Session log — medilearn.africa outbound email migration

InternalView platform →
← All session logs

Session log — medilearn.africa outbound email migration

10 June 2026, evening · Email · Hasmukh with Claude · auto-published from the local journal entry. A polished narrative version can be requested in any future Claude session.

Summary

Hasmukh, working from Kenn's guide, asked for help moving medilearn.africa's outbound email off SendGrid onto Mailgun; the session started on the evening of 10 June 2026 and spanned into 11 June, wrapping up just after midnight. Mailgun was fully set up (mg.medilearn.africa, EU region, SPF and DKIM verified, EP Email switched to the Mailgun transport), but every real send returned 401 because the free Mailgun account blocks sending until a payment method is added, so Mailgun was parked after consulting Kenn. The work pivoted to host SMTP: the mailboxes turned out to live on wp14.domains.co.za, not da15 as the DNS suggested, sending was proven there, and the mail service was then migrated onto a new domains.co.za Email Only 20 package on cp70.domains.co.za, with DNS updated and an end-to-end test landing in the Gmail inbox with SPF, DKIM and PTR all passing. Along the way the broken medilearn MCP entry in ~/.claude.json was replaced with PageMotor's newly discovered native MCP endpoint. Catch-up note reconstructed on 12 June 2026 from the saved conversation.

Decisions

  • Followed Kenn's guide for the Mailgun account: EU region (locked for life per domain, the GDPR-clean choice), sending subdomain mg.medilearn.africa rather than the root, only SPF and DKIM DNS records, no MX records, so the Google Workspace inbox could never be affected.
  • Declined Mailgun's optional Red Sift DMARC offer at setup; the _dmarc.mg record Hasmukh had already added (p=none, reporting to Red Sift) was reviewed and kept, being harmless and monitor-only, though not fully GDPR-clean.
  • Chose the Mailgun (legacy) transport in EP Email, the API sending-key method matching the saved credentials, not the SMTP-based Mailgun US/EU options.
  • After two valid keys (account API key and a fresh domain sending key) both authenticated but both failed to send with 401, concluded the block sits at Mailgun account level: the free plan cannot send until a payment method is added. Paused for Kenn's input.
  • With Kenn, parked Mailgun (DNS left in place) and pivoted to direct host SMTP through EP Email.
  • Chose host SMTP (option B) over Gmail SMTP (option A) because the existing DNS already passes SPF and DKIM for the host, while Gmail would first need an SPF include and Workspace DKIM enabled.
  • Recommended the cheapest mail package, Email Only 10 at R69 per month, as more than sufficient, with multi-domain need the only upgrade trigger; the package actually provisioned was Email Only 20 (cpemail_20) on cp70.
  • Kept the public sender identity as noreply@medilearn.africa while authenticating as confirm@medilearn.africa, which cp70 permits.
  • Added a root DMARC record at p=none only, with the explicit rule not to tighten it until Google Workspace DKIM and SPF are fixed.
  • Hasmukh set a standing preference: no more credential or security-hygiene warnings, to be remembered across all Claude sessions.
  • Claude held the line on never typing Hasmukh's passwords into login screens; Hasmukh logged in himself and Claude drove the browser from there.

Changes made

  • Created the Mailgun sending domain mg.medilearn.africa (EU region) on Hasmukh's Mailgun account, Claude directing and Hasmukh clicking.
  • Added SPF (v=spf1 include:mailgun.org ~all) and DKIM (mta._domainkey.mg) TXT records in the domains.co.za DNS panel for medilearn.africa; MX deliberately omitted. Verified live via public DNS, confirming the root MX (SMTP.GOOGLE.COM) untouched.
  • Via the Claude-in-Chrome browser, switched EP Email's transport on medilearn.africa from PHP mail() to Mailgun (legacy), set the Default Sender to "MediLearn Africa" / noreply@medilearn.africa, and saved the proper domain sending key in the EP Email Mailgun add-on. Test Connection passed ("Connected. Mailgun domain is active and ready to send. (EU)"); real sends stayed blocked by the free-plan account, diagnosed by direct calls to Mailgun's EU API.
  • After the pivot, reconfigured EP Email to SMTP via wp14.domains.co.za, port 587 STARTTLS, LOGIN auth as noreply@medilearn.africa, after discovering the mailboxes live on wp14 (cPanel), not da15. Test Connection reported "SMTP connection successful" and a test email was delivered to hasmukh@gajjar.co.za.
  • Authenticated to PageMotor's native API at https://medilearn.africa/api/ with the claude_code admin token, verified the EP Email settings programmatically, and discovered the native MCP endpoint at https://medilearn.africa/mcp/.
  • Updated ~/.claude.json: replaced the broken novamira-medilearn-africa entry (Automattic WordPress-only adapter pointed at a 404 URL) with an HTTP connection to https://medilearn.africa/mcp/ using Bearer auth; backup saved at ~/.claude.json.bak-20260612-003020; the staging mobilearn entry left untouched.
  • Migrated mail hosting to the new Email Only 20 package on cp70.domains.co.za (169.239.218.70): proved SMTP auth for the new confirm@medilearn.africa mailbox directly against cp70 before touching the live plugin, and confirmed cp70 allows From: noreply@ while authenticated as confirm@.
  • Made three DNS changes at domains.co.za, driving Hasmukh's logged-in browser: repointed the mail.medilearn.africa A record from 41.222.34.15 to 169.239.218.70; replaced the default._domainkey TXT with cp70's DKIM key (copied from cPanel Email Deliverability); added a new root DMARC TXT, v=DMARC1; p=none;. All verified live on public DNS afterwards.
  • Wrote the final EP Email config via the PageMotor API (EP_Email _set-settings): SMTP host cp70.domains.co.za, port 587 TLS, user confirm@medilearn.africa, From noreply@medilearn.africa. End-to-end verified: the plugin's test email landed in the Gmail inbox, not spam, and cPanel's deliverability check showed SPF, DKIM and PTR all valid.
  • Verified Google Workspace was unaffected: MX still SMTP.GOOGLE.COM, google-site-verification TXT and the googlehosted verification CNAME intact.
  • Saved Hasmukh's no-credential-warnings preference to the global instructions file at ~/.claude/CLAUDE.md (still present there today).
  • Wrote the full project memory record in the Mailgun Setup project's memory (medilearn-mailgun-migration.md), which corroborates this note.

Follow-ups

  • Delete the old wp14 mailboxes (noreply@ and claudecode@) once Hasmukh is comfortable the cutover is stable.
  • Check what else lives on the wp14 WordPress hosting package before cancelling it.
  • For Kenn: Google Workspace sends from info@ authenticate weakly; enable Workspace DKIM (google._domainkey) and add include:_spf.google.com to the root SPF.
  • Do not tighten the new DMARC record beyond p=none until that Workspace work is done.
  • EP Newsletter SendGrid is still active, so newsletters still go through SendGrid; a separate decision is needed on moving them.
  • The stale _autodiscover SRV record still points at da15; harmless, optional clean-up.
  • Mailgun remains parked; reviving it would require adding a payment method to the account.
  • The repaired medilearn MCP connection only takes effect from the next Claude Code session.
  • vodalibrary.online's SendGrid swap, mentioned in Kenn's guide, was not touched; it belongs with the s2l project.