Fresh ODK Central installation on Digital Ocean not sending emails

1. What is the issue? Please be detailed.
I just did a new ODK Central fresh installation in Digital Ocean and the emails are not being sent to users while creating new accounts.

There is a message on the screen saying "Something went wrong: error code 504" and after using the docker compose logs --tail 50 service command I found a Connection timeout error:

service-1 | Error: Connection timeout
service-1 | at SMTPConnection._formatError (/usr/odk/node_modules/nodemailer/lib/smtp-connection/index.js:798:19)
service-1 | at SMTPConnection._onError (/usr/odk/node_modules/nodemailer/lib/smtp-connection/index.js:784:20)
service-1 | at Timeout. (/usr/odk/node_modules/nodemailer/lib/smtp-connection/index.js:237:22)
service-1 | at listOnTimeout (node:internal/timers:594:17)
service-1 | at process.processTimers (node:internal/timers:529:7) {
service-1 | code: 'ETIMEDOUT',
service-1 | command: 'CONN'
service-1 | }

I'm using a custom mail server configuration following the documentation and it's pointing to a Mailgun service account with a valid domain and authentication credentials (those setting are correct and still working on another old ODK Central installation that I'm running at Digital Ocean).

2. What steps can we take to reproduce this issue?
It's happening to any new installation of ODK Central in Digital Ocean. I did it 2 times and got the same end result.

3. What have you tried to fix the issue?

Yes, and I'm kind a following up here what I've found:

Digital Ocean is blocking SMTP transport ports by default to all new droplets, there is a FAQ about this: https://docs.digitalocean.com/support/why-is-smtp-blocked/

Mailgun documentation suggests the use of a simple tool called swaks that can be very handy to test SMTP transport from the command line, details here: https://documentation.mailgun.com/docs/mailgun/user-manual/sending-messages/#send-via-smtp

I opened a support ticket at Digital Ocean to request the exclusion of my server's IP addresses from their firewall blocking rules.

Hope this helps everyone on the same situation

4. Upload any forms or screenshots you can share publicly below.

That's good to know about the change from Digital Ocean! We can add that to the docs.

When using an external mail service like Mailgun, you shouldn't need the SMTP port to be open. Did you do a docker compose stop && docker compose up -d after changing your settings? A rebuild shouldn't be necessary but a stop and restart is.

Thanks LN!

I did stop, rebuild and restart the Service container and all other Central containers couple of times. I'm setting up this droplet and have no production data on it yet, so no worries about rebuilding everything.

It's still not working (timeout error) for sending messages even using the command line app that I've mentioned and I can ping the Mailgun relay servers (smtp.mailgun.org) from my droplet. It's weird.

The support team at DigitalOcean oriented me to use Sendgrid service as their solution and I created and configured an account and API authentication credentials there. But so far I've got zero progress, same connection timeout error now with smtp.sendgrid.net.

The support team at Digital Ocean removed the SMTP restriction on their firewalls for my account and now emails are sent as expected by ODK Central.

They were filtering packets by protocol, so I could reach the smtp servers at Sendgrid, Mailjet and Mailgun using ping (yes, I have configured accounts on all three ) but not relay email through them.

If anyone get into this issue I strongly suggest to create a ticket to the Digital Ocean support team right away.

Cheers!

I'm glad you got it working and sorry about the trouble!

Ah yes, I forgot that when these external services are configured they're currently used as relays, thanks. We'll update docs for now and see if we can introduce native support for at least Mailgun.