MailGun config Bad Auth/Config?

Hey all,

OS: Ubuntu, v22.04.2 LTS
Node Version: v16.20.0
Ghost Version: 5.52.1
Ghost-CLI Version: 1.24.0
Environment: production
VPS on Interserver

After the successful install I can go to my webpage and try to create an account. Then I can get the magic link error. This leads me to believe that no transactional email is set up. So I tried postfix and gave up on that (not a real smtp server?) and now I’m on mailgun.

From other topics I believe that I’ve set up everything at mailgun correctly (lots of assumptions on that). To confirm my work, I’ve installed swak and tested. Here are the results

Trying smtp.mailgun.org:587…
=== Connected to smtp.mailgun.org.
← 220 Mailgun Influx ready
→ EHLO vps2685427
← 250-7eab53c3fce7
← 250-AUTH PLAIN LOGIN
← 250-SIZE 52428800
← 250-8BITMIME
← 250-SMTPUTF8
← 250-PIPELINING
← 250 STARTTLS
→ AUTH LOGIN
← 334 VXNlcm5hbWU6
→ cG9zdG1hc3RlckBmb3VyYW5rbGVzLmNvbQ==
← 334 UGFzc3dvcmQ6
→ MzI5NWIwMjY0NGY4MTk2OTA0Yjc1YWExZGI2YmYyNTYtZTU0NzViODgtOWIwMGUzMzA=
<** 535 Authentication failed

Since that fails auth, I assume I’m doing something wrong in a setting or via the info in mailgun. See the config below.

“mail”: {
“from”: “noreply@fourankles.com”,
“transport”: “SMTP”,
“options”: {
“service”: “Mailgun”,
“host”: “smtp.mailgun.com”,
“port”: 587,
“secure”: false,
“requireTLS”: true,
“auth”: {
“user”: “postmaster@mg.fourankles.com”,
“pass”: “XXXXXXXXX…-XXX…-XXX…”
}
}
},

Any further troubleshooting ideas would be great.

Fritz

Your production.config.json looks fine, but this has no bearing on Swaks.

Please confirm the Swaks command you used, and the format of the password, i.e., did you generate an SMTP password?

Hey Martin,

I found my error. I needed to add my email sub-domain. Mailgun suggested that I create a mg.xxx domain. So Swak worked just fine. However, I never received an email at my home address. And I’m still missing the linkage between mailgun and ghost to allow the sign in. I’m sure it’s something simple, but no idea myself.

F

=== Trying smtp.mailgun.org:587…
=== Connected to smtp.mailgun.org.
← 220 Mailgun Influx ready
→ EHLO vps2685427
← 250-a1ed6dbffa54
← 250-AUTH PLAIN LOGIN
← 250-SIZE 52428800
← 250-8BITMIME
← 250-SMTPUTF8
← 250-PIPELINING
← 250 STARTTLS
→ AUTH LOGIN
← 334 VXNlcm5hbWU6
→ cG9zdG1hc3RlckBtZy5mb3VyYW5rbGVzLmNvbQ==
← 334 UGFzc3dvcmQ6
→ MzI5NWIwMjY0NGY4MTk2OTA0Yjc1YWExZGI2YmYyNTYtZTU0NzViODgtOWIwMGUzMzA=
← 235 Authentication successful
→ MAIL FROM:<ghostusername here@vpsservername here>
← 250 Sender address accepted
→ RCPT TO:fritzxxxx@xxxxxxx.com
← 250 Recipient address accepted
→ DATA
← 354 Continue
→ Date: Fri, 30 Jun 2023 21:20:11 +0000
→ To: fritzxxxx@xxxxxx.com
→ From: gbadmin@vps2685427
→ Subject: Hello
→ X-Mailer: swaks v20130209.0 Swaks - Swiss Army Knife for SMTP
→
→ Testing some Mailgun awesomeness!
→
→ .
← 250 Great success
→ QUIT
← 221 See you later. Yours truly, Mailgun
=== Connection closed with remote host.

If you already receive email on the bare domain, then it’s essential that Mailgun uses a subdomain.

It looks like you’ve misconfigured your SPF records as they are showing Cloudflare. Make sure the MX records bypass Cloudflare. I can’t see an SPF record for mg.four…com.

Hey Martin,
I cleaned the records in cloudflare and retried swaks and got another failure at mailgun. Here’s the new configs on cloudflare:

I’m probably missing something or I’m not waiting long enough for the changes in DNS.

F

you also need an SPF record .

TXT “v=spf1 include:mailgun.org ~all”

Also, double check the domain key, and in the Mailgun settings, make sure you have a green check mark against all the DNS entries.

Sorry, this isn’t quite my knowledge area, but I’m not quite sure what goes where. I make a new entry (TXT), then I need a name and then content. I assume the spf is the content? But what’s the name?

Again sorry, I can’t find a guide for this content specifically.

F

ps. Also All verified at mailgun.

Create a new TXT record, put @ in the name, and v=spf1 include:mailgun.org ~all in the content box.

Okay! That worked great! But when I try to sign up it still says, “Failed to send magic link email”. Do I need to make an account in the database? I missing something again, aren’t I?

F
ps. Just looked in ghost log (sorry, should have done this earlier). I got this:

NAME: EmailError
CODE: ESOCKET
MESSAGE: Failed to send email. Reason: Hostname/IP does not match certificate’s altnames: Host: smtp.mailgun.com. is not in the cert’s altnames: DNS:*.mailgun.org, DNS:mailgun.org.

I just changed the domain’s in cloudflare to .com. Sigh.

pss. I changed the config to org and changed everything back to .org in cloudflare. Double sigh.

I don’t think this should be marked “Solved”, but it’s not my post, so perhaps I’m poking my nose in where it’s not welcome.

Also, this is way out of my league, so I really am that ignorant OCD poster…

Why? The OP made a typo when setting up, i.e., used .com rather than .org.

OK, my bad.

I made an assumption when I read the first few lines of the original OP’s final post.

And I still don’t understand how the middle and final sentences are compatible with the ones at the top of the OP’s final post.

But, thinking about your replies, they were indeed excellent

Sorry about that Cool and Martin. It would have been. A bit better if I gave more details. I marked it resolved once things worked. I hate being dependent on Martin and sorted out the rest through digging. If you want to know anything about my thread hit me up.

Fritz

Thanks for taking the time to reply