Automating report delivery via email to S3 bucket - amazon-web-services

We want to setup a delivery report from one of our platforms.So if I set the time there to generate and email report every night I want that file to be sent to a S3 bucket on AWS.
What I have done so far ?
I have use the SES service. I was not able to verify the domains. I am not sure if we can bypass this option or will our IT admin allow it.
I did verify the email address. I set up a bucket with policies mentioned here .
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html
I was able to sent test mail via mail address send a test mail. When I checked the bucket I had a message which said
Hello,
You received this message because you attempted to set up Amazon SES to deliver emails to this S3 bucket.
Please note that the rule that you configured to deliver emails to this S3 bucket is only valid if the entire setup process is successful. For more information about
setting up email-receiving rules, see the Amazon SES Developer Guide at http://docs.aws.amazon.com/ses/latest/DeveloperGuide/Welcome.html .
Thank you for using Amazon SES!
The Amazon SES Team
Do I have a workaround ? Thank you

You mention that you weren't able to verify your domain. This is first step in making SES-to-S3 scheme work, according to docs: https://aws.amazon.com/premiumsupport/knowledge-center/ses-receive-inbound-emails/
So you need to fix this problem and go through next step in the process.

Related

AWS Help, Email to S3 to Lambda to Push Notification

So my plan is to receive an email which will be saved to an s3 bucket and also trigger a lambda function which will send a mobile push notification. Firstly is it possible, I've worked on this for a while and I'm pretty sure it is, although errors keep popping up. My current problem is that my emails are not saving into my S3 bucket, when they are saved this message from AWS comes up - message saved in S3 Bucket
Any help is very appreciated, and maybe some other opinions on my plan would also be fantastic.
Yes, it is possible :) The message in your screenshot just lets you know that you have successfully setup the S3 receipt rule action.
On a high level you have to take the following steps:
Verify your domain to receive emails. This means adding certain DNS records that point to AWS SES. It's easy to do this if your domain is registered with Route53 because the UI in SES offers you to do that with a button click. Explained here for Route53 For other domain providers you have to take a few more manual steps: Add a TXT record pointing to SES to prove you own the domain and Add an MX record pointing to SES for receiving mails
Create a receipt rule set in AWS SES. This allows you to configure what should happen when you receive an email for certain email address(es). Explained here The detailed config what should happen is defined in receipt rules.
For this rule set, setup a receipt rule to store the email file in S3. Also explained here
For this rule set, setup another receipt rule to trigger a Lambda function that sends you a notification or does whatever you want to do with the email. Lambda Action options explained here (Alternatively, you can setup an SNS Action and trigger an SNS topic to which you subscribe using your phone number - however, the SNS message will be a JSON string that includes all metadata as well, so it's not easy to read -> I'd preprocess it first using a Lambda function and that's what you probably want to do)
Did you follow these steps? Is there any error happening?
All these steps require quite a bit of manual work. Also, it's tough to setup more complex scenarios in case this is necessary and requires you to manually adjust the settings like changing a receipt rule. Depending on what you want to achieve, I can recommend you to look into some further links that help you creating these environments for you in a (semi-)automated way:
A library to forward emails to any other email address but still requires a lot of manual work, e.g. to verify a domain or setup the receipt rules.
CloudFormation custom resources to automate the SES domain verification (Afaik this is also available as a Serverless Application in the Serverless Application Repository)
I recently ran into your scenario in a similar way and have created an AWS CDK construct to make it easier to forward emails to other mail addresses: Serverless email receiving with SES using AWS CDK You could add some further automation (e.g. notification to Slack) in your target email address account like Gmail if you are keen to make your hands a bit dirty.
A slightly different approach is taken here with a Serverless email setup using S3 and SES. Maybe you get some inspiration out of it for your own situation or can use it in some other way. It's using CloudFormation to setup almost everything.
If you have more questions, just let me know.

AWS SES Identity "pending verification" for DKIM config

Brand new to AWS & Simple Email Service (SES) and have an app that needs to generate some email using SES. All I'm trying to do is set things up so that my app's service user (called, say, myapp-dev) has Access & Secret Keys that have permission to use SES APIs for generating emails. Furthermore I need these SES-generated emails to be sent from either no-reply#myapp.example.com which is not a valid email address, as well as hello#myapp.example.com which is a valid email address. This is because some SES emails will be alerts/notifications that end users should not respond to, and other emails will be emails that they may very well want/need to reply to.
I've already created a myapp-dev user that has AmazonSESFullAccess permissions.
Not knowing any better, I then went to the SES dashboard and clicked Manage Identities and started creating a new "SES Identity". I'm not sure if I need to do this or not (given my needs) or whether my myapp-dev user is ready to use the SES APIs as-is. Adding this new SES identity, it asked me to enter my domain and gave me the option to generate DKIM configurations for that domain. I read up quickly on DKIM and it sounds like its a way to authenticate that emails did in fact come from my domain, so it sounds like its something I'd like leverage. So I generated DKIM configs and now SES says that my new identity has a status of "pending verification".
Main concern is bolded above: with AmazonSESFullAccess permission, is my myapp-dev user ready to rock n' roll? Or will SES APIs fail/refuse to send emails until my SES identity (for my domain) is "verified"?
What do I actually need to do to change the SES identity from "pending" to "verified"? I did see a note that I needed to modify TXT and CNAME DNS records to configure DKIM with my domain, is that it? Or do I need to do something else?
Thank in advance for any and all clarification!
Found an alternate answer in this thread:
https://forums.aws.amazon.com/thread.jspa?threadID=125362
Here's what might have happened: Some domain name providers will automatically add example.com on to the end of the name/host field. So if you enter _xx.example.com, they'll "silently" change it to _xx.example.com.example.com
This is currently the case with namecheap, as I've painfully learned.....
It turned out this was my issue. Make sure to double check!
You need to wait for dns verification, can take a while.
You also need to take the Sandbox into account and open a ticket to move out from it.
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/request-production-access.html
To help protect our customers from fraud and abuse and to help you
establish your trustworthiness to ISPs and email recipients, we do not
immediately grant unlimited Amazon SES usage to new users. New users
are initially placed in the Amazon SES sandbox. In the sandbox, you
have full access to all Amazon SES email-sending methods and features
so that you can test and evaluate the service; however, the following
restrictions are in effect:
You can only send mail to the Amazon SES mailbox simulator and to
verified email addresses and domains.
You can only send mail from verified email addresses and domains.
You can send a maximum of 200 messages per 24-hour period.
Amazon SES can accept a maximum of one message from your account per
second.

How to read a body of received aws-ses email

I want to set up AWS SES service for receiving and processing technical emails from different subscriptions.
I read documentation Setting Up Amazon SES Email Receiving and followed all steps.
For receiving a body I tried both ways:
Storing an email to S3 storage.
Sending an email via SNS service.
But in both cases, I get the message that my service's configuration isn't completed.
The message looks like:
Please note that the rule that you configured to deliver emails to this S3 bucket is only valid if the entire setup process is successful. For more information about
setting up email-receiving rules, see the Amazon SES Developer Guide at http://docs.aws.amazon.com/ses/latest/DeveloperGuide/Welcome.html .
If I got correct I have to transfer my domain to Route 53 service.
But it isn't the best option for me. Because I have the special price for registering/prolongation from my provider. Moreover, I registered my domain a few days ago and need to wait one month before I will be able to transfer it (according to my provider rules).
In the current moment, I can get subject, sender, receiver, date and so on information from a mail, except the body.
Do I really have to wait one month and transfer my domain to Route 53? Or I missed something?
EDIT: I read comments to this post and repeat all steps from the first document. I don't know what I did wrong yesterday but I am receiving mail as expected now.
It sounds like the verification process might not have fully completed at the time. Once the MX, TXT and CNAME records have been added to your DNS settings and had enough time to propagate, everything should work as expected. If it takes too long, ensure there are no typos in the record names/values.
For others with this problem, ensure the domain shows as fully verified in the SES Home > Domains section. I just went through this, so hope it helps.

How can i send mail without verifying the recipients in amazon ses

I have been trying to send mail with amazon ses and it worked very well for all the verified recipients. But i have a requirement to send mails to un verified recipients now. How to do this. Thanks
Your SES account is in Sandbox Mode. You need to open a request with AWS to take your SES account out of Sandbox Mode. This is documented here.
By default, AWS never provides you full access and needs certain
verification(s) to ensure security & remove possibilities of
Fraudulent activities or Spam.
These steps will resolve all the issue(s) regarding current scenario in your AWS SES Setup.
1) Verify “your-domain.com” Domain using the TXT record mentioned in Verification Tab - SES Console. By doing this you can use any ID in From Address to send emails.
2) Raise a Case on Amazon Support for Production Access. SES > Production Access. By doing this you can have the full access of TO addresses and can send emails to anyone.
Kindly let me know if you still face any issue.

How to implement inbound email on Amazon AWS?

I'm relatively new to AWS, but I am trying to figure out how to get AWS to receive emails. According this post How to configure email accounts like support#xyz.com or feedback#xyz.com on AWS SES only handles outbound email.
What I am hoping to achieve is the ability to filter aliases. For example, if the alias is "xyz12alias", then any email sent to "xyz12alias#mydomain.co", can see the email and process the content appropriately. Which in my case will be storing it in account associated with the filter.
Can anybody direct me to a strategy or service within AWS that would allow me to implement inbound email on Amazon AWS?
https://postmarkapp.com/inbound appears to give me what I want, but is there anything within the AWS framework itself? Are there alternate services to postmarkapp?
Thanks.
Amazon Simple Email Service just introduced incoming e-mail support:
https://aws.amazon.com/about-aws/whats-new/2015/09/amazon-ses-now-supports-inbound-email/
In addition to offering a scalable, cost-effective email-sending
platform, Amazon SES can now accept your incoming emails. You can
configure Amazon SES to deliver your messages to an Amazon S3 bucket,
call your custom code via an AWS Lambda function, or publish
notifications to Amazon SNS. You can also configure Amazon SES to drop
or bounce messages you do not want to receive. If you choose to store
your messages in Amazon S3, Amazon SES can encrypt your mail using AWS
Key Management Service (KMS) before writing it to the bucket.
You configure all of these actions by defining receipt rules, which
you set up by using the Amazon SES console or the Amazon SES API.
Receipt rules enable a single message to trigger multiple actions.
Your rules can be as broad or as specific as you choose because you
can configure them to apply to specific email addresses or entire
domains.
You can also use receipt rules to control which messages Amazon SES
can accept on your behalf. Another filtering method is to set up
custom IP address block lists and allow lists. If you know that you
don’t want to receive mail originating from a particular IP address
range, simply add it to your account's IP address block list. You can
also override block lists by adding IP address ranges to your allow
list, which provides fine-grained control over your inbound email
traffic.
You'd have to set up your own server; that's the way to handle it using AWS. They don't provide anything other than their bulk email delivery service. A few links below:
http://jeffreifman.com/how-to-install-your-own-private-e-mail-server-in-the-amazon-cloud-aws/
http://cerebellumstrategies.com/2012/04/15/amazon-linux-postfix-dovecot/
Update: there is now a solution available in AWS, as referenced in the comments below.
Still doesn't appear to be possible on SES. I'd recommend looking at Mandrill and Sendgrid though.
http://mandrill.com/features/
https://sendgrid.com/docs/API_Reference/Webhooks/parse.html
Here is how to use Amazon and any virtual server to deliver email from SES to a local IMAP account.
This plan is about stable operations: every step is under our control.
Have SES receive emails
And deliver to an S3 bucket and send notification to a SNS topic
Subscribe to that notification with HTTPS protocol
Use aws/aws-php-sns-message-validator and write a small PHP script to reveive notifications from SNS through HTTPS
SNS only sends messaged ID-s, put those in a file
Install incron on your server to start a shell script that downloads those messages from the S3 bucket by s3cmd and delivers to the local IMAP account by sendmail
Use any IMAP server, I use Courier IMAP
Read your messages with e.g. Rainloop webmail
Use SES also for sending outgoing emails
When using AWS SES inbound mail support, main challenge is that, it fits well for programmatic tasks, but hardly human readable since it receives in raw message delivered format.
You you can setup a S3 bucket, SNS Topic (Which could again links to Email, SMS & etc.), Lambda to forward the inbound mail with the same format it receives to take any programmatic actions based on the content of the email.
If you want read the message in human readable format, you need to write your own code to do the formatting. For example using Serverless lambda SES forwarder includes, NodeJS code runs in Lambda to convert raw email to human readable format and forward to recipient email.