Handling bouncing e-mails

I’ve set up Mailgun hooks as described above, but I sometimes also get incoming bounce emails to an address like bounce+5215e4.9df4bb-user=domain@intfiction.org The email subject will be something like “Undeliverable: Topic title”, and the user/domain is for a real user’s email address that was sent that email. But Discourse doesn’t seem to do anything with these incoming bounce emails. Do I need to enable something?

Mailgun recently (2019-03-12) released a new Webhooks API, and the instructions here don’t seem applicable any longer:

Should we continue to use the legacy webhooks & API? If so, how do we set those up with the changes to Mailgun’s web UI? I realize this is more of a question for Mailgun support, but first I want to know if Discourse has added support for the new webhooks yet.

Nevermind, looks like support was added here:


@zogstrip per my message above, I recommend editing the

to this:

1 Like

Thanks Jeff! The OP is a wiki, feel free to edit your changes right in.


I’m using mailgun. Could someone please help me? I think the instructions are out of date.

So I go into /admin/site_settings/category/email (this could be mentioned in the instructions) and set

“reply by email address”



replacing discourse.example.com with my own domain that points to my discourse instance.

After that I go to Settings in mailgun, API Security. I think the user interface must have changed, because we now have Private API key, Public validation key, and HTTP webhook signing key. Which one do we set to mailgun api key?

Regarding http://your.discourse/webhooks/mailgun, should this be, for example, https://discourse.example.com/webhooks/mailgun, where discourse.example.com is your own domain pointing to your instance? (Also, as I understand it, the install process now gives you https automatically. Can you run a discourse instance without https? Not that I would.)

Thank you for helping me.

1 Like

Could you please let me know which of the three keys in Mailgun I need to use to configure bounce handling? I think the user interface in Mailgun has changed so it’s no longer obvious.

1 Like

I think I figured it out. I used the HTTP webhook signing key in Mailgun, which is under API Security in Settings. It seems to be working. I can see the bounced email in the admin dashboard in my Discourse instance. I also didn’t need to set the reply by email address site setting.


I had to cycle my API keys, and now am not getting any bounce reports. I too think you need to use the “HTTP webhook signing key” instead. But when I try to set that for the “mailgun api key” setting, it won’t let me, saying “mailgun_api_key: Value doesn’t match the required format.”

This commit added support for the new general API key: Support new mailgun's API key format · discourse/discourse@474a01f · GitHub

I’d guess it also needs to support the HTTP webhook signing key, which is a plain 32 digit hexadecimal number.


PR ready (this was an easy one):