Would you consider whitelisting transactional mail services? : Forums : PythonAnywhere

Would you consider whitelisting transactional mail services?

Hello PythonAnywhere folks,

There are several providers out there which offer a service known as transactional email. It means they act as a third party for sending out email - see table comparison at socialcompare

It seems the selling point of these solutions is the ability to gather statistics about what recipients click in messages, but as I see it, it can also be used as a middle man for sending out mails for low-volume websites (when outbound SMTP is blocked like in PA).

Apparently all of them provide some sort of REST API on top of SMTP, with a daily usage cap to prevent abuse. There are several Python libraries which seem to provide a more convenient interface to those APIs, such as python-mailsnake or more specific ones like django_email_multibackend, django-mandrill, or djrill which integrate as an EMAIL_BACKEND for Django.

Do you think you could add a couple of those sites to the whitelist? I personally would not mind if you set a limit on message size in the proxy configuration, since most delivered mails are either email confirmation, error reporting, notifications etc. messages and do not require a large body.

Thanks for your attention

deleted-user-113844 | 3 posts | Oct. 11, 2013, 10:14 p.m. | permalink

I don't see any reason why not! The one potential issue is that if they require https access (likely) and the pre-built Python libraries for them use requests (also likely) then a known bug in the way requests works with proxies (we use a proxy to enforce the whitelist) might mean that they wouldn't work together -- at least, until the requests bug is fixed (which is underway but I don't think has hit the stable version yet).

Anyway, if you'd like to give one a go, just give me a specific example and I'll see if I can activate it.

giles | 12640 posts | PythonAnywhere staff | Oct. 12, 2013, 5:16 p.m. | permalink

Hi giles,

Looking at options, most of them seem to provide a Python library, but not always a Django backend. Can you try the "Developer Example" at the bottom of http://www.mailgun.com/ ? I suggest you use some kind of throwaway account, since the sample message contains an unsubscribe link and Gmail flags it as Spam. Anyway, the API key seems legit.

deleted-user-113844 | 3 posts | Oct. 12, 2013, 9:29 p.m. | permalink

Thanks for the link! So, I've whitelisted mailgun and it works, with one caveat: you'll need to upgrade the requests library for your account. In a bash console, do:

pip install --user -U requests

Once you've done that, you should be able to send stuff using their API.

Some explanation for anyone who's interested: free PythonAnywhere accounts access the Internet through a squid proxy. The requests library (well, actually its dependency urllib3) had an obscure bug in the way it handled https via proxies, which meant that https just didn't work. The bug was fixed in requests 2.0.0, which has just been released; our default system image still uses requests 1.2.3, but the incantation above lets you install 2.0.0 into your private file storage. We'll be upgrading the default image soon.

giles | 12640 posts | PythonAnywhere staff | Oct. 14, 2013, 12:36 p.m. | permalink

Hello giles,

It seems to work like a charm!

In my virtualenv

$ pip install 'requests>=2.0'
$ pip install django-mailgun

And here is approximatively what I added to my Django settings.py

EMAIL_BACKEND = 'django_mailgun.MailgunBackend'
MAILGUN_ACCESS_KEY = 'key-somevalue'
MAILGUN_SERVER_NAME = 'mysubdomain.mailgun.org'

Thanks a bunch!

deleted-user-113844 | 3 posts | Oct. 14, 2013, 11:01 p.m. | permalink

No problem, thanks for testing it!

giles | 12640 posts | PythonAnywhere staff | Oct. 16, 2013, 8:23 p.m. | permalink