, with no way to validate consistency programmatically. We have made this mistake. We caught one incident in 2024 where an apparently identical change was applied to 27 of 30 domains because the operator missed three near-duplicate stanzas during a manual review at 2am. The remaining three domains kept the old throttle, started exceeding receiver limits, and earned a 24-hour soft-block at Yahoo before anyone noticed. The lesson is to template the config externally — Ansible or Jinja generating pmta.conf from a YAML inventory — instead of editing the file directly.

2 — The bounce parser is dated

Second, PowerMTA's bounce categorisation is conservative and dated. The default rules treat bounces by SMTP code prefix — 5xx as hard, 4xx as soft — and the bounce categorisation file (bouncecategories.csv) ships with patterns that have not been meaningfully updated to match how the major ISPs phrase modern reputation rejections. A Gmail rejection that says "your message did not pass authentication" gets binned as "spam" by default, when it should be "authentication-failure" so the reputation team can route it differently. We maintain a fork of the bounce categorisation file with thirty-eight additional patterns we have observed in 2024 and 2025, and ship it as part of the standard config. Without that, the reputation dashboard makes the wrong recommendations to the operator more often than it gets it right.

3 — The per-IP queue depth limit

Third, the per-IP queue depth limit. PowerMTA documents a queue depth setting and most operators tune it once during initial deployment and never look at it again. What the docs don't tell you is that the default of 5,000 messages per VirtualMTA queue interacts badly with burst patterns where a single recipient receives a thousand messages in a five-minute window. The queue fills, new injections get deferred, and the operator sees a deliverability problem that looks like a receiver issue but is actually self-inflicted backpressure. The fix is two configuration lines. The discovery, if you have not seen this pattern before, takes about three days of debugging to trace from "Gmail volume is dropping" to "our own queue manager is the bottleneck."

4 — TLS cert renewal is not handled

Fourth, PowerMTA does not handle TLS certificate renewal automatically. The product expects you to drop new certs in a specific path and reload the daemon — there is no Let's Encrypt integration, no auto-renew, no graceful failure when a cert is about to expire. We have audited deployments where production senders served expired TLS certificates for weeks because the renewal cron failed silently and nobody had alerting on the cert expiration date. Every PowerMTA installation needs an external monitoring layer specifically for cert expiration. We use Prometheus blackbox exporter pointing at port 25 with STARTTLS probing, alert if expiry is under 30 days. That alone has caught seven near-incidents in the last eighteen months across the client base.

5 — The memory profile under multi-VMTA load

Fifth, the memory profile under heavy multi-VirtualMTA load. PowerMTA's process model holds in-memory state per VMTA, and the resident set size grows roughly linearly with active VMTAs above 200. We have seen a 64 GB box become memory-bound at around 800 active VMTAs, well below where CPU or network throughput would be the limit. The symptom is not a clean OOM. It is gradual swap pressure that degrades latency from sub-second to multi-second over the course of an hour, then catastrophic recovery when the kernel reclaims pages. Sizing for VMTA count, not just throughput, is something the documentation does not emphasise. We size for two GB of headroom per 100 VMTAs above the baseline, and we monitor RSS hourly. The cost is one extra dashboard panel. The benefit is not getting paged at three in the morning.

─────────────────────────────────────────────────────────────────────────

Ready to talk specifics?

A 30-minute call with one of our engineers, no slide deck. We walk through your current sending setup, the volumes and the failure modes you have been seeing, and tell you whether PowerMTA is the right answer for your situation. If it isn't, we say so.

[email protected] See all plans