Mailgun SMTP Setup: Domain Verification & DNS Records (2026 Guide)
Transactional pro. Pay-as-you-go after trial. Verified domain required.
TL;DR
- check_circleMailgun SMTP server: smtp.mailgun.org (US) or smtp.eu.mailgun.org (EU). Port 587 STARTTLS or 465 SSL/TLS.
- check_circleUsername is an SMTP user (looks like an email), password is a separate per-user secret — NOT your Mailgun API key.
- check_circleSandbox domain (sandbox-XXX.mailgun.org) is only for testing — it can only deliver to recipients you've manually added.
- check_circleFor real sending you MUST verify a domain by adding 5 DNS records (MX, SPF TXT, DKIM TXT, plus CNAMEs for tracking).
- check_circle30-day trial: 5,000 emails. After that it's $35/mo for the Foundation plan or pay-as-you-go.
Connection settings
smtp.mailgun.org587STARTTLSYour SMTP user (e.g. postmaster@yourdomain.com)Per-user SMTP password (NOT your Mailgun API key)What you'll need
A Mailgun account
Sign up at mailgun.com. The free trial gives you 5,000 emails for 30 days. They ask for a credit card during signup, but won't charge it during trial.
Sign up for Mailgunopen_in_newYour own domain with DNS access
Mailgun's sandbox is not useful for real sending. You need a domain (e.g. mail.yourapp.com) with the ability to add DNS records.
Pick a region
Mailgun runs US and EU data centers as separate accounts. EU is GDPR-friendlier; US has more features and slightly lower pricing. You can't migrate between them later.
Step-by-step setup
- 1
Sign up and pick your region
At signup.mailgun.com choose US or EU. If you have EU customers, pick EU — Mailgun won't let you move data between regions later.
- 2
Add your sending domain
Dashboard → Sending → Domains → Add New Domain. Use a subdomain (e.g. mg.yourdomain.com) rather than your root domain — this isolates email infrastructure from your website.
Add a sending domainopen_in_newlightbulbTip: Subdomain choice matters. Use mg.yourdomain.com or mail.yourdomain.com. Your main domain stays untouched and a reputation issue on email doesn't affect web.
- 3
Add the DNS records
Mailgun shows 5 records: 2 MX records (so Mailgun can receive bounces and complaints), 1 SPF TXT, 1 DKIM TXT, and 2 CNAMEs for click/open tracking. Copy each into your DNS provider exactly as shown.
warningWatch out: Watch the host/name column carefully. Cloudflare adds the domain automatically; some hosts require the full FQDN. Mistakes here are the #1 cause of "unverified domain" errors.
- 4
Click Verify
Mailgun queries DNS and confirms each record. Propagation can take from 1 minute (Cloudflare) to 48 hours (slow registrars). If verification fails, click "Refresh DNS records" — don't just retry instantly.
- 5
Get SMTP credentials
Domain → Sending → Domain settings → SMTP Credentials. Either use the default postmaster@yourdomain.com (and reset its password) or click "New SMTP user." Copy the password — it's only shown once.
lightbulbTip: Per-user SMTP credentials are NOT the same as your Mailgun API key. Don't try to authenticate with the API key in the password slot — it fails.
- 6
Use these SMTP server settings
Host: smtp.mailgun.org (US) or smtp.eu.mailgun.org (EU) · Port: 587 STARTTLS · Username: postmaster@yourdomain.com (or whichever SMTP user you created) · Password: the per-user SMTP password.
- 7
Add a Reply-To and unsubscribe (best practice)
Mailgun automatically adds a tracking pixel and rewrites links. For compliance, always include an unsubscribe link and a physical address in marketing messages — CAN-SPAM and CASL both require it.
Connect to CodeOpx Mail
Hook Mailgun into CodeOpx Mail:
- 1Add SMTP config
Dashboard → SMTP → "Add config" → choose Mailgun. Host pre-fills to smtp.mailgun.org. If you're on EU, manually change to smtp.eu.mailgun.org.
- 2Paste SMTP user and password
Use the SMTP user (postmaster@yourdomain.com) and the per-user password — NOT your Mailgun API key.
- 3Test the handshake
Click "Test connection." If the domain isn't verified yet, you'll see a 550 error referencing the domain. Wait for DNS propagation, click "Refresh" inside Mailgun's domain page, then retry.
- 4Compose and verify From
Set From to anything @yourdomain.com (the verified domain). Mailgun rejects sends from unverified domains with clear errors, so testing is fast.
Common errors & fixes
550 5.7.1 Sandbox restrictionSandbox domain — recipient not authorised
You're sending from a sandbox-XXX.mailgun.org address. Sandbox can only deliver to recipients you've manually added.
Fix: Either add the recipient to the sandbox's authorised list (Domain → Recipients), or verify your real domain and send from that.
535 5.7.0 Invalid loginWrong SMTP credentials
Username or password didn't match.
Fix: Re-confirm you're using the SMTP user (postmaster@yourdomain.com), NOT your account email. Re-confirm the per-user SMTP password, NOT the API key. Reset the password from Domain → SMTP Credentials if unsure.
550 Domain unverifiedDNS records missing or wrong
Mailgun can't verify your sending domain — usually a DNS record name or value typo.
Fix: Open Domain → DNS Records → click "Verify DNS Settings." Compare each record byte-for-byte with your DNS provider. Common issues: extra spaces, missing trailing dots, wrong host name.
451 4.7.1 Rate limit exceededToo many sends per second
Mailgun limits free-trial accounts to a low send-rate to prevent abuse.
Fix: Slow to ~5 messages/second. Upgrade to a paid plan for higher rates.
550 5.7.1 Bounce / suppressRecipient is on your suppression list
A previous send to this address hard-bounced or marked spam.
Fix: Check Sending → Suppressions in Mailgun. Remove the address only if you're sure it's valid now.
Sending limits
Mailgun's free trial is time-limited (30 days), then you pay per email. No "free forever" tier — but they have one of the most generous trials in the industry.
| Free trial | 5,000 emails for 30 days |
| Foundation plan | $35/mo for 50,000 emails |
| Growth plan | $80/mo for 100,000 emails + analytics |
| Scale plan | $90/mo + pay-as-you-go from $0.80 / 1,000 emails |
| Sandbox limit | Unlimited sends, but only to authorised recipients (max 5) |
| Max message size | 25 MB |
| Burst rate | 5 messages/sec on trial; up to 100/sec on Scale |
- lightbulbMailgun's APIs are excellent — if you're writing new code, prefer the HTTP API over SMTP. It's faster and exposes more functionality.
- lightbulbTheir event analytics (deliveries, bounces, opens, clicks, spam complaints) is best-in-class — better than SendGrid's free tier.
- lightbulbWatch your Suppressions list — accidental hard bounces from typo'd addresses accumulate and silently block future sends.
FAQ
Is Mailgun's SMTP user the same as their API key?
add
No — they're completely different credentials. The SMTP user has its own password (per-user, per-domain). The API key is account-wide and used for the HTTP API. Don't try to substitute one for the other — it just fails.
Why can't I send to my own personal email from the sandbox?
add
Mailgun's sandbox domain (sandbox-xxxxxx.mailgun.org) is purely for testing the integration. It can only deliver to recipients you've explicitly added to that sandbox's "Authorised Recipients" list — usually capped at 5. Verify a real domain to send anywhere.
Should I use a subdomain or my root domain?
add
Always a subdomain (e.g. mg.yourdomain.com or mail.yourdomain.com). Reasons: (1) isolation — if reputation drops, your root domain isn't affected; (2) MX records on the root would conflict with your existing inbox provider; (3) easier to deactivate later. This is industry-standard practice.
Does Mailgun automatically handle DKIM signing?
add
Yes — once the DKIM TXT record is verified, Mailgun signs every outbound message automatically. You don't need to configure anything in your SMTP client.
What's the difference between US and EU regions?
add
US (mailgun.com) and EU (mailgun.eu) are fully separate data centers and accounts. EU stores your data in Frankfurt and is the GDPR-aligned choice for European customers. US has slightly more features (e.g. AI-powered Inbox Placement, A/B testing). You cannot move accounts between regions — choose once.
Does Mailgun include open and click tracking?
add
Yes — automatically. Mailgun injects a tracking pixel for opens and rewrites links to go through their tracking proxy for clicks. You can disable per-message with the X-Mailgun-Track and X-Mailgun-Track-Clicks SMTP headers if you prefer.
Video tutorial
Watch: Mailgun SMTP setup tutorials on YouTube
We curated a YouTube search of recent walkthroughs by independent creators. The official docs (linked below) remain the source of truth.
play_arrowWatch on YouTubeFurther reading
Related provider guides
Ready to send through mailgun?
Sign up for CodeOpx Mail, add this SMTP config, and you'll be sending tracked emails in under 5 minutes.