With regard to this question in which I was using a barebones method to find the mail provider of a particular user, since I was using Amazon SES to send mails, but, am also quite new to it, I was wondering if Amazon SES provides a way to do so? Does Amazon SES give a way(api/service etc) to find the mail provider of the user that I'm sending email to?
Your question is a little vague in exactly what outcome you are trying to achieve with this data.
I am unsure if you are familiar with how mail delivery works on the Internet. My apologies if this is not news to you. At a basic level, email is simply ferried from machine to machine (SMTP server to SMTP server) until it find 'the' server that eventually your mailbox resides on. (This is a relatively gross oversimplification in modern times, but still true).
The first step is you get the message to a SMTP server with instructions to deliver the message, typically with a destination email address. Now, if you are using AWS SES APIs, there is the additional step that before it gets to the initial SMTP server, you first exercise the SES API which in turn ferries that message to Amazon's SMTP servers.
Now, the first SMTP server needs to know where to send it to. This is typically done by executing a DNS query on the destination domain and looking up the MX record. (More information on MX Records here). The MX record will contain an entry (or list of entries) which tell other SMTP servers how to contact that SMTP server for the domain. This is likely where your question is getting at - somehow identifying which 'provider' is in use. In current times, it is very common a large managed service provider like office 365 or similar runs that service for a domain. This is usually programmed into the client's MX record, which is the 'giveaway' that they are using O365 or whatever. However, plenty of domains run their 'own' servers and there is no technical reason preventing such. (Small lie: Since the beginning of time SPAM has been there and the 'reputation' of sending SMTP servers has been quite important in deterring SPAM, or at least was at some point in time. This is one of the reasons that AWS is so picky on you not sending unsolicited emails - it would count against the reputation of their SES SMTP servers sending it and they need it to be 'good' so they don't wind up on block lists at the Amazon level)
Here is the next complication and likely why even if an initial lookup was performed, the data cannot be guaranteed to give you what you want. Since the SMTP service is inherently hop-to-hop, there is nothing stopping the MX record at the DNS domain from merely being a proxy to another set of SMTP servers. Remember, that SMTP is one of the oldest protocols there is on the Internet and its simplicity is what made it functional before all of the infrastructure we have in place today. A SMTP server takes commands from users (or other SMTP servers) and then does its part to pass the message on closer to the actual user.
I am unsure if your end functionality would somehow modify the message sent based on the destination, or if perhaps it wouldn't send at all. Both are not supported by the AWS SES APIs (link). (BTW, it would have to be at the AWS SES APIs that did this, since this functionality simply isn't in the vocabulary of SMTP). You can look at the AWS SES API reference for what it can do, and what it can offer, but if modifying the message before delivery based on provider is what you want there is no current function in that.
Links:
https://en.wikipedia.org/wiki/MX_record
https://docs.aws.amazon.com/ses/latest/APIReference/Welcome.html
No, SES does not provide such functionality.
Related
Currently I'm working on building an email marketing system using Amazon SES. I have some problems which I have googled about for a while now but I couldn't find any clue so I decided to ask you guys here.
The first thing is I use only one Amazon account to send email, but it is limited up to 10,000 verified sending addresses or domains per region, so if I want to verify more than that I need to use different regions or Amazon accounts?
Next, is there any way can I add some custom arguments when I request to verify an email address? Because I need to check which account in my system owns that address so that no other account can use that verified address to send emails.
Any answer would be appreciated. And by the way, I'm sorry for my bad English.
Email address verification is only required while Amazon SES is in sandbox mode. This is done to prevent people creating an AWS account and using it to send spam.
From Moving out of the Amazon SES sandbox - Amazon Simple Email Service:
When your account is in the sandbox, we apply the following restrictions to your account:
You can only send mail to verified email addresses and domains, or to the Amazon SES mailbox simulator.
You can only send mail from verified email addresses and domains (also applies to Production mode)
You can send a maximum of 200 messages per 24-hour period.
You can send a maximum of 1 message per second.
You would typically only "send" from one email address, or perhaps a few to make it easier to handle replies. There should be no need for 100s or 1000s of verified 'sending' email addresses.
Once you request to move into Production mode and it is accepted, you can send to any recipients (whereas in Sandbox mode, each recipient need to be verified).
I use for my clients Amazon SES in order to send emails. So for each client I validate their domain. The problem is that the TXT record to validate the domain is _amazonses I would like to know if there’s is way to customize it or to change the way of validation so my client don’t see I am using Amazon SES
This can't be changed. Also, it's just one of the things that customers will need to change in DNS.
You will need to have your customers update their SPF records or you will have significant deliverability issues. DMARC (mentioned at the same link) will pose additional challenges, in some cases, and providing the wrong advice to your customers on their settings can break their ability to send email via existing channels.
Sending mail on behalf of your customers using their domains is distinctly non-trival and best avoided -- SES or not. Regardless of the vendor, you won't be able to mask it.
I'm wondering if anyone has done the below before, the documentation is not apparent since this is sort of combining two configurations on AWS...
I use SES for receiving mail more than sending it. It's a pretty good service to use as a catch-all for domains without multiple users, which works fine for... say, small non-profits in which one person answers all of the incoming email from a few public addresses. I have all incoming mail dumped into an S3 bucket and the SES active rule set triggers a Lambda function to parse the recipient of the incoming mail and forward it to predefined gmail addresses.
However, I have one account that wishes to send out fundraising mails to newsletter subs, and of course they'll want to buy their own IP from AWS for this purpose, to include DMARC and PTR records for minimizing their losses to spam filters.
SES has the capability to do this, by setting a 'custom domain' for your outgoing SES email. The catch is, by going through the motions to set this up I notice that SES designates the incoming MX you must use to feedback-smtp.(region).amazonses.com rather than the inbound-smtp.(region).amazon.ses.com that normal receiving at SES requires.
Can these two configurations (receiving as well as custom domain for outgoing) co-exist? Or does feedback-smtp.(region).amazonses.com get handled differently somehow?
Anyone done this before?
You don't need to worry about the Feedback MX address.
In SES, you can't have Custom mail from for naked domain (e.g: example.com)
You need to use something like mail.example.com and publish the MX record as feedback-smtp.(region).amazonses.com, this won't affect your incoming emails.
To comply with DMARC using that, you need to make sure that aspf is set to relaxed.
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/dmarc.html
I have a domain that I manage using Amazon Route 53. It contains TXT/MX records of Amazon Simple Email Service, that I use to process incoming email to a certain email address via AWS Lambda. I also need to register the domain to Google Admin, i.e. GSuite so that I may manage my business emails via Google console. How do I achieve this? I tried setting up Google Admin, entered the MX records of Google Mail, but it resulted in failure of AWS SES services.
It isn't possible to split email for a single domain across multiple services like this. When a sender on the Internet resolves your domain's mail exchanger (MX), the answer must contain a set of one or more hostnames for systems that will all behave identically for any given recipient email address.¹
The easy solution is to create a subdomain for your SES mail, for example contact.example.com, and simply use that domain for your SES messages.
If you really need to have all the addresses have exactly the same domain, set up a subdomain for SES as described above, but then configure GSuite to forward messages for the specific addresses that you want to go to SES, such as info#example.com, over to info#contact.example.com.
GSuite will then accept messages for those addresses, rewrite the recipient address, and hand them over to SES.
As a G Suite administrator, you can configure numerous email routing and delivery options to suit your organization. For example, you can route mail to Gmail and an external server. Or, you might need to route incoming mail for non-Gmail users. You can also set up routing policies that vary by organization
https://support.google.com/a/answer/6297084
¹behave identically from the sender's perspective. How they may handle the message internally is implementation specific, but for any given email address, all of the listed mail exchangers must accept or reject it, because an authoritative response of "No Such User" from any one of these systems will not trigger the sending system to try any of the others.
I'm just looking into Amazons Web Services and I've used Elastic Beanstalk to set up a Ruby web app. It all works great but with one big exception. I cannot have user email accounts for the domain and cannot have incoming emails.
Is there a technical reason why this is the case (no incoming mail service), or am I missing something? I'm reading a lot about using Gmail or installing postfix manually, are these the only options, and if so why?
Amazon offers this service now, it's called WorkMail: https://aws.amazon.com/workmail/
You can have user emails on the domain in one of two ways. If you want to keep it at aws, spinup an ec2 instance and run the mail server of your choice, or else just use a third party mail host/provider (like gmail, or rackspace email which I use) and just point your mx records to those external mail servers.
I also wish that AWS offered mail hosting (and domain registrations), but its not hard to just parcel out the small pieces of your solution.
You can use ses nowadays for inbound programmatic email, and read it from a sqs queue, this is advisable for higher then normal mailbox usage profiles.
Else soon you can use WorkMail's new imap service which was announced beta preview at 2016 re:invent.