Optimizing Your Ghost Blog Mail Configuration

Ever since I updated my blog to Ghost 0.5.8, I've been having weird problems with mail delivery. Ghost relies on using third-party transactional email delivery services like Postmark, Mailgun, and AmazonSES to get the job done. My personal preference is Postmark, since their parent company Wildbit is based here in Philadelphia.

Since updating, I've been receiving error notifications like the following:

ErrorCode: '400', Message: 'Sender signature not defined for From address.'.  

It took me a while to figure out what was happening, since I knew nothing had changed with my Postmark configuration. The email address that Ghost was using to send out email from had changed from using my root domain classicyuppie.com to the www subdomain. My blog was effectively sending transactional emails as ghost@www.classicyuppie.com.

Because I have a SPF record in place for all of my domains which do not send email, any email sent from a domain other than my root domain will either wind up in /dev/null or caught by a spam filter (more often than not), depending on how the receiving mail server processes mismatched headers. No matter which configuration I tried through Postmark, it simply wouldn't work. It appears that the solution had to come from modifying the configuration on my Ghost blog itself. One line of code in config.js was all that I needed to get things working again:

mail: {  
    from: 'myemail@address.com',

For services that default to using a supplied custom name on the emails when sending you could also use:

mail: {  
    from: '"Custom Name" <myemail@address.com>',

This line of code will specify which email address to appear to send the message from. When message goes through the authentication process on Postmark, it's matched up against the sender signatures that have been approved to send messages.

This is the part that generated the error code 400 message I mentioned earlier. By ensuring your blog is sending messages from the same address that your Postmark account has pre-approved for sending, email should flow through as expected and land in your inbox.

Why does all this matter? Who cares if a transactional email flow breaks on your site? Getting accidentally locked out of your account is an inconvenience. Not receiving the email containing the link so you can reset your password is a pain and a half.