Transactional Mail connection timing out

Developer help Installation
1

If you’re looking for some help, it’s important to provide as much context as possible so that people are able to assist you. Try to always mention:

  • What’s your URL? ramblingman.org
  • What version of Ghost are you using? 6.35.0

I’ve got ghost running on a digitalocean droplet under Ubuntu, and I’m struggling to get transactional emails working.

Setup: I’m trying to use my regular mail hosting platform, fastmail. digitalocean by default blocks the standard outgoing SMTP connections, but I’m using Fastmail’s SMTP proxy that allows connection on any port.

Here’s my setup:

 "mail": {
    "from": "rich@ramblingman.org",
    "transport": "SMTP",
    "options": {
      "host": "smtps-proxy.fastmail.com",
      "post": 443,
      "secure": true,
      "auth": {
        "user": "rich@example.com",
        "pass": "xxxxx"
      }
    }
  },

I can confirm that this works from the host with swaks

swaks --server smtps-proxy.fastmail.com --port 443 --tls-on-connect --to test@example.com --auth-user "rich@example.com" --auth-password "xxxxx" --from rich@ramblingman.org

And I get the test message from swaks just fine.

Attempts to generate transactional mails (new user signup, invite staff) are just timing out:

[2026-04-30 19:12:03] WARN Error sending email: Failed to send email. Reason: Connection timeout. Please check your email settings and resend the invitation.

I’ve also tried a trial account with mailgun, and still get timeouts.

Thoughts on further debugging?

2

while i think the port 443 is incredibly odd for an smtp server, you likely have the secure tag value set to true instead of false and the requiretls option missing. try this block

  "mail": {
    "transport": "SMTP",
    "from":"'yourname' <your@from.email>",
    "options": {
      "host": "your.mail.host",
      "port": 587,
      "secure": false,
      "requireTLS": true,
      "auth": {
        "type": "LOGIN",
        "user": "your@email.login",
        "pass": "yourpassword"
      }
    }
  },
3

The 443 port is due to DigitalOcean’s blocking of standard outgoing SMTP ports (25, 465, and 587). That swaks test script I have works without issue for any ports except 25, 465, and 587. I picked 443 since I know it isn’t blocked. I’ve tried a variety of ports in my config file, with no change.

Most of my other servers that use that same authentication are set to using implicit TLS on port 465.

I’m pretty sure my config.production.json matches that working swaks script, which is why I’m surprised.

I tried your example, and it doesn’t work, on 567 even swaks can’t connect because of DigitalOcean’s block. If I change that to any other port, I just get timeouts.

Anyone else here using fastmail’s proxy server with self-hosted ghost?

4

The receiving mail server would need to accept connections on port 443 as well though. I doubt that they do that. Standard SMTP ports are usually 25, 465, 587, or 2525 – the latter recently still worked at DigitalOcean.

5

Yes, I refer you to both Fastmail’s documentation and the swaks script above: Fastmail’s SMTP proxy accepts traffic on any port (to get around problem’s like DigitalOcean’s port blocking), and the swaks script I list above (which works fine as written).

I can also try this with pretty much any port except 25, 465, and 587 with swaks and it works fine. So the issue is in the configuration and execution, not the concept. Changing the port to 2525 doesn’t change anything, I just get a timeout.

What I’m looking to do, and this setup works fine with swaks:

  1. SMTPS
  2. Implicit TLS (this normally would be on port 465)
  3. Using a port other than 25, 465, and 58

And if that doesn’t work, debug this, since all I can really get is a “timeout” message.

6

Got it, I missed that indeed.

But one thing I just noticed:

That should be port, not post. Was that a copy-paste error or do you actually have post in your config?

7

D’oh. Yes, that was it.

Thanks for the assistance.

8

For completeness for anyone else in this situation (working around virtual hosting blocking normal SMTP ports using the fastmail proxy), this is the final configuration that is working:

 "mail": {
    "from": "rich@ramblingman.org",
    "transport": "SMTP",
    "options": {
      "host": "smtps-proxy.fastmail.com",
      "port": 443,
      "secure": true,
      "auth": {
        "user": "rich@example.com",
        "pass": "xxxxx"
      }
    }
  },

With a nice shoutout to swaks, which is a surprisingly good debug tool I’m sure I’m going to use in the future.