Heads up folks. We got through setting up everything and it has worked. But since two days, the sign up email has not been functioning. Turned out it was disabled by Digital Ocean. Per email they sent us, Smtp for Discourse is being disabled. To use any email they recommend you sign up with SendGrid.
My question is, between Sendgrid and Mailgun, which one is more integrated with Discourse? If not those, which other offers easy integration?
I have gone through this Thread
Thanks
I’m with Elastic Email … good guys!
(also on 2525)
Perfect !! Will check them out. Crappy for DO to allow folks to setup stuff only to inform them later that all smtp ports are blocked. Does not make sense. So I schedule a demo, only to find out what worked the day before is now blocked !!
Can you just use port 2525?
I haven’t tried that, but from their lengthy email, looks like they disabled everything OutBound smtp on Discourse. They said they worked out some arrangement with SendGrid that they recommend Discourse users sign up with for anything smtp.
Sucks, if you ask me.
Did they say they are disabling all smtp for everyone or is that just for your account?
Brevo is still working for smtp sending for discourse with digital ocean, haven’t heard about that being cancelled.
We understand you have concerns regarding SMTP restrictions in place on your account. DigitalOcean is not a dedicated email host and stopping spam is a constant fight. Due to this, restrictions have been imposed on all accounts.
We would also like to provide some additional background on this issue. Since IP addresses in cloud environments get used and released back to available pools very frequently, they are considered dynamic and untrustworthy. For example, you’re currently assigned an IP address and you’re a responsible mail user. You follow all best practices for mail and never send spam or unsolicited mail. Later, when you no longer need that Droplet, you destroy it and the IP address is free to be assigned to another DigitalOcean user. That user takes the opportunity to send out a large volume of spam before our Security team takes action on the offending account.
Mail providers like Gmail, Microsoft, and others cannot determine if email coming from an IP is legitimate or not until it gains a poor reputation. By that time, the damage had already been done. It’s safer to just block all mail coming from platforms, like Internet Service Providers and Cloud hosting environments, where IP addresses are dynamically assigned and inherently risky.
While this does reduce avenues that spammers have available to them, it also impacts legitimate users. Our Abuse Operations team is working with SBLs to get the IPs delisted. Due to this, we are restricting SMTP traffic across the DigitalOcean platform. This means that we are unable to remove the SMTP restriction that is placed on your account.
We understand that your workflow may have email needs. As a solution to this restriction, we have partnered with SendGrid to offer all our customers a better solution where you would not need to worry about IP reputation and blacklisting. You can read more about this in our article here. Through SendGrid, you will be able to send 100 free emails per day and if your requirement is beyond the free tier, feel free to reach out to SendGrid support to opt for a better plan to meet your requirement.
We’re always happy to help if you have additional questions, so please don’t hesitate to reach out.
This is an automated response to help speed up service by getting all the information we need to help you. You must reply to this email for further assistance.
DigitalOcean Support Team
Just tried 2525. That too is blocked.
Think it is a “blanket” block. Wouldn’t make sense to single out my account that not even a month old with no active users or topics.
2525 seems to be blocked too… just tried it. Not working.
Exactly. Even the grand fathered accounts may eventually get caught in the crossfire. Anyone with accounts that’s working now, should start planning ahead. If an instance like mine with ZERO activity can get hit …
Do you have the link to this article they mention?
It does say restrictions have been imposed on all accounts, but isn’t completely clear what those are.
If the I.P. you have was previously flagged as a spam sender that could cause problems.
Yes, but, Nothing special about the link. Don’t believe they have any “special” arrangements neither.
But here is the link.
I understand their explanation, but that’s their job to figure out; not for a customer who paid for a service. I have no way of knowing what the IP they assign me or any customer was previously used for.
Their documentation says Port 25, but nobody uses that port these days. Everyone uses ssl ports.
I don’t totally understand what this topic is about, but DO has big amount X e-commerces as a customer and every single one uses some service for theirs emails. I’m using Amazon SES.
And reason for that is it has been impossible to host your own mailserver in the meaning you can send directly to receivers. If they have closed the last hole that allowed it I’m fine with that.
But again, I don’t even know if I’m talking about same thing.
My servers are on Scaleway. At one point they introduced a policy that these ports would be blocked until you supplied government issued ID. Perhaps there is a similar process in place?
587 is the standard.
In December of 1998, after port 25 started to get spammy, R. Gellens and J. Klensin submitted RFC 2476 in support of adding a new specification for internet email communications. The RFC proposed a split of the traditional message submission and message relay concept.
The RFC defined that message submission should occur over port 587 to ensure new policy and security requirements don’t interfere with the traditional relay traffic over message relay port 25.
Port 587 is the default mail submission port. When an email client or outgoing server is submitting an email to be routed by a proper mail server, it should always use SMTP port 587 as the default port.
This port, coupled with TLS encryption, will ensure that email is submitted securely and following the guidelines set out by the IETF.
All Mailgun Send customers should consider using port 587 as their default SMTP port unless you’re explicitly blocked by your upstream network or hosting provider.
I’ve been using Digital Ocean for 6yrs but they only host Discourse, my domain is on a separate hosting account which has cPanel, the nameservers for the domain point to DO but then I redirect back to the other hosting for sub domains and mail.
The main reason for doing this was to host an easily accessible website that has everything I need (setting that all up on Ubuntu was too much effort at the time) and that site uses Discourse SSO as login.
Hopefully what you are showcasing here doesn’t affect me but appreciate the heads up and will know what to look for if I start having problems.
Digital Ocean blocking outbound port 25 by default has been in place for years. This is nothing new.
Matt explains it well here:
Digital Ocean had email service available not long ago. @Architect was using the all in one hosting package on earlier sites with Discourse.
How did you set up initial mail sending?
Used the smtp server that was provided by the web host we got our VPS from. Used Ssl ports etc.
Here is even where it gets more interesting. Emails sent through that same smtp using ssl ports still works ok.
So, Emails through - https://mydomain.com still works fine even till now.
Emails through - https://ourDiscourseInstance.mydomain.com is blocked regardless of the port used/ssl used.
My understanding is that the block is for Discourse/other Forum tools.