Cannot setup Yandex SMTP mail with local instance of Ghost in Docker

While I’m reading the forum about setting custom SMTP on Ghost, it seems my topic is just another one on this matter.

So let’s respect the template first:

If you’re looking for help, please provide information about your environment. If you delete this template and don’t provide any information, your topic will be automatically closed.

Environment: Archlinux host, Ghost and MySQL in Docker container. This is the full current docker-compose.yaml (trial and error changed several times):

services:

  ghost:
    image: ghost:latest
    container_name: ghost
    restart: unless-stopped
    ports:
      - 8889:2368
    depends_on:
      - ghost-mysql
    environment:
      # see https://ghost.org/docs/config/#configuration-options
      database__client: mysql
      database__connection__host: ghost-mysql
      database__connection__user: root
      database__connection__password: example
      database__connection__database: ghost
      mail__transport: "SMTP"
      mail__from: "something@some.mydomain"
      mail__options__service: "SMTP"
      mail__options__host: "smtp.yandex.com"
      mail__options__port: "587"
      mail__options__auth__user: "something@some.mydomain"
      mail__options__auth__pass: "password-for-apps"
      mail__options__secure: false
      mail__options__requireTLS: true
      # this url value is just an example, and is likely wrong for your environment!
      url: https://ghost.some.mydomain
      # contrary to the default mentioned in the linked documentation, this image defaults to NODE_ENV=production (so development mode needs to be explicitly specified if desired)
      #NODE_ENV: development
    volumes:
      - ./content:/var/lib/ghost/content
    # probably better to have an access to full config, saved for later:
    # volumes:
    #   - ./content:/var/lib/ghost

  ghost-mysql:
    image: mysql:8.0
    container_name: ghost-mysql
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: example
    volumes:
      - ./ghost-mysql:/var/lib/mysql

If you aren’t running the latest version of Ghost, the first thing we’ll ask you to do is update to the latest version of Ghost.

[root@archmedia docker-compose-ghost]# docker exec -it ghost bash

root@615f4341c8f2:/var/lib/ghost# ghost version

Love open source? We’re hiring JavaScript Engineers to work on Ghost full-time.

https://careers.ghost.org

Ghost-CLI version: 1.26.0

Ghost version: 5.82.2 (at /var/lib/ghost)

• What’s your URL? This is the easiest way for others to help you

Is this really necessary? URL is https://ghost.<my domain>
I have valid domain, which working for other stuff, also for Ghost.
I have a problem to setup Yandex SMTP mail

• What version of Ghost are you using? If it’s not the latest, please update Ghost first before opening your topic

Provided above

And

• How was Ghost installed and configured?

Installation info provided above, configuration is pure vanilla as for now

• What Node version, database, OS & browser are you using?

root@615f4341c8f2:/var/lib/ghost# node -v
v18.20.2
root@615f4341c8f2:/var/lib/ghost# cat /etc/*release
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@615f4341c8f2:/var/lib/ghost# exit
exit
[root@archmedia docker-compose-ghost]#
[root@archmedia docker-compose-ghost]# docker exec -it ghost-mysql bash
bash-4.4# mysql -V
mysql  Ver 8.0.36 for Linux on x86_64 (MySQL Community Server - GPL)
bash-4.4# exit
exit
[root@archmedia docker-compose-ghost]# cat /etc/*release

DISTRIB_ID="Arch"
DISTRIB_RELEASE="rolling"
DISTRIB_DESCRIPTION="Arch Linux"
NAME="Arch Linux"
PRETTY_NAME="Arch Linux"
ID=arch
BUILD_ID=rolling
ANSI_COLOR="38;2;23;147;209"
HOME_URL="https://archlinux.org/"
DOCUMENTATION_URL="https://wiki.archlinux.org/"
SUPPORT_URL="https://bbs.archlinux.org/"
BUG_REPORT_URL="https://gitlab.archlinux.org/groups/archlinux/-/issues"
PRIVACY_POLICY_URL="https://terms.archlinux.org/docs/privacy-policy/"
LOGO=archlinux-logo
[root@archmedia docker-compose-ghost]# uname -r
6.8.7-lqx2-1-lqx
[root@archmedia docker-compose-ghost]# docker -v
Docker version 26.1.0, build 9714adc6c7

Firefox 125.0.2 on Windows 11

• What errors or information do you see in the console?

[root@archmedia docker-compose-ghost]# docker logs -f ghost
........

[2024-04-27 18:02:06] ERROR Failed to send email. Reason: Mail command failed: 553 5.7.1 Sender address rejected: user not found. 1714240926-52TPwm2vNCg0-ets5ZeUj.

Failed to send email. Reason: Mail command failed: 553 5.7.1 Sender address rejected: user not found. 1714240926-52TPwm2vNCg0-ets5ZeUj.

"Please see https://ghost.org/docs/config/#mail for instructions on configuring email."

Error ID:
    424513f0-04c0-11ef-889e-af82c9b5071d

Error Code: 
    EENVELOPE

----------------------------------------



Error: Mail command failed: 553 5.7.1 Sender address rejected: user not found. 1714240926-52TPwm2vNCg0-ets5ZeUj
    at createMailError (/var/lib/ghost/versions/5.82.2/core/server/services/mail/GhostMailer.js:105:12)
    at SMTPConnection._formatError (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:798:19)
    at SMTPConnection._actionMAIL (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:1607:34)
    at SMTPConnection.<anonymous> (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:1076:18)
    at SMTPConnection._processResponse (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:982:20)
    at SMTPConnection._onData (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:763:14)
    at SMTPConnection._onSocketData (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:195:44)
    at TLSSocket.emit (node:events:517:28)
    at TLSSocket.emit (node:domain:489:12)
    at addChunk (node:internal/streams/readable:368:12)
    at readableAddChunk (node:internal/streams/readable:341:9)
    at Readable.push (node:internal/streams/readable:278:10)
    at TLSWrap.onStreamRead (node:internal/stream_base_commons:190:23)

[2024-04-27 18:02:06] INFO "POST /members/api/send-magic-link/" 400 927ms

• What steps could someone else take to reproduce the issue you’re having?
  Probably try to deploy same docker-compose.yaml, with lot of preparation of setting up own domain mail on Yandex, creating mailbox, enabling app password, etc.

Ok, additional info:

Let’s say that my domain is some.mydomain, and that I have email address something@some.mydomain hosted on Yandex, which for I know it’s working, cause I successfully sending emails to Gmail, Yahoo, Outlook, etc which are not ending in junk/spam folder, and also successfully receiving emails on it.

Let’s say that same that email address I’m successfully using in Spring Boot, to send emails from Java web apps, e.g.

###### Email Properties ####################################
spring.mail.host=smtp.yandex.com
spring.mail.port=587
spring.mail.username=something@some.mydomain
spring.mail.password=password
spring.mail.properties.mail.smtp.auth=true
spring.mail.properties.mail.smtp.starttls.enable=true
spring.mail.properties.mail.smtp.from=something@some.mydomain

Let’s say that same these credentials I’m using in .msmtprc file on Linux host to send email from command line, e.g.

[root@archmedia docker-compose-ghost]# cat /home/stiw47/.msmtprc 
# Set default values for all following accounts.
defaults
auth           on
tls            on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile        ~/.msmtp.log

# some.mydomain
account        some-mydomain
host           smtp.yandex.com
port           587
tls_starttls   on
from           something@some.mydomain
user           something@some.mydomain
password       password

# Set a default account
account default: some-mydomain

And this below is working - email is successfully received to Gmail, and not in spam folder:

[stiw47@archmedia ~]$ printf "Subject: Test email from MSMTP\n\nHello there." | msmtp -a some-mydomain some-user@gmail.com
[stiw47@archmedia ~]$

I tried same this today from the Ghost docker container. Installed msmtp in this Debian 12 CT, configured ~/.msmtprc file as this above, and sending was successful. Unfortunately, this container was destroyed ~15 times until now, and I am now lazy to configure MSMTP again, just for paste - already confirmed.

If I set another email, from Gmail, in Ghost - everything is ok, I can send emails.

I would say my docker CT can reach needed mail server:

root@615f4341c8f2:/var/lib/ghost# openssl s_client -connect smtp.yandex.com:587
CONNECTED(00000003)
4077DB1728790000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:354:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 321 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
root@615f4341c8f2:/var/lib/ghost# telnet-ssl smtp.yandex.com 587
Trying 77.88.21.158...
Connected to smtp.yandex.ru.
Escape character is '^]'.
220 mail-nwsmtp-smtp-production-main-19.sas.yp-c.yandex.net (Want to use Yandex.Mail for your domain? Visit http://pdd.yandex.ru) 1714243953-XqTqgf04IGk0

Before I put all those env variables in docker-compose.yaml, I also tried all possible combinations and variations in /var/lib/ghost/config.production.json, with CT restart after each change.

Apologize on insanely long post, I just tried to collect all details, because it is not clear for me why it’s not working.
In short: I know for sure my mail creds are ok, and my mail can be used for sending SMTP mail from other apps, but in Ghost, I’m getting above mentiond error (which is not true):

[2024-04-27 18:02:06] ERROR Failed to send email. Reason: Mail command failed: 553 5.7.1 Sender address rejected: user not found. 1714240926-52TPwm2vNCg0-ets5ZeUj.

I would appreciate if someone has idea, also be free to ask for additional details.

Thx.

Ghost uses SMTP for transactional emails like “welcome” and “forgot” password and uses Mailgun for bulk newsletter emails.

When you say it doesn’t work, what steps were you taking to generate an email? Was it trying to generate a “welcome” or “forgot password” email, or publishing a post?

Thank you for your interest, @markstos
I am not fully familiar with terminology here, but I would say I am trying transactional email.
Signup from the “Subscribe” button →

image940×498 46.2 KB

And I’m getting “Failed to send magic link email”:

And following in the logs:

[2024-04-29 06:27:40] ESC[31mERRORESC[39m Failed to send email. Reason: Mail command failed: 553 5.7.1 Sender address rejected: user not found. 1714372060-dRJ8Rm7sJ4Y0-iO2SuZS4.
ESC[31m
ESC[31mFailed to send email. Reason: Mail command failed: 553 5.7.1 Sender address rejected: user not found. 1714372060-dRJ8Rm7sJ4Y0-iO2SuZS4.ESC[39m

ESC[33m"Please see https://ghost.org/docs/config/#mail for instructions on configuring email."ESC[39m

ESC[1mESC[37mError ID:ESC[39mESC[22m
    ESC[90m9427d3b0-05f1-11ef-9920-29afe5b1393cESC[39m

ESC[1mESC[37mError Code: ESC[39mESC[22m
    ESC[90mEENVELOPEESC[39m

ESC[90m----------------------------------------ESC[39m

ESC[90mError: Mail command failed: 553 5.7.1 Sender address rejected: user not found. 1714372060-dRJ8Rm7sJ4Y0-iO2SuZS4
    at createMailError (/var/lib/ghost/versions/5.82.2/core/server/services/mail/GhostMailer.js:105:12)
    at SMTPConnection._formatError (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:798:19)
    at SMTPConnection._actionMAIL (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:1607:34)
    at SMTPConnection.<anonymous> (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:1076:18)
    at SMTPConnection._processResponse (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:982:20)
    at SMTPConnection._onData (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:763:14)
    at SMTPConnection._onSocketData (/var/lib/ghost/versions/5.82.2/node_modules/nodemailer/lib/smtp-connection/index.js:195:44)
    at TLSSocket.emit (node:events:517:28)
    at TLSSocket.emit (node:domain:489:12)
    at addChunk (node:internal/streams/readable:368:12)
    at readableAddChunk (node:internal/streams/readable:341:9)
    at Readable.push (node:internal/streams/readable:278:10)
    at TLSWrap.onStreamRead (node:internal/stream_base_commons:190:23)ESC[39m
ESC[39m
[2024-04-29 06:27:40] ESC[36mINFOESC[39m "POST /members/api/send-magic-link/" ESC[33m400ESC[39m 1402ms

And as said before, I am sure that user exist, because with the same/similar setup of the e.g. .msmtprc file, I am successfully sending command line emails from Linux.

And this is the part of my docker-compose.yaml, related with the email variables (I tried same this before from config.production.json without variables in docker-compose.yaml):

      mail__transport: "SMTP"
      mail__from: "something@some.mydomain"
      mail__options__service: "SMTP"
      mail__options__host: "smtp.yandex.com"
      mail__options__port: "587"
      mail__options__auth__user: "something@some.mydomain"
      mail__options__auth__pass: "password"
      mail__options__secure: false
      mail__options__requireTLS: true

If I try same this, not with Yandex, but with e.g. Gmail. And change my variables to this:

      mail__transport: "SMTP"
      mail__from: "something@gmail.com"
      mail__options__service: "Google"
      mail__options__host: "smtp.gmail.com"
      mail__options__port: "587"
      mail__options__auth__user: "something@gmail.com"
      mail__options__auth__pass: "password"

It is working - email is successfully sent:

And received (In spam , but this is something to deal later with. Strange, didn’t expected it will end in spam, sent from Gmail):

image1390×108 11.2 KB

And Gmail credentials were also tested from config.production.json before, without variables in docker-compose.yaml. So it is the same behavior - Gmail is working in both ways, Yandex not in neither way. I have a feeling that problem is just in some wrongly set variable in case of the Yandex, but cannot figure what is missing. There are really a lot of email related threads on this forum, and I tried a lot of combinations of different parameters (secure: true/false, requieTLS, port:465/587, and so on).

I’m suspecting that Yandex does not recognize the email address Ghost is sending email from, based on that error message. Ghost can be a little weird about from addresses, and the behavior was changed (hopefully improved!) recently. Docs are here: Note that this email should be coming from the support address (if set in the dashboard), with the config file value used as a fallback. So… is your support address ( Settings → Portal settings → Account page ) set to something other than what’s in the config file?

Since you’ve gotten a delivery from Ghost by dropping it directly to Gmail (which Gmail accepts, because the destination is Gmail itself), can you look at what the from address of that email (shown in your previous message) is? Does that from address match what Yandex is expecting?

Hi! Thank you for the answer.
For the first part:

I don’t know what the Settings → Portal settings → Account page is, but it seems to me it is something related with some Ghost online service for site hosting? Anyway, I installed Ghost locally on my home server as docker container, and serving it on my domain.

For the second part:

Actually, mail from Ghost via Gmail SMTP was not sent to Gmail. It was sent to my domain mail which is hosted on Yandex, and received with correct From field (with the Gmail mail address where from I sent it).

Sorry if I misunderstood some part.

Go to /ghost
Click the gear icon in lower left
Click the Portal settings link in the big menu on the left side.
Click customize next to Portal settings on the right side.
Click to the account page section (tabs on the top right)

image1877×846 71.8 KB

Check what that email address is, and update it to match what Yandex is expecting.

Ok.

noreply@ghost.some.mydomain

was set in this field.
@Cathy_Sarisky : You are the winner, did not know for this setting, literally 5 days ago started to play with Ghost.
Thank you very much!
Yeah, of course, changed it to my sender email address, and restarted ghost and mysql docker CTs, everything is working as expected.

Huzzah! Glad that got you fixed up! :)

p.s. What do I win?? ;)

That’s perfect. Thanks! :)