Email setup to support 2FA in Ghost

I struggled for a while to get Mailgun configured so that 2FA emails could get correctly supported in Ghost. I wasn't able to log-in to my Ghost admin panel on new devices! I almost gave up and decided that it wasn't worth the effort. Thankfully, I did eventually figure it out 😌 And along the way I learned how to configure Mailgun for the modern, Docker-based version of Ghost.

Here are the relevant entries from /opt/ghost/.env:

mail__from=postmaster@YOUR_DOMAIN
mail__transport=SMTP
mail__options__host=smtp.mailgun.org
mail__options__port=587
mail__options__secure=false
mail__options__auth__user=postmaster@YOUR_DOMAIN
mail__options__auth__pass=YOUR_SMTP_PASSWORD

Very important: if you imported your configuration from a previous ghost-cli installation, check to make sure that you don't have any extra unexpected mail settings anywhere else in your .env file because these can silently break your email configuration!

I also learned how to use msmtp to very easily verify that my SMTP account was set up correctly and that outbound emails can be sent from my account. The following assumes that you are using an Ubuntu Linux system.

# Install dependencies
sudo apt update
sudo apt install msmtp msmtp-mta ca-certificates

# Create default settings
vim ~/.msmtprc

# Default settings
defaults
auth           on
tls            on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile        ~/.msmtp.log

# Mailgun SMTP account
account        mailgun
host           smtp.mailgun.org
port           587
from           postmaster@YOUR_DOMAIN
user           postmaster@YOUR_DOMAIN
password       YOUR_SMTP_PASSWORD

# Set default account
account default : mailgun

# Set permissions
chmod 600 ~/.msmtprc

# Test sending mail
echo -e "Subject: Test Mail\n\nHello, this is a test from msmtp." | msmtp you@example.com

What initially felt like I was embarking on a terribly daunting ordeal ended up taking just about 3 hours on a lovely Saturday late afternoon.