Connecting Mailgun with Digital Ocean


I had a little bit of trouble to connect Mailgun and Digital Ocean (espacially the DNS configuration in Digital Ocean), so I’ve decided to create a little guide to help others :

## Connecting Mailgun with Digital Ocean
  • Sign up on Mailgun

  • Activate your account (you may have to wait 5-10 minutes to receive your activation mail)

  • In Mailgun, do to Domains, Add a New domain. In my example I didn’t use a subdomain as they recommended, I wanted my emails to be (mine is, you’ll see this in this guide)

  • In domains, you should have something like this in Domain Verification & DNS :


  • Now, we have to make the connection with Digital-Ocean, go to Networking > Domains

  • We have to setup the DNS Records, don’t follow the instructions in Mailgun :

  • Create a CNAME record, just put : email //

  • Create a TXT record : @ // "v=spf1 ~all" - The commas are recommended.

  • Create another TXT record : mailo._domainkey then the code given by Mailgun "k=rsa; p=MIGfMA....." - Again, the commas are recommended

  • Here’s mine :

  • Go to Mailgun again and click on Check DNS Record Now, after a few minutes, everything should be validated.

  • Now, you can change the email adresse you want to use (if you don’t want postmaster@yourdomain created by mailgun). In Mailgun > Domains, you should have this on top of the page :

In Manage SMTP credentials make sure to set an address and a long random password of alphanumerics - a-z, A-Z, 0-9 - you’ll need it later.

## Update your Discourse

Launch Putty or any program you use to manage your server. Use these commands :

cd /var/discourse
nano containers/app.yml

In app.yml, you should have around the line 59, something like this :

## TODO: The mailserver this Discourse instance will use
DISCOURSE_SMTP_ADDRESS:         # (mandatory)
DISCOURSE_SMTP_PORT: 587                        # (optional)
DISCOURSE_SMTP_USER_NAME:      # (optional)
DISCOURSE_SMTP_PASSWORD: password               # (optional)
DISCOURSE_SMTP_ENABLE_START_TLS: true           # (optional, default true)


Exit, save the file. If you want to be sure your app.yml haven’t been messed up, you can use the YAML Validator.

We’re almost done. Now we have to rebuild the app using the command :

git pull ./launcher rebuild app

This should go fine.

Finally, in your Discourse, you can test the new mail server :

Send test email and you’re done !

Mandrill is going to paid plans on MailChimp
Can you use Yahoo mail SMTP for Discourse?
Need help! with gmail and discourse
(DjCyry) #2

Thanks for this guide.
I have made it 2 days ago and i have this :
Any idea ?


Check this screenshot, the infos on mailgun are not made for Digital Ocean :

The first TXT with @ instead of (and the commas "" between v=spf1 ~all) should do the trick. I think the CNAME can only be validated if the two TXT are OK.

On the zone file you should have something like this at the end : 1800 IN TXT "v=spf1 ~all" 1800 IN TXT "k=rsa; p=MIGf..." 1800 IN CNAME

(DjCyry) #4

Yes , i have seen it and edited . Now i think
i need to wait for propagate , true ?


You don’t have to add in the second TXT, it didn’t work when i put in mine, It worked only when I wrote : mailo._domainkey.

When my config was right, it was pretty quick. Less than 10 minutes.

(DjCyry) #6

Ok , done , so , the mailgun give the a bad config ? :smiley:

(Jeff Atwood) #7

We don’t recommend letting DNS go to Digital Ocean. I discourage this whenever I see it, since for most people it is much simpler to control DNS from the same place they purchased the domain name from.

(DjCyry) #8

@codinghorror yes , i understand but in my register
only i have option for create Glue Records , nothing else . :frowning:

(Jeff Atwood) #9

Sure in that case fine, but I’d be very hesitant to hand over DNS to Digital Ocean unless you have a very good reason. It’s less confusing and clearer to have your DNS handled in one place, the first place you bought the domain from, versus splitting DNS between two sources …

(DjCyry) #10

If i am using cloudflare , where i need to add that lines ? On cloudflare dns panel or digitalocean dns panel ?

On SPF field , the commas are not accepted :slight_smile:


The commas are mostly for DO, it should work without it in Cloudfare

The line before that, it’s not SPF but TXT you have to use

(DjCyry) #12

So , i need to change the SPF line into a TXT line ?


Yes, and I think it will be ok.

But I never tried with cloudfare so I can’t be 100% sure

(Kane York) #14

I’m guessing that Cloudflare automatically converted the TXT into an SPF record.

(Nick Putman) #15

I am wondering what the correct settings are for subdomains. I currently have:

TXT: - v=spf1 ~all
TXT: - k=rsa.....

These are the settings recommended by Mailgun, and I have entered them in Digital Ocean. Because I am using a subdomain for discourse, I’m unsure if these are the right settings.

(Jeff Atwood) #16

You should include the subdomain because MailGun recommends that, it is also how Discourse sets up defaults. → mail is from →

So you are setting up and validating the domain for email not the parent domain.

(David Sánchez) #17

Hi, following your instructions and still the “k=rsa; p=MIG…” does not get verified.

Another question:

I have a droplet in digital ocean, I am pointing my domain to my IP. In order to do the mailgun configuration I created another domain to do this setup. Is this the correct way?

This is what I have under


Sometimes the k=rsa can take quite some time, you can try with smtp._domainkey instead of mailo._domainkey

Also, nothing links your server to the droplet, you should have at least an A record, with @ and the ip adress

Here is a full DNS records on a droplet :

If you already use your DNS provider to config some records, I think the best way is to also use it for the subdomain, it will be quicker and simpler (you just use what mailgun tells you, no need to change some things). And it will not impact your previous config

(David Sánchez) #19

not sure if I follow you. So creating another domain (well, actually a sub-domain) in my droplet is not needed? all should be done under the I thought the suggestion was to use a



You can do it without creating a subdomain or using the networking panel on DigitalOcean yes.

The guide is just an alternative to link mailgun with DO instead of a DNS provider. Some people tried using DigitalOcean to do this and I wanted to help. But it’s not necessary at all

Sorry if the guide was confusing