While investigating this, I noticed that we only had a problem check for Mailgun. So I did a little bit of refactoring to add a global “email bounce handling” problem check that will work for all mail providers we have configured.
main ← fix/email-bounce-handling-problem-check
merged 06:30PM - 24 Feb 26 UTC
The `MissingMailgunApiKey` problem check had inverted logic: it warned admins wh… en `reply_by_email_enabled` was true (meaning the mail receiver handles bounces via VERP, so no webhook API key is needed), but stayed silent when it was false (meaning bounces aren't being tracked at all). This caused false warnings on sites using the mail-receiver container.
This commit replaces the Mailgun-only check with a general `EmailBounceHandling` check that covers all supported email providers (Mailgun, SendGrid, Mailjet, Mandrill, Postmark, SparkPost, Mailpace, AWS SES). The check now correctly returns `no_problem` when both `reply_by_email_enabled` is true **AND** a VERP-capable reply address is configured, since bounces are handled by the mail receiver in that case.
For providers that previously accepted unauthenticated webhooks with only a log warning (SendGrid, Mailjet, Mandrill, Postmark, SparkPost), the behavior is preserved but upgraded to a Discourse.deprecate call (since 2026.2, drop 2026.5) to signal that authentication will be enforced in a future release.
Additionally:
- Adds Mailpace webhook signature verification (was previously missing)
- Adds the mailpace_verification_key site setting
- Includes a migration to clean up orphaned `problem_check_trackers` rows from the old `missing_mailgun_api_key` check
https://meta.discourse.org/t/305909
2 Likes