Hey folks, I’m pulling my hair out over here! I’ve got this Node.js app using Nodemailer and Mailgun, but I’m hitting a wall. When I test my email route with a REST client, it’s like hitting a brick wall - emails get rejected by Google due to some DMARC policy issue.
Here’s the weird part: if I put the email code directly in the server file, it works fine on startup. But in a POST route? No luck. I received this error:
550 5.7.1 Unauthenticated email from guest.com is not accepted due to domain's DMARC policy.
I’ve tried everything - switching to mailgun-js, testing different API versions, you name it. The same error keeps showing up. I thought I had my Gmail authentication sorted in Mailgun, but something’s clearly off.
Here’s a snippet of my setup:
const mailer = require('emailer');
const sender = mailer.createSender({
host: 'smtp.mailservice.com',
port: 587,
auth: {
user: '[email protected]',
pass: 'super_secret_key'
}
});
app.post('/send', (req, res) => {
const email = {
from: req.body.sender,
to: '[email protected]',
subject: 'New message from your website',
text: req.body.content
};
sender.send(email, (err, info) => {
if (err) console.error(err);
else console.log('Sent:', info.messageId);
});
});
Any ideas on what I’m missing here? This DMARC policy issue is really driving me nuts!
I’ve dealt with similar DMARC headaches before, and it’s a real pain. One thing that worked for me was using a ‘no-reply’ address from my authenticated domain as the ‘from’ field, then setting the ‘reply-to’ to the actual sender’s email. This way, you’re technically sending from your domain (which should pass DMARC), but replies still go to the right place.
Also, make sure you’ve got your SPF and DKIM records set up correctly in your DNS. These are crucial for email authentication. If you’re using a subdomain for sending (like mail.yourdomain.com), double-check that it’s properly configured in Mailgun.
Lastly, have you considered using Mailgun’s API directly instead of SMTP? In my experience, it’s more reliable and gives you better control over these kinds of issues. Might be worth a shot if you’re still hitting walls with the current setup.
The DMARC issue you’re encountering is quite common when sending emails from domains you don’t own. To resolve this, I’d suggest modifying your email configuration to use your authenticated Mailgun domain as the ‘from’ address. You can still include the original sender’s email in the ‘reply-to’ field. Here’s an adjusted approach:
const email = {
from: 'Your Name <[email protected]>',
replyTo: req.body.sender,
to: '[email protected]',
subject: 'New message from your website',
text: req.body.content
};
This setup should help bypass DMARC restrictions while maintaining the ability for recipients to reply to the original sender. Additionally, ensure your DNS records (SPF, DKIM) are correctly configured for your Mailgun domain to improve deliverability.
hey TomDream42, sounds like a real headache! have u tried setting the ‘from’ address to match ur authenticated domain? like ‘from: [email protected]’ instead of req.body.sender. that might bypass the dmarc issue. also, double-check ur spf and dkim settings in mailgun. good luck man!