Pantheon does not host inboxes for incoming mail. We recommend using an externally hosted email solution, such as Gmail from Google Workspace.
Drupal and WordPress both require a configured outgoing email service.
For outgoing emails, we recommend integrating a third-party service provider that supports a REST API configuration. You can use an SMTP configuration, but because SMTP requests are associated with dynamic outgoing IPs there can be negative impacts to deliverability. For a detailed comparison between API configurations and SMTP, see this related blog post from SendGrid.
The following are some popular email services you can use on the platform and their corresponding Drupal or WordPress integration methods:
|Mailgun||Drupal | WordPress|
|Mandrill||Drupal | WordPress|
|Postmark||Drupal | WordPress|
|Sendgrid||Drupal | WordPress|
|Sendinblue||Drupal | WordPress|
|SparkPost||Drupal | WordPress|
Customers have successfully used SendGrid, Gmail, Amazon SES, Mandrill, and other externally hosted SMTP based email providers.
Pantheon strongly encourages using ports other than
587 to send email because those ports are often blocked by service providers as an anti-spam measure. Here’s a list of popular email providers and the alternate ports which Pantheon recommends:
|Amazon SES||2587 (STARTTLS), 2465 (TLSWRAPPER)|
If you do not find your service provider in the table above, check with their support and/or documentation.
Use the following integration methods for Drupal and WordPress to configure an external SMTP service:
Once you have chosen your SMTP provider, install and configure Drupal's SMTP Authentication Support module.
Once you have chosen your SMTP provider, install and configure WordPress's WP Mail SMTP plugin.
This is a common error with the SMTP Authentication Support module. It can be fixed in a few steps:
Copy the file from
Place in a custom module's includes dir and .info file using
files = includes/filename.inc.
Remove the original file from the
DELETE FROM registry WHERE name='[appropriate-name]' AND module='mailsystem';
terminus drush <site>.<env> -- cc all
See available patch.
SES places new users into 'sandbox mode' to help prevent fraud and abuse. If you are having trouble sending mail and are using SES, confirm you are not in sandbox mode. For more information, see AWS documentation on sandbox mode.
The password reset email may not be delivered. This happens when the current URL does not match the URL that is stored in the environment's
wp_options table. Emails will only be sent if the URLs match. This applies to all emails sent by WordPress, including instances when a new user is added.
In the following example, a password reset email will not be sent because the URL is not listed in the table:
+-----------+--------------------+-------------------------------------------------+----------+ | option_id | option_name | option_value | autoload | +-----------+--------------------+-------------------------------------------------+----------+ | 1 | siteurl | https://www.example.com | yes | | 2 | home | https://www.example.com | yes | | 3 | blogname | CSE WP AGCDN Practice | yes | | 4 | blogdescription | Just another WordPress site | yes | | 5 | users_can_register | 0 | yes |
We strongly recommend that you do not use the local MTA (postfix) as described above. Instead, we recommend using a third-party email service provider.
No, mail logs are not available for download and we do not recommend using the local MTA (postfix).
Pantheon strongly encourages using ports other than
587 to send email because those ports are often blocked by service providers as an anti-spam measure. Make sure that your service provider allows traffic on a port other than those mentioned and that you have correctly configured your site to use that port.
If you are using Pantheon's local MTA (not recommended), and your domain contains an SPF record, then you should include Pantheon's SPF record, as shown below:
v=spf1 include:spf.example.com include:spf.pantheon.io ~all
Adjust the above example record as needed for your domain:
- Be sure that you replace
include:spf.example.comwith the appropriate list of mail relays that also send email for your domain.
- If an SPF record exists for that domain, then add just the
include:spf.pantheon.iopart to whatever is already there, keeping the rest unchanged.
- To craft a new SPF record for a domain that does not yet have one, use the SPF Record Generator, and enter
spf.pantheon.ioin the 3rd-party mail systems text box.
Please see Google's help article: My client isn't accepting my username and password.
Office 365 uses ports
587 by default, and different options for sending via SMTP client, Direct send or SMTP relay. This document outlines the limitations and configurations of each, to know what will work for your application.
Because we don't support SPF, it is likely that most Exchange or Office 365 servers won't work if configured at your email server. Check your organization's Microsoft Exchange settings to see what's allowed by your system.
Autodiscover.xml automates the configuration of Outlook email server authentication. An issue can occur when the mail software erroneously and repeatedly calls for an
autodiscover.xml file that does not exist. If left unmanaged, this may start using unnecessary resources, return 404 errors, and can result in a slower site.
autodiscover.xml requests that can cause 404 errors, you can configure
pantheon.yml to block requests to
autodiscover.xml path to the
protected_web_paths directive in
pantheon.yml. This lets you block requests at NGINX web server and will return a 403 error instead.