Manipulate Mailgun Bounce Lists: Show, Add, and Delete Email Addresses. All from the terminal.

I recently came across a situation where a client reached their disk usage limit. As a result, they were unable to receive emails. This went un-noticed for a couple days (I didn’t manage the server at the time, I do now).

This client has a couple different WordPress sites with several employees receiving various notification emails. All their sites use Mailgun and the Mailgun WordPress plugin for sending emails. During the time they were unable to receive email, a few employee email addresses got placed on a Mailgun bounce list with a status of 550 Administrative prohibition.

For some background, here’s how Mailgun describes a bounce, as found in the Mailgun documentation:

Bounce list stores events of delivery failures due to permanent recipient mailbox errors such as non-existent mailbox. Soft bounces (for example, mailbox is full) and other failures (for example, ESP rejects an email because it thinks it is spam) are not added to the list.

Subsequent delivery attempts to an address found in a bounce list are prevented to protect your sending reputation.

I first noticed the bounce issue in the logs, like in the image below. After not being able to find a way to manage email addresses on the bounce list from the browser, I hit up Google and was pleased to find that you can interact with Mailgun bounce lists via their API.
mailgun-bounced

Show Email Addresses in the Mailgun Bounce List

To list email addresses on the bounce list, do something like this on the terminal/command line, replacing key-xxx-xxx with your actual Mailgun API key:

curl -s --user 'api:key-xxx-xxx' -G https://api.mailgun.net/v3/mg.longrendev.io/bounces

json-prettifierYou can find your Mailgun API key on the Mailgun dashboard, under API Keys. The Mailgun API will return JSON, which is a bit difficult to read in the terminal. I usually copy the output and paste it into this JSON formatter, which makes the data much easier to read, as you can see in the screenshot above.

Even when the formatted JSON in it’s raw form is easier to read. See, here’s the returned JSON, in it’s original form:

Now here’s the pretty, formatted JSON as raw text:

Much easier to read, right? Those of you using REST clients like Postman will have your results automatically prettified, removing the need using a site like the JSON formatter I typically use.

Delete an Email Address from the Mailgun Bounce List

If you’ve found an email address you’d like to remove from the Mailgun bounce list, or already know the email you want to remove, do this from a terminal and replace [email protected] with the real email address to delete. And of course, replace key-xxx-xxx with your actual Mailgun API key:

curl -s --user 'api:key-xxx-xxx' -H "Accept: application/json" -X DELETE https:[email protected]m

Add an Email Address to the Mailgun Bounce List

Sometimes you may wish to manually add an email address to the Mailgun bounce list. This can be done very easily with the CURL command below. It will add [email protected] to the Mailgun bounce list, so make sure to change that to the email you really want to add to the list.

curl -s --user 'api:key-7g0wl66k2hxonzq5-0nbzhw68r2oc8n8' https://api.mailgun.net/v3/mg.longrendev.io/bounces -F [email protected]'

What Else?

Not much concerning Mailgun bounce lists specifically. It’s possible to add multiple addresses to a bounce list at once, but that gets a little more difficult from the terminal as it requires sending JSON to the Mailgun API. Using a client like Postman would be a better option if you intend on sending much data.

The Mailgun API can be used to do all sorts of stuff, like pull stats and to create new domains. It’s a powerful API and one of my favorites to work with.

How do you prefer to send emails from your websites?

View Results

Loading ... Loading ...

Provide your users a world-class post-visit experience

I liked the idea of using RemindToRead.com on this site when I saw it on Hacker News the other day. I got in touch with Leonard Bogdonoff and expressed interest. He, in turn, offered to let me test it out here at longren.io.

Leonard setup some JS for my site for a quick test and gave me all the necessary code in a shared Google Doc. Took all of 5 minutes to get setup.

You can see it in action at the end of every post here at longren.io. It appears at the very end of every post, but only when viewing an individual post. The button looks like this:
remind-to-read-button

Is RemindToRead Ready For Production?

Getting closer, just from the changes I saw on the dashboard today and the very straight-forward registration process. Signup requires minimal effort. Just enter your email, choose a password, receive an email containing a confirmation link, click the confirmation link, update password, and continue on with setup. A temporary email sent after user signup can be seen below.
remind-to-read-welcome-email-temporary

The current iteration of the dashboard is not quite finished, but is very functional as it stands, even it’s early stages. It provides easy to follow instructions for adding RemindToRead code to your website. Just include some JavaScript and add this little snippet where you want the RemindToRead button to show:

<a href="#" class="later-button-el"></a>

Here’s what the dashboard currently looks like:
remindtoread-dash

I simply added the code above to my relevant template file so that it’s displayed at the end of every post, but is only shown when viewing a single post. So you won’t see the button on archive pages, tags pages, category pages, search results, etc.

A WordPress Plugin Coming

A GitHub repo already exists for a WordPress plugin, I’ve not tried it out yet, but plan to later today and will report back. I know there’s been a lot of core changes to RemindToRead recently, the WordPress plugin may have some catching up to do.

The plugin looks pretty solid code-wise, after a real quick glance. Sounds like Leonard may want me to maintain the WordPress plugin, should be a piece of cake once the core of everything starts to take its final shape.

Going to try Cloudbric here for a while to see how exactly it compares to Cloudflare

Longren.io will be unavailable for possibly up to 48 hours. As soon as I’ve published this post, I’ll be updating my nameservers to point to Cloudbric, almost feels like cheating on Cloudflare, they’ve been very good to me.

I’ve been using Cloudflare for quite a while, nearly since it became available to the public. I love them and all the services they provide, especially with a Pro (or Enterprise) account. Cloudflare costs money though (if you want certain added protections), and many smaller websites don’t use a lot of bandwidth and aren’t provided the protections they should receive with Cloudflare.

Cloudbric aims to solve that by providing all the features Cloudflare provides (from what I’ve been told at least) for free as long as your site doesn’t use more than 4GB of bandwidth per month. I only have a few Pro sites with Cloudflare (longren.io being one of them), but am trying to cut back on the number of online services I pay for monthly, so this makes sense on a financial level if nothing else.

I’d never heard of Cloudbric until they got in touch with me via direct message on Twitter and introduced me to their services. They appear to provide everything that Cloudflare’s Enterprise service provides, glad they saw one of my tweets praising Cloudflare and decided to get in touch.

Cloudbric has been around for a while (15 years or so I believe) and I talked to one of their reps quite a bit about how what they provide is better than Cloudflare (other than the usage based cost, of course).

Here’s what he said:

1. Unlike other website protection services including Cloudflare, Cloudbric provides full-coverage website protection. Even though Web Application Firewall (WAF) and DDoS Protection features are crucial for website protection, these options cost at least $200/month from Cloudflare. Cloudflare’s free plan does not protect web application layer 3, 4, and 7, which makes it pointless.

2. Our usage-based plan, rather than options plan, allows even free users to enjoy the most comprehensive security service. There are no charges for extra add-ons or features for more security. Users can enjoy all the features for FREE up to 4GB of traffic monthly.

Here’s a handy table from the Cloudbric website showing a feature comparison with similar providers like Cloudflare, Sitelock, and Incapsula.

FEATURES Cloudbric Incapsula SiteLock Cloudflare
Advanced DDoS Protection(Layer 3, 4, 7) FREE $299 /mo Enterprise $200 /mo
PCI-Certified Web Application Firewall(WAF) FREE $59 /mo $299 /mo $20 /mo
Global Content Delivery Network FREE $19 /mo $99 /mo $20 /mo
Web Opimization FREE $19 /mo $99 /mo $200 /mo
OWASP Core Rule Set FREE $59 /mo $99 /mo $20 /mo
Reputation-based Threat Protection FREE $59 /mo $299 /mo FREE
Board Spam Protection FREE $59 /mo X X
Block Visitors by IP or country FREE $59 /mo X FREE
Login Protection FREE $59 /mo X X
SSL Support FREE $19 /mo FREE FREE

Figured I’d try it out on this site as it gets the most traffic out of my personal sites, and if everything’s cool, I’ll eventually be moving all clients over to Cloudbric. Just wish they had a way to import existing DNS records, some of my domain names have at least 50 sub-domains.

Longren.io subscribers will get this post via email, but longren.io could be down for up to 48 hours while stuff updates. I’ll update this post or maybe write a new one after I’ve used Cloudbric for a few days. You should at least check them out, especially if you’re using Cloudflare for a site that doesn’t get enough traffic to make it worth paying for.

I really don’t want to leave Cloudflare, but if Cloudbric stacks up, I’m afraid I’ll have to.

Update: After updating nameservers for longren.io to Cloudbric, an SSL issue was found. I went back to Cloudflare immediately, and within about an hour Cloudbric’s engineering team had a solution worked out. It sounds like they’ll be rolling the fix out on Monday June 29. So until then, longren.io will be on Cloudflare. I’ll post info about the issue in detail after Cloudbric has officially announced it or made the fix active.

It really is the world’s most simple server monitoring service

Best of all, Ping.gg is currently free! Ping.gg will ping your server constantly, with an interval of 10 seconds.

Victor, the ping.gg creator, will be releasing all the Go code on GitHub eventually, but will keep the UI/PHP pieces to himself. It sounds like HTTP response checking is also in the works:

There is a ping daemon (Go app) that is listening for a couple of redis pub/sub channels for hosts to start and stop pinging. Each host is handled by a different goroutine. When something goes up or down, it publishes the host in another 2 redis pub/sub channels.

This is what I’ll release as open source, before I do I’d like to refactor it so it’s not tightly couple with redis, but rather have an interface there, so it’s easy to change the redis pub/sub interface with, for example, HTTP calls.

Monitor a Site with Ping.gg

To monitor a site (my.example.com), issue this command:

curl [email protected]/my.example.com

I’ll let Victor explain how it works:

After you provide a hostname or IP and your email address, you’ll be sent an email with 3 generated URLs that you can to click to start, stop and delete your tracking. Every time you server goes down or back online you will receive a notification, which will also include the control URLs. BTW, check your spam folder… you know the drill.

Every time my.example.com is unreachable, you’ll receive an email at [email protected]. An example email is below.
ping.gg-down-email

That’s It

Issuing that curl command is all you need to do. You’ll receive an email after adding a site to monitor asking you to active the monitoring. There’s also a link in that email so you can stop or pause monitoring of a site if you wish.

Ping.gg allows 10 sites to be monitored per email address. Ping.gg considers your server/site to be down when it fails to answer 6 pings in a row.

Hoping that Victor builds this into a full fledged service with account dashboards and all, just because it’s sooo simple. The Terms of Service possibly indicate that a professional service may be available at some point:

As previously stated, this is not a professional service (not now at least) so by using this service you agree to the following:

  1. You use this service at your own risk.
  2. There is no warranty that the service will work properly or at all.
  3. Your alerts might be terminated without notice.
  4. The service can stop operating anytime without notice.

Go ahead and give Ping.gg a try, it’s been very reliable for me and I’ve had no issues with it. Keep the Terms of Service in mind, however.