Moandji Ezana Blog

There are a few pitfalls that can make you waste a lot of time when setting up Mailgun on a Digital Ocean server. Here’s how to avoid them.

Apex or subdomain?

If you wish to receive email via Mailgun and already have MX records for your domain, you must create a Mailgun-specific subdomain. This is the case if, for example, you own and have connected to Gmail or another email provider.

In Digital Ocean, go to Networking > Domains and add a domain. It does not matter which droplet you point it to. In our example, you might create All subsequent DNS records will be created for this domain.

SPF Record

Use @ as the name of the TXT record and the value provided by Mailgun as the record’s text. For example, v=spf1 ~all.

DKIM Record

Do not include the fully-qualified domain name in the name of the TXT record. If Mailgun gives you, only put mx._domainkey (no trailing dot).

You must wrap the DKIM value in double quotes, for example: "k=rsa; p=MIG".

CNAME Record

Only enter the subdomain, not the fully-qualified name, as the name of the CNAME record. If Mailgun asks you to set up, then the CNAME record’s name is email, not The hostname is

The same holds if you are setting Mailgun up on a subdomain. To create, create the record in the domain, with email as name. The hostname is

MX Records

These are necessary only to receive emails via Mailgun. No pitfalls here, if there are no other MX records, as explained above. You can enter the hostname and priority as given by Mailgun.


If Mailgun reports any errors, the zone file at the bottom of Digital Ocean’s DNS settings page is the best way to debug the issue. It allows you to see exactly what values have been configured.


Krister Viirsaar’s Mailgun + DigitalOcean article and comment thread helped me sort through these issues.