Mailgun Setup Issues
-
Cloudron Team,
I'm having issues setting up mailgun as email relay. Whenever I try to put in my username and password, it says "authentication failed"
Additionally, do I use the Cloudron DKIM key, or the one mailgun gives me to use?
Also, I'm noticing that the generated DKIM key that cloudron populates in my DNS settings with Gandi use an old domain that my Cloudron lo longer resides at.Can you help untangle?
-
-
Authentication failed, I am not sure. IIRC, you have to explicitly enable SMTP in mailgun and it gives you separate credentials (different from mailgun API credentials).
-
You should setup DKIM key as instructed my mailgun. Mailgun will "re-write" stuff and sign it using the keys it provides. It will also ask you to create specific DNS entries that you have to setup manually.
-
I guess this is because you changed the dashboard domains and deleted the previous domain? If this is the case, I can give you the instructions (have to fixup the database DNS record name for DKIM)
-
-
-
The dkim selector is set in the database. You have to update it manually like this:
mysql -uroot -ppassword -e "SELECT * FROM box.mail"The above output will show
dkimSelector. It will be linecloudron-<yourdomain-nodots>. You can update it like this (be sure to replace thedomain.comwith the domain name (first column in above output) andcurrentdomain-nodotswith your dashboard domain:mysql -uroot -ppassword -e "UPDATE box.mail SET dkimSelector='cloudron-currentdomain-nodots' WHERE domain='domain.com'"For example, if your current dashboard is at
my.dashboard.comthen the dkimSelector iscloudron-dashboardcom(this is just a convention).Then
systemctl restart boxshould be it. In the email status view, you can also click on re-setup DNS records to push the change to the DNS. -
Hi, having the same issue. Not sure what you said helps. I've set up a new domain, mg.example.com, with cloudron being hosted on example.com (and my.example.com). I wonder whether the difference between Cloudron using STARTTLS vs Mailgun using SSL/TLS is the problem?
Not really sure.
-
@edapm Also not sure IMAP is working, how do I check?
-
@edapm said in Mailgun Setup Issues:
@edapm Also not sure IMAP is working, how do I check?
How did you check if IMAP is working or not? Are you not able to connect with your mail client?
-
@girish I sent an email via another email to the address and it timed out after 44 hours.
-
@edapm Ah, incoming mail is still SMTP. IMAP is used just by mail clients to get emails for users.
I see that I cannot connect to port 25. This is why incoming mail does not work. Where is your server hosted? Do you have a cloud firewall in the front? If so, you have to open up incoming port 25. Please see https://docs.cloudron.io/security/#inbound-ports for the various ports you need to open in the firewall.
root@my:~# telnet my.forgenst.com 25 Trying 51.140.109.177... -
Hi @girish, yes I'm using Azure so port 25 is blocked, I cannot unblock it.
-
@edapm Outbound port 25 is usually blocked (this is why you need a mailgun relay). But incoming port 25 is usually not blocked and this is something you setup in your azure firewall. This is the same as what you did for port 22/80/443. Just put 25 there as well.
-
-
I'd seriously consider anything other than Azure / AWS / GCP if you value your costs and time. So many faster, easier and cheaper solutions. Let us know if you have specific requirements as there's a ton of alternative and happier hosting experience among this community.
-
Hi @marcusquinn, yeah I only use Azure because I get free credits via the GitHub Developer Pack. Do you know any good (preferably free) alternatives?
-
@edapm Personally, I'm all-in with Hetzner, not free but the best value for features I've found, particularly having network DDoS protection as standard. Others recommended include Contabo and Scaleway.
If you're getting free (inclusive) stuff from Microsoft then I suppose that's decent. Personally, I'm all GitLab, so anything GitHub is second-choice.
I guess there's nothing truly free, including your time, but those are the options I recommend, otherwise it's support tickets to Azure and hope for their ability to allow for port needs.
