Proposed changes to discourse-setup because Digital Ocean blocks outbound smtp

I had DO start blocking 587 in March as well. When I contacted them, pretty upset, they maintained that they did not expressly intend to block my host. I had done some experimentation with postfix (and netcat) and demonstrated I could not reach out on 587 on any of the three ip addresses on the host, not even on their internal subnet between droplets in the Team. Their tech then “reset” my droplet’s networking, which required me to power off, then on the droplet to restore access.

It sounds like they implemented a “global” block in their virtual infrastructure w/o bothering to check who was using SMTP. This is pretty lazy. They could readily have determined if a droplet was using a dedicated commercial relay, i.e. Mailgun, SMTP2GO, etc. and exempted them on a 1st pass. But there is no excuse for not communicating the plan to start filtering / blocking 587 to customers.

On the upside, I found MailerSend (sister co to MailerLite) and my traffic will fit into their free tier vs the Mailgun Flex plan.

I have used 2525 for all my installs since then.

I’ve had several people with sites that worked for years that just quit sending mail because of this.

2 Likes

Are you willing to submit a PR for discourse-setup to make it the new default?

Not unless it has a pr-welcome.

But also, it’s a 4 character edit. It would likely be easier for someone to just make the change than to accept a PR.

1 Like

Have recently encountered this problem with setting up a new discourse instance on digital ocean server, support says that ports 587, 465, and 25 aren’t supported but 2525 should work. Set SMTP setting to port 2525 but that still isn’t working to send activation e-mail with Brevo, may be some other problem.

Looks like SendGrid may be a better option and/or better supported with that server provider, d.o. support wrote:

“You can also use REST API with SendGrid, which allows you to send emails via HTTP requests instead of the traditional SMTP protocol if it is suitable for you or make use of another third-party sending service.”

Don’t know how REST API works with HTTP, apparently that may be better than SMTP?

Sorry you are experiencing this. 2525 will work with Discourse and MailGun. Their Flex plan is a pay-as-you go with a free level. You can change the SMTP parms in your app.yml w/o rebuilding the app by making the edits and then issuing

cd /var/discourse
./launcher destroy app
./launcher start app

https://www.mailgun.com/blog/email/which-smtp-port-understanding-ports-25-465-587/

I’ve used SMTP2GO, Google (via workplace accounts), MailGun, POBOX.com and most recently MailerSend. IMO MailGun is the most straight-forward. MailerSend could be a second, but I had to explain to their tech support about Discourse being hosted in a Docker container on a Linux host, that the Linux host didn’t need an SSL cert, etc. To their credit, they understood and promoted my account out of the trial level.

2 Likes

According to the last several clients I’ve talked to, I don’t believe the mailgun flex plan is still available. If you need to send more than 100 messages per day, it costs $15/month.

The issue with port 587 being blocked is a digital ocean issue. I’ve had several clients who just stopped being able to send mail because digital ocean started blocking the port without warning. It’s a trivial fix to switch to port 2525, though.

1 Like

Thanks for recommendations, have used maligun awhile ago got that to work but had some difficulties so switched to Brevo which I found to be a little easier to get to work. Haven’t had active sites in recent months just working to launch new one now.

May try one of the other senders or SendGrid. Not sure if the API option is compatible with Discourse or not, does anyone use that?