Hello I've followed the instructions here to try and get my lambda function able to send email via SES SMTP https://docs.aws.amazon.com/ses/latest/dg/send-email-set-up-vpc-endpoints.html
In my Lambda Function I use the net/smtp package and when I try to send the email it gives me this error
Error sending email alert dial tcp: lookup email-smtp.us-east-1.amazonaws.com on ..*.1:53: no such host
Here is the code for sending the email that is giving me issues. Note when I rung this Go code locally it works fine.
user := os.Getenv("SMTP_USER")
password := os.Getenv("SMTP_PASSWORD")
to := []string{
"testemail#gmail.com",
}
addr := "email-smtp.us-east-1.amazonaws.com:587"
host := "email-smtp.us-east-1.amazonaws.com"
msg := []byte("From: test#test.com\r\n" +
"To: test#test.com\r\n" +
"Subject: Test mail\r\n\r\n" +
"Email Body \r\n")
auth := smtp.PlainAuth("", user, password, host)
err = smtp.SendMail(addr, auth, from, to, msg)```
I was able to finally get the SMTP working. Everything in that document in the OP was correct except the security group part. In order to get it to work, I had to set the inbound and outbound rules of my security group (not entirely sure if outbound is necessary) to use the entire IP address range of the subnet in my VPC for use1-az1 for source/destination respectively.
Related
I have an AWS Lambda function:
sendEmail.js
const AWS = require('aws-sdk');
const ses = new AWS.SES();
function sendEmail(subject, message, senderEmail) {
const params = {
Destination: {
ToAddresses: [
process.env.VERIFIED_EMAIL
]
},
Message: {
Body: {
Text: {
Data: message,
Charset: 'UTF-8'
}
},
Subject: {
Data: subject,
Charset: 'UTF-8'
}
},
Source: process.env.VERIFIED_EMAIL,
ReplyToAddresses: [senderEmail]
}
return ses.sendEmail(params).promise();
}
module.exports = sendEmail;
Called from
index.js
const sendEmail = require('./sendEmail');
exports.handler = async (event, context) => {
return sendEmail(event.subject, event.message, event.email).then((response) => { context.done(null, 'Email sent')});
};
I have the env. variable VERIFIED_EMAIL set to a personal e-mail that is verified by AWS/SES.
My test case:
{
"email": "redacted#outlook.com",
"subject": "desc",
"message": "Hello!"
}
Which passes and returns "Email sent" but I don't actually receive an e-mail. I've also deployed the API-GATEWAY and I can call the API w/ Postman and I receive the same "Email sent" message but no e-mail is actually sent.
I don't think it should be an issue with being in sandbox mode because the email I am sending it from is verified.
PS:
When Looking at the SES management console it says that the emails are being sent (they take up part of the 200 daily quota) and then that none of them were bounced or rejected but simply deliveries.
A few things you should check with your SES before diving deeper.
In sandbox mode both "source email address" and "destination email address" have to be verified. Instead a mail won't be delivered.
In case you verify Email Domain so appropriate dns and DKIM records have to be added in your domain. Plus additional whitelist clearance is assumed if you use corporate domains.
Your IAM AWS user should be permitted to execute SES api calls. Check your policies and roles. Check Secret Key and Secret Id you use.
There might be problems when you use inappropriate email types and email sending endpoints (eg you try to send "SingleTemplatedMessage" via "BulkTemplatedMessage" endpoint)
Check all this things first.
Then you might try something else. In my project we use AWS SDK based on java to interact between BE and SES. It provides logs containing message statuses (if a message was sent successfully, rejected, its id and other errors if they occurred)
Additionally to keep track on every single message you send you can set up SES-SNS to exchange with notifications. It's described in the following article
https://sysgears.com/articles/how-to-track-email-status-with-amazon-ses-and-amazon-sns/
Other problems might occur in your mail client (spam filters etc)
Follow the check list to troubleshoot SES email sending:
Check the SMTP credential is ok or not using code shared by AWS
Same credential using in multiple application/IP may not work
Use minimum mail configuration, if you do not know setting value remove it, do not leave it with NULL.
Set, $config['charset'] = 'UTF-8'; // // 'UTF-8', 'ISO-8859-15'
Set, $config['newline'] = "\r\n"; // "\r\n" or "\n" or "\r"
Additional Check
Make sure trying to send email to the same domain if SES account is Sandbox
Check all outbound with mail TCP port is open
If using NATgateway Check both inbound and outbound with mail TCP port is open in open for the mail sending instance in it.
I am using Sendgrid Dynamic Transactional Templates to send emails from my django project. The code can be seen below.
sg = SendGridAPIClient(djangoSettings.SENDGRID_KEY)
message = Mail(
from_email = some#email,
to_emails=some#email,
)
message.dynamic_template_data = {...
}
message.template_id = '....'
response = sg.send(message)
The email sends fine, but I need to use a from_email to send. I don't want to use an email they can reply to. I want some generic email associated with my sendgrid account, lets say mydomain.com. How can I go about solving that?
If you have authorized the domain in your Sendgrid account you can add any address you want so long as it's part of the authorized domain.
To do this go to, https://app.sendgrid.com/settings/sender_auth, press Authenticate your domain and follow the steps to add your domain. This includes configuring your DNS, DKIM and SPF. For more details on adding a domain visit here
Now in your code, you could add noreply#yourdomain.com, or any variation of that, as the from address so long as you authenticated yourdomain.com.
I'm trying to create a discussion list sender using SES. The 'receive' part is fine, but when I send, I want to preserve the user's "from" address. Aside from some subject rewriting, here's what I'm doing to the headers; VERIFIED_FROM is my mailing list alias. This is py3.6, but it shouldn't matter.
msg['Reply-To'] = VERIFIED_FROM_EMAIL
msg['Return-Path'] = VERIFIED_FROM_EMAIL
When I call sendRawEmail, I get an error like this, brackets for scrubbed entries:
[ERROR] [timestamp] [request id] Client error while forwarding email for <[VERIFIED_FROM_EMAIL]> to <[all emails on list]>: An error occurred (MessageRejected) when calling the SendRawEmail operation: Email address is not verified. The following identities failed the check in region US-WEST-2: ["user who sent the message" user#domain.com]
I can't put all users on the verified list. I could set the 'from' to my list address, but then I lose the identity of the sender.
I'm sure this has been done with SES- but how?
The reply-to field and the return-path field are fields that require a validated email address. [1]
With each email you relay, you can create a unique email address for people to reply to (e.g. abcdef123#yourdomain.com) which you can then relay back to the same threads using the Message-ID and In-Reply-To headers.
You can also modify what the name looks like for the message using the Name <email#yourdomain.com> header too.
[1] https://forums.aws.amazon.com/message.jspa?messageID=221703
I'm working on a custom claim to match one of two specific IP addresses, and then deny the claim if it's either of them.
Here's the regex (IP changed for fun to 1.2.3.4 and 5.6.7.8)
c:[Type == "(notabletoposturl)ttp://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip", Value =~ "(^1\.2\.3\.4|^5\.6\.7\.8)"] => issue(Type = "(notabletoposturl)ttp://schemas.microsoft.com/authorization/claims/deny", Value = "DenyUsersWithClaim");
It doesn't seem to be working as expected. I'm still seeing bad username and password attempts from those IPs in the event logs like:
Token validation failed. See inner exception for more details.
Additional Data
Activity ID: 00000000-0000-0000-0000-000000000000
Token Type:
(notabletopostlink)ttp://schemas.microsoft.com/ws/2006/05/identitymodel/tokens/UserName
Client IP:
1.2.3.4,{Exchange Online Server IP}
Error message:
username#contoso.com-The user name or password is incorrect
Is my syntax or regex off for ADFS 3?
I finally got SES to work, but now im confronted with another problem
The email sent leaves amazonses.com in the from and mailed-by fields like thisI am currently on sandbox access
from: name#myDomain.com via amazonses.com
to: john#aol.com
date: Sat, Jun 2, 2012 at 3:30 PM
subject: Subject message
mailed-by: amazonses.com
question: how can i remove amazonses.com from these 2 fileds and replace the 'mailed-by' field with my companies email address?
heres my php
function sendMail($to, $subject, $message, $from ) {
require_once('sdk-1.5.6.2/sdk.class.php');
$AWS_KEY = "********************";
$AWS_SECRET_KEY = "****************************************";
$amazonSes = new AmazonSES(array( "key" => $AWS_KEY, "secret" => $AWS_SECRET_KEY ));
$response = $amazonSes->send_email(
$from,
array('ToAddresses' => array($to)),
array(
'Subject.Data' => $subject,
'Body.Html.Data' => $message,
)
);
if (!$response->isOK()) {
return false;
}else {
return true;
}
return false;
}
sendMail('john#aol.com', "Body message", "Subject message", "name#myDomain.com" );
Since july 2012 it is easy to sign outgoing mail via SES itself.
Instructions are easy and straightforward.
p.s.: sorry for nekroposting, but this question is the one that popped up when I tried to do the same thing.
The reason you're getting this is by default you're encouraged to use Amazon's own DKIM setup.
In order to remove the 'via amazonses.com' text you'll need to follow instructions similar to these in order to set up your own DKIM keys.
Note that I haven't yet tested this myself.
Set the MX and SPF record obtained form amazon ses into your subdomain through which your sending your emails.
eg:
Suppose verified domain on amazon ses is: domain.com
then add the MX and SPF record obtained when you click on verfied domain to the subdomain- abc.domain.com
It will change your mailed by to abc.domain.com
I don't believe you can. SES allows only to send from your domain (or other verified address), and it always has the ses stamp.
Even if your php mail has From address other than the verified email from SES it will go through the SES but via amazonses will show. But if the From address is the verified email with SES then the via address will not show up. So not to show the via address its better to change the php script of sending mail.
You can replace mailed-by with your companie's email address. To do that, you must create a custom MAIL FROM domain which is the domain with subdomain like sub.example.com.
The below is how you create the custom MAIL FROM domain sub.example.com.
Click on the domain example.com.
Then, the detail is shown.
Then, click on MAIL FROM Domain to show Set MAIL FROM Domain button.
Then, clicking on Set MAIL FROM Domain button, the window is open.
Then, put the subdomain "sub" to the field and click on Set MAIL FROM Domain button.
Then, the MX Record and SPF Record are shown. You must add the MX Record and SPF Record to Route 53 in addition to the records of the domain example.com to verify the custom MAIL FROM domain sub.example.com.
Finally, check if the custom MAIL FROM domain sub.example.com is verified under MAIL FROM domain section.
If MAIL FROM domain status is still pending verification, click on retry in blue.
Then, it will be verified.
After the custom MAIL FROM domain is verified, mailed-by is sub.example.com whether or not you send emails using example.com or sub.example.com and whether or not your account is in the sandbox.