These guys are doing some reaaaaally shady stuff.
I signed-up because they seem reasonably cheap for 200Mbps unmetered, but had a lot of trouble trying to set up Discourse, here’s my story.
— First attempt
I initially tried out their “instant” discourse offering. Though it is only limited for use in a specific type of instance which many would find underpowered, it’s also ARM btw. Overall experience was “slow”, because of latency (they’re in paris I’m in the US and had 400ms+ ping) and because the instance was … kind of slow. Anyway I boot up and I see that SMTP ports are blocked, so I try to unlock them and it says you need to open a ticket for this. Well, ticket opened, and I get an email saying this:
In order to respond favorably to your request to unblock port 25 of your server, an additional verification is necessary.
In order to protect the reputation of our IPs and in order to offer quality services, you are asked to send us to the following address: email@example.com
A photocopy of your identity card
A picture of yourself holding your identity card.
Upon receipt of these documents, your requests will be analyzed by the concerned team and we will return to you via this ticket as soon as possible if it’s avaible
So I just said, yeah no way and tried to look for alternative ways to deliver smtp. I settled with mailgun because it’s the fastest one to setup and overall no bullshit involved (elasticemail NEVER sent me login confirmations …).
— Second attempt
Now I boot up an ubuntu ARM instance and try to get docker in there. Docker installs fine but
./discourse-setup fails at some point due to the system being on an ARM architecture (I guess).
— Third attempt
I boot up another ubuntu ARM instance, which supposedly had Docker preinstalled, just to see if that was the reason the previous one didn’t work. It failed similarly, so I guess it is the architecture what’s messing the install. Bear in mind that each
./discourse-setup is taking around 30 mins to complete
— Fourth attempt
I boot up an x86 instance, these are much more expensive than ARM and now we are talking similar prices to AWS, DO and others. Still you get 200Mbps unmetered so it’s cool.
./discourse-setup completes (in 28 mins!) and when I’m trying to create my admin account it strangely fails.
telnet mailgun 587 quickly lets me know why… weird. So I open up another ticket and let them know that 587 OUTBOUND is blocked (you can’t override this on their security policies, btw), and they come back again telling me that if I need that unblocked I have to send them a picture of me standing with an ID in my hand (honestly wtf, they already have my credit card and phone ##). So I delete the instance and a couple minutes later I realize that maybe mailgun offers more ports to deliver smtp. I look up in their documentation and yeah, you can use 2525 as well.
— Fifth attempt
So I quickly boot up (again) a new x86 instance and
telnet mailgun 2525 it’s open! Great. So I go through all the issues of installing docker and
./discourse-setup and waiting 1/2 an hour, etc… It’s finally done, my discourse server is ready! No … mails are not delivered again and the log is filled with tens of messages like this:
Sent mail to REDACTED@REDACTED (904.1ms) Job exception: hostname "smtp.mailgun.com" does not match the server certificate
You be the judge … I think they may be sniffing or mitming some outbound ports like 2525. Why? Who the hell knows. Account closed and not looking back. An afternoon wasted, I’m writing this so you don’t waste yours.