I will try to express my question, I'm sorry if is not the correct way to do it.
I have an AWS SES configured to receive emails from my customers, sometimes the client get in a list and try to send an email too large (above 10MB), and my costumer start to receive bounced emails from all recipients in that list.
The bounce happens when my client tries to send an email for another people but the email of my company appears on CC field.
E.g:
the client sent an email:
TO: wherever#google.com
CC: mycompany#mycompany.com (this one will be sent for my SES); [a lot of other emails.........list]
This mail will be more large than 10MB (my SES must have to treat it).
This chain wil generate an bounced mail for my costumer, once that my email appears on CC list.
It's a little bit complex to express, but basicaly is it.
I'd like to know if is possible to track this attempts when the costumer receive the first bounce email from AWS. and to trigger a alert for me that the costumer is getting in a bounced list.
You can absolutely do this, SES supports notifications per type to SNS. The types are Delivery, Bounce, Complaint.
Each type can be registered to an SNS topic which you can subscribe a Lambda function to.
This Lambda function can then perform any logical decisions that you would like for your workflow.
In addition you can subscribe any email addresses you want to receive the raw notification that it was undelivered, although you will need to confirm there subscriptions before they can receive notifications. This would be ideal for a support inbox for example.
The AWS documentation contains more information about notifications
Related
Prerequisites
I use AWS SES to send an email with event publishing to track the delivery status.
Problem
I'm looking for an event to make sure that an email is successfully sent to the end-user.
Description
Following AWS documentation, this type is suitable:
Deliveries – Amazon SES successfully delivered the email to the
recipient's mail server.
However, this event I get also in case Hard bounces.
For example, email status flow is:
Sends -> Deliveries - in case of successfull delivery
Sends -> Deliveries -> Hard bounces - in case I provide invalid recipient name, e.g. invalid#domain.com or 1234567890#domain.com
I don't expect Hard bounces after Deliveries.
If this behavior is correct then I need some additional event for sure success.
Something like this is expected in case of successfull delivery:
Sends -> Deliveries -> Success
I know that there are other "success" events like Opens, Clicks, Subscriptions, but they require additional action from the end-user.
Implementation details
I use Verified identity as an email sender.
A configuration set is used to redirect status events to SNS.
Finally, SQS is subscribed to this SNS to have all events in one place.
I tried several ways to send an email:
Java code using AWS SES SDK
Sending simulator with predefined and custom recipient's
The result is the same (as described above)
I think it is impossible to have a Success status because AWS cannot guarantee when the recipient mail server will reply with a Hard Bounce. You yourself have to define how long to you want to wait until you consider a delivery as successful. For example, if no hard bounce after 5 minutes, then it is a success.
If your use case is for analytics, I will simply capture more event types (for example log both Deliveries and Hard Bounces), and then count my success as Count of Deliveries - Count of Hard Bounces.
If your use case is for event-driven workloads, we need to define first what is considered a Success. For example, if we define Success as no Hard Bounce after 5 minutes, we can configure a Lambda function to trigger 5 minutes after a Delivery event. In the function, check if a subsequent Bounce event occurred. If not, the delivery is considered successful and then you can proceed to do what you want to do.
This is what I got from aws support about delivery status of an email.
Amazon SES will continue making several delivery attempts until
receiving a successful response from the recipient mail server, or
until 840 minutes elapse. If Amazon SES is still unable to deliver
the email/message during this period, it stops sending the email and
will then return a bounce message/notification.
According to this you can't be sure about the bounce or any other status within 5 minutes.
AWS does not have visibility to confirm if the Recipient Mail Server was able to deliver the message to the recipient email address when you get a 250 OK(it's confirmation that aws has delivered the message to recipient's mail server).
So there is no way you can be sure.
Brief Description:
What is an unregistered long code when it comes to an application sending SMS messages?
Plus, I'm using AWS SNS to send text messages through a node js application. Do I have to switch to Amazon Pinpoint to send to SMS messages?
Detailed:
I got an email from AWS saying that the US telecom carriers would no longer support sending Application-To-Person (A2P) SMS messages over unregistered long codes
It then says If you are using long codes, Amazon strongly recommends that you complete the transition to toll free numbers, 10DLC, or short codes.
In addition to that it appears that AWS wants me to use Amazon Pinpoint to send sms messages and email. And the deadline to make the change is on June 1, 2021.
First off, whats an unregistered long code? I imagine those are the long international phone #'s you'd see for someone in Europe or Latin America. But to be sure I looked at AWS's docs and don't really see an example of one.
I have a node app running on an EC2 instance that uses AWS SNS to send messages to US text messages based off certain business logic. The phone numbers in the config files have the following format: US Country Code - 10 Digit phone Number so an example is +13215441222 which is a 10DLC plus the us country code.
In other words, my app is already sending text messages using 10DLC but its doing so using AWS SNS. So do I even have to do anything that the AWS email recommends?
I don't have aws support to ask them this question so I'm asking it here.
In addition to that it appears that AWS wants me to use Amazon Pinpoint to send sms messages and email.
You can still use SNS to send SMS messages, either using 10DLC, short codes or toll-free.
First off, whats an unregistered long code?
It is any number used in application-to-person (A2P) SMS messaging not registered with The Campaign Registry (TCR)
Let me quote documentation:
In order to use a 10DLC number, first register your company and create a 10DLC campaign using the Amazon Pinpoint (not Amazon SNS) console. AWS shares this information with The Campaign Registry, a third party that approves or rejects your registration based on the information. In some cases, registration occurs immediately. For example, if you've previously registered with The Campaign Registry, they might already have your information. However, some campaigns might take one week or longer for approval. After your company and 10DLC campaign are approved, you can purchase a 10DLC number and associate it with your campaign. Requesting a 10DLC might also take up to a week for approval. Although you can associate multiple 10DLCs with a single campaign, you can't use the same 10DLC across multiple campaigns. For each campaign you create, you need to have a unique 10DLC.
Reference: https://docs.aws.amazon.com/sns/latest/dg/channels-sms-originating-identities-10dlc.html
So do I even have to do anything that the AWS email recommends?
Yes, you need to switch to 10DLC, toll-free or short codes.
Short codes reference: https://docs.aws.amazon.com/sns/latest/dg/channels-sms-originating-identities-short-codes.html
Blog post about 10DLC: https://aws.amazon.com/blogs/compute/provisioning-and-using-10dlc-origination-numbers-with-amazon-sns/
I don't have a ton of experience with Amazon SES. For a client of mine, I maintain a small subscription list (about 1300 people) and I use Amazon SES to send messages through from the WordPress blog that this group is subscribed to, whenever there is a new post. Every so often I get complaint notifications from Amazon, but there is no identifying info to tell me who the complaint is from so that I can remove them from my list. How can I use those emails (or some other part of SES) to effectively remove these recipients? I have no intention of sending to anyone who doesn't want to receive these emails (even if they have not unsubscribed on the blog directly), but I can find no way of addressing these complaints.
The messages contain (in addition to the content of the email), information like the following:
User-Agent: ReturnPathFBL/1.0
Abuse-Type: complaint
Arrival-Date: Thu, 17 Aug 2017 10:22:08 +0000
Feedback-Type: abuse
Version: 1
Source-IP: 54.240.27.23
Original-Rcpt-To: 8516be265e1454635b9a5885efb329a4#comcast.net
Original-Mail-From: 0101015defb6e57b-8068a1db-1011-407e-af0c-1bf96aa38c5f-000000#us-west-2.amazonses.com
Reported-Domain: comcast.net
UPDATE
This is maddening. I have now setup an endpoint on my server, and when subscribed to SNS topic I correctly receive logs that I have been subscribed. But then...NOTHING. I still get the useless emails, but I get zero SNS notifications, despite being verified. Still investigating.
UPDATE II
Success!! It turns out that setting up SNS (or email notifications) on the DOMAIN was meaningless. I had to set it up specifically on the EMAIL SENDING ADDRESS. This was CRUCIAL but not at all obvious (at least to me)
Your question been addressed in amazon blog.
https://aws.amazon.com/blogs/ses/tag/abuse-complaint/
Make sure you are following the procedure to handle bounces and complaints from amazon aws.
When I first sent a test message with Amazon SES, the MAIL_FROM was 0101015825ed6274-5b0cad8d-ddb6-425b-9802-782cc554497a-000000#us-west-2.amazonses.com.
In most email programs that address is hidden in the header, and it appears to be FROM a more human-friendly address. This is not the case when using an email to MMS gateway, which displays the spammy looking MAIL_FROM address to the user.
I figured out how to change the MAIL_FROM domain, but that just changes it to something like: 0101015825ed6274-5b0cad8d-ddb6-425b-9802-782cc554497a-000000#my_domain.com.
Is it possible to change the spammy-looking string of characters in the MAIL_FROM to a customized, human-friendly, less spammy-looking local_part of the address?
It is not possible.
The local_part of the MAIL FROM address is a unique, opaque identifier that SES uses for feedback tracking -- linking backsplatter bounces from poorly-behaving mail gateways that "reject" undeliverable mail by first accepting it and then firing back a separate bounce message... as well as spam complaints and out-of-office auto-responders, back to the original sender, message, and recipient.
That's why of the configuration of a custom MAIL FROM domain involves setting the domain's MX record to point to feedback-smtp.[aws-region].amazonses.com -- it collects those responses and correlates them back to the original message.
Techniques of this nature are necessary due to weaknesses in the design of SMTP itself, where it is difficult, unreliable, or impossible to otherwise correlate such events back to the original message that actually triggered them.
Setting up Meteor to use "out of the box" AWS SES is simple, and one can use native Meteor "Email" methods without modification.
Steps to implement this can be found here. Thanks to Brian
Shamblen for putting together a detailed answer.
But one caveat with the "out of the box" SES is you need to both verify the sender and receiver email address.
To remedy this, you can put in a request with AWS SES for what they call, Production Access.
And further, according to Brian Shamblen,
The process to get production access is rather complicated. One will
need to handle bounce and complaint notifications from SES and prevent
messages from being sent to those addresses in the future.
Question
What is the Meteor code involved in handling bounce and complaint notifications from SES and prevent messages from being sent to those addresses in the future?
EDIT: Made modifications to question for clarity.
Requesting production access is fairly straightforward. You just need to contact them and they usually give it to you in a couple of hours.
Information about the process is here: http://docs.aws.amazon.com/ses/latest/DeveloperGuide/request-production-access.html
Load up the URL : http://aws.amazon.com/ses/fullaccessrequest/ and let them know what you will be sending via Emails, for example if you will be sending transaction based email (verification of a transaction, etc)
With production access you can either send email from:
A specific verified email address, where you will be asked to click a link to an email sent to that address to verify you own it
Any email under an entire domain. Under this process you prove you own the domain by editing its DNS records to contain a 'key'.
Most use cases are covered under production access, they typically give you 2000 emails a day and rate limit emails to 5/sec (they queue them so the maximum send rate is 5/sec). If you need more than this you can contact them to raise this additionally.
The process of verification is to stop people quickly creating AWS accounts to mass-spam users. If they allowed this straight-off then AWS IPs would be looked at as spam by other email providers.
For bounce notifications, SES tracks these, and you have to make sure that you don't get an above average bounce rate. Typically these would come from sending unsolicited email, which I wouldn't advise sending via SES.
Production access is only approved by the AWS team. Wait a bit and they should easily give you 2.000 emails/day for free.
As per bounces-unsubscribes... You'll need to have the SES API notify you of each email address which has been 'marked' with such status.
You should store all those email addresses somewhere and tell your app not to send them ANYTHING else in the future.