SMTP Error - Invalid login: 535 5.7.0 exposed account credentials


I’m getting an error when I attempt to send an email through SMTP.

I’m using mailgun for SMTP.

I have my config/mail.js set up like this:

connection: 'smtp', 

  smtp: {
    driver: 'smtp',
    pool: true,
    port: 2525,
    host: '',
    secure: false,
    auth: {
      user: Env.get('MAIL_USERNAME'),
      pass: Env.get('MAIL_PASSWORD')
    maxConnections: 5,
    maxMessages: 100,
    rateLimit: 10

And my controller method:

async store ({ request, auth, response }) {
    const userData = request.only(['name', 'email', 'password'])
    const user = await User.create(userData)
    await Mail.send('emails.welcome', user.toJSON(), (message) => {
            .subject('Test Subject')
    // ... 

When it runs, I get the following error:
Invalid login: 535 5.7.0 exposed account credentials

I’ve tried just passing as the data parameter in the Mail.send() method, but I’m still getting the same error.

Is there a way to flag the auth type with mailgun as plain text? That’s the solution I’ve been able to discern through reading their docs. If that’s not the issue, then I’d appreciate any guidance because I’m totally lost here.

Thanks in advance!


The error is coming when authenticating with Mailgun, you must be looking docs and guides of Mailgun on how to connect



I did that and it’s stating I should be attempting to authenticate with an auth type of plain text. How would I configure this with config/mail.js. I just see secure: true/false in the SMTP options.

Is this something that should go into extras: {}?