This is for an initial install, and I’m not a DNS guru by any means! Here’s where I’m at:
- Outbound email tests are working fine. I’m using MailGun with their recommended “mg” subdomain. I’m sending on port 2525. I do have the MailGun API for webhooks entered in that respective field, in settings (they have THREE API’s–is this the right one??). I also have MX records for the mg subdomain entered in my DNS settings. Mailgun validation check says all is working properly, as does mail-tester.com.
- Inbound is configured with a subdomain called “inbound.” If I send an email from a gmail account to fake@inbound.[mydomain].org, I can see that email arrive in the mail-receiver log. If I send, from Discourse, a test email to that same address via Settings > Email, the email seems to disappear–noting shows up in the Rejected bin. I am using Straightforward direct-delivery incoming mail for the rest.
Due to other self-inflicted snafu in the setup process, I opted to begin from a clean slate: I deleted my droplet, reinstalled Discourse and am starting all over again. I did not however delete the MailGun account and am actually using the same API webhook as before. Could this be the problem? I am however using a new Discourse-produced API key (the old one, obviously, was vaporized when I deleted the droplet).
The only other think I can think of, is the endpoint in mail-receiver.yml. Mine looks like this:
Any thoughts on where the hangup is? (The icing on the cake is that I had it all working at one point not long ago—before I deleted the droplet. I’m a slow learner, apparently ). Thanks all!
This should be the domain of your forum, not your email. Can you confirm that your forum is not at
inbound.[mydomain].org? E.g. if meta were using this method, the url would look like this:
Also… this has nothing to do with mailgun, except to make sure to ignore mailgun’s instruction to add MX records for the domain. As per:
Note: outbound email providers like mailgun may ask you to add MX records pointing to their servers. You want to remove these so the MX records for your forum only point to your forum’s domain name. SPF and DKIM records must still point to your outbound email provider servers so you can send email.
@tobiaseigen Getting closer! Made the change by dropping the incoming mail subdomain from the endpoint. Saved, then re-started the mail receiver (because I know not what I do!). Tested. No-luck. Then did a full rebuild of the app. Then made two new accounts using separate email addresses. I then used the admin account to PM one of these. That generated an email as expected. I then replied through email to the PM. Here’s the result in the mail log:
<22>Nov 25 02:38:20 postfix/pipe: AB09913F5CB: to=<replies+da32f82583043bb63fee8be53f9bd3fd@inbound.[mydomain].org>, relay=discourse, delay=0.35, delays=0.19/0/0/0.15, dsn=4.3.0, status=deferred (temporary failure)
Indeed we’re getting closer! Not sure what the temporary failure is all about? It’s been 13 minutes, still not delivering into Discourse. Strange.
I should note, I made the “inbound” subdomain because I want an admin@[mydomain].org email address to be handled by a different mailhost.
I’m having a little trouble understanding your use of domain names. On my site the DISCOURSE_MAIL_ENDPOINT and MX record for inbound email is the same domain, pointing to the Discourse server, as explained in the OP in Straightforward direct-delivery incoming mail. You seem to be trying to use different domains.
Generally you want to use e.g.
forum.mydomain.org type subdomain for your Discourse, to separate your forum from your main website and email on
Happy to clarify and will pretend my domain is
thesite.org for simplicity. What I do see, is a SSL issue in the mail-receiver logs:
<19>Nov 25 19:11:29 receive-mail: Failed to POST the e-mail to https://inbound.thesite.org/admin/email/handle_mail: hostname "inbound.thesite.org" does not match the server certificate (OpenSSL::SSL::SSLError)
To answer your question though, I had two goals which I presume are extremely common:
email@example.com becomes an address for users to contact the admin
thesite.org launches the forum (no subdomain)
Presently my namecheap DNS settings look like this (TTL = Auto and Priority = 10):
1 A Record @ (IP address)
2 A Record inbound. (IP Address)
3 CNAME email.mg. mailgun.org.
4 CNAME inbound. thesite.org.
5 CNAME www. thesite.org.
6 TXT @ forward-email=(stuff)
7 TXT mg v=spf1 include:mailgun.org ~all
8 TXT smtp._domainkey.mg. k=rsa; p=(stuff)
9 MX @ mx1.forwardemail.net.
10 MX @ mx2.forwardemail.net.
11 MX inbound. thesite.org.
12 MX mg. mxa.mailgun.org.
13 MX mg. mxb.mailgun.org.
My containers/mail-receiver.yml settings are::
DISCOURSE_API_USERNAME: system <-- same as API key
* note—> I left the LetsEncrypt lines as-is (did not remove the “#”)
- changed via command line the hostname to
- contact email =
- notification email =
- reply-by email1 =
- reply-by email2 =
- find related post with key = ON
- manual polling = ON
- mailgun API key = ENTERED …but this might be a problem because its from a previous install attempt
- Settings > Emails > Settings: Address =
- Settings > Emails > Settings: Port = 2525
- Settings > Emails > Settings: user_name =
Any thoughts on where I go from here? …and a huge THANK YOU in advance! Pinging also @pfaffman as he has also so kindly been a resource helping me with past struggles involving setup. Your “Straightforward” guide was extremely useful too. Cheers!
Did you rebuild both the mail and app containers? I think the easy solution is to remove the stuff that tries to give the mail receiver a certificate. Does the cert work for the site?
If the Discourse site is not at
inbound.thesite.org that’s the problem. The idea is that the hostname of both the Discourse site and the mail receiver will be the same. You’ll need to find Setting up Let’s Encrypt with Multiple Domains to fix that.
This is rather beyond the intended scope of the mail-receiver howto. If this isn’t enough to get you on track and you have a budget, feel free to contact me.
So the question becomes; can both goals I defined above be had (they seem absurdly common)? Is the only workaround to redirect, in the dns settings, visitors who type
subdomain.thesite.org? If this is true, then I will have to just live with changing the forward facing email address to something ugly like
I can live with changing the admin email address if I absolutely have to. It seems like we’re overlooking something obvious but maybe I’m out in left field (I probably am!).
If what you want is for the mail receiver to receive mail at a domain different from your discourse domain, I think you can. The easiest thing is to not use the let’s encrypt cert in the mail receiver.
@pfaffman you’re a genius! It worked!! Following Setting up Let’s Encrypt with Multiple Domains, the re-building Discourse followed by rebuilding mail-receiver (one of the two probably wasn’t necessary), did the trick. Voila!
Later this evening, I’d like to copy/paste the “Straightforward direct-delivery incoming mail” OP into a Google Doc and offer my suggested edits to that. At no fault to any of you, there are parts of the OP that are not intuitive to someone like me who doesn’t know or understand command-line stuff. I think the two goals I defined above are very common for many installations, and now I know the end-goal can be accomplished.
I have other suggestions for the entire setup tutorial. Have a running list of suggested edits to make the process as simple as possible.
Thanks so much for helping me along here! Super appreciated!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.