Sendgrid: 2 Days Left to Update Your SMTP Integration

Just received this email from Sendgrid which i am using as SMTP for Discourse.

Hello there,

We are emailing to inform you of an upcoming requirement to update your SMTP authentication method with Twilio SendGrid to API keys exclusively by January 13th, 2021 in order to ensure uninterrupted email delivery service and improve the security of your account. Our records show that one or more users with this email address used your login credentials for your SendGrid SMTP configuration in the last 30 days. If you do not take action, your SMTP email delivery will be declined on January 13th, 2021.

Why API keys?
This is an effort to enhance security for all of our users. Using your account username and password for authentication is less secure than using an API Key. Unlike your username and password, API Keys are uniquely generated and can be set to limit the access and specify permissions for a given request.

What action is required?
Follow these steps to identify and replace your authentication method to API Keys for your SMTP configuration as well as any API requests and then implement Two-Factor Authentication (2FA) for enhanced security.

What happens if no action is taken?
On January 13th, 2021 we will no longer accept authentication with username and password, and we will be requiring 2FA to login to your account. If you attempt to authenticate your API requests or SMTP configuration with username and password for any of your users after that date, your requests will be rejected.

We’d like to thank you in advance for your prompt attention to these requirements. If you’d like to learn more about how you can enhance the security of your account, view this post. If you have any questions or need assistance, please visit our documentation or reach out to our Support team.

Thank you,
The Twilio SendGrid Team

Im using the defaults settings from the Discourse installation. Never made any custom changes.
Do i need to change anything?

1 Like

If you only use SendGrid for your Discourse, ie. you have no other sites or services hitting SendGrid, then yes, you will.

1 Like

This may help.

If your user_name value is set to apikey like this example below then no, there are no changes you need to make.

Screen Shot 2021-01-11 at 20.23.47

1 Like

Ah yes, i have a username there, not the apikey.

Do you have any simple steps of what exactly i need to do?

1 Like

Two parts…

First part, get an API key:


Log in to your SendGrid account, do not enable 2FA at this point (as per their email!)

Click SETTINGS in the left menu.

Click API KEYS.

Click the “Create API Key” button in the top right.

Give the api key a name, such as: discourse

Click RESTRICTED ACCESS.

Then only select “Mail Send” for the permissions/access:

Click “Create and View” button at the very bottom.

You’ll now see your new API Key.

Copy it, NOW :smiley:

Do not lose it, you cannot get this back (but you can create a new one).

2 Likes

Second part, update Discourse with the new details.


Now you have your new SMTP username and password :+1:t2:

The SMTP username, very confusingly is, apikey

The password is the very long and complex key value that you just copied and kept safe.

Next step is to edit your app.yml

Find the existing SMTP user/pass combo, and replace them with your new apikey/value pair.

I think you may need to rebuild at that point - can’t remember :thinking:

You may also need to add this line, again sorry can’t remember:

DISCOURSE_SMTP_ENABLE_START_TLS: true

Hope this helps mate :+1:t2:

2 Likes

Excellent thank you.

1 Like