Sending & Testing

Get started with MailBlastr and Supabase

Send Supabase Auth emails and Edge Function emails through MailBlastr: verify your domain, route auth mail via custom SMTP or hooks, and call POST /emails from a Deno Edge Function.

This guide gets you sending with MailBlastr from a Supabase project — first your Auth emails (password resets, confirmations), then arbitrary mail from Edge Functions (notifications, account activity).

Set up MailBlastr

Before sending you must verify a domain. In the dashboard, add your domain — we recommend a subdomain like updates.example.com — publish the generated DNS records with your provider, and wait for verification (usually a few minutes).

MailBlastr requires that you own the domain you send from (not a shared or public domain). Publishing the DNS records authorizes MailBlastr to send on your behalf and signals to inbox providers that you are a legitimate sender. See Managing domains.

Send Auth emails through MailBlastr

Supabase rate-limits its built-in auth mailer and recommends connecting your own provider for anything beyond a couple of emails per hour. You have two main ways to route Supabase Auth email through MailBlastr:

Supabase’s default auth rate limit is low; once MailBlastr is your provider you can raise it in your project’s authentication settings. Higher MailBlastr volume may also need a quota increase.

Send email from a Supabase Edge Function

For non-auth mail, call the MailBlastr API directly from an Edge Function with native fetch. First create the function with the Supabase CLI:

supabase functions new mailblastr

Then paste the handler into index.ts. Read the API key from an Edge Function secret rather than hard-coding it:

index.ts
import { serve } from 'https://deno.land/std@0.168.0/http/server.ts';

const MAILBLASTR_API_KEY = Deno.env.get('MAILBLASTR_API_KEY')!;

serve(async (_req: Request): Promise<Response> => {
  const res = await fetch('https://api.mailblastr.com/emails', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'Authorization': `Bearer ${MAILBLASTR_API_KEY}`,
    },
    body: JSON.stringify({
      from: 'Acme <hello@yourdomain.com>',
      to: ['delivered@yourdomain.com'],
      subject: 'hello world',
      html: '<strong>it works!</strong>',
    }),
  });

  const data = await res.json();
  return new Response(JSON.stringify(data), {
    status: res.status,
    headers: { 'Content-Type': 'application/json' },
  });
});

Set the secret, run the function locally, then deploy:

# store the key as a secret (never commit it)
supabase secrets set MAILBLASTR_API_KEY=mb_xxxxxxxxx

# run locally
supabase functions serve mailblastr --no-verify-jwt

# deploy
supabase functions deploy mailblastr
The from address must be on a verified domain. Keep your mb_ key in a secret, not in source — see Handling API keys securely.

For the request and response shape, see the emails API.