Start Server through email in AWS - amazon-web-services

I have requirement where authorized people will send an email and then an EC2 server should start.
We have decided to use SES and Lambda for this.
I have learned that we can set up rule in SES which then can trigger a Lambda function where we will have boto3 code to start the EC2 instance.
I was going through Amazon SES Email-Receiving Concepts to do a Proof of Concept for this.
I have some questions:
To do POC in my AWS account do I need my own Domain name?
In real time when we set these rule where the authorized person will send email to which email-address address? And any particular format for it?

You would need a domain name (or sub-domain) with an MX record pointing to Amazon SES, or your existing email system could forward the email to the SES endpoint.
You could then configure SES to trigger a Lambda function for each incoming email. You could then code the Lambda function to turn on the EC2 instance. It could even look at who sent the email and make a decision about which EC2 instance to start. This would all be your own code, so the contents of the email is totally up to you!
For details, see: New – Receive and Process Incoming Email with Amazon SES | AWS News Blog
Let us know how it worked for you!

Related

Amazon SES email security

I have a question about the security of the emails in the amazon ses.
According to their docs and verification here:
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-email-authentication-spf.html
and
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-email-authentication-dmarc.html
They advise to publish the record to consisting of this:
"v=spf1 include:amazonses.com ~all"
However, doesnt that make Your domain to be accessible for all of the accounts using the AWS SES? Isnt this a bit of a security issue?
This validates that emails are allowed to be sent from SES. Its primarily you acknowledging that Amazon is allowed to send emails on your behalf.
Additionally a username/password via SMTP or IAM credentials via AWS api are used to send the email, these are the validation step from the AWS perspective.
See more: https://en.wikipedia.org/wiki/Sender_Policy_Framework

Forward all emails sent to AWS subdomain to one single account

I have many email addresses, one for each user, on a subdomain like so: username#upload.mywebsite.com
I'd like to receive all of these emails into one Inbox for me to use, e.g. combineduploads#mywebsite.com
I'm using AWS Workmail and Route 53. I'm not sure where to start. Maybe this can be done with DNS records?
This can be done using AWS SES and AWS Lambda where you can setup a SES rule to trigger a Lambda function to forward the mails received to a predefined email address.
For more details refer Forwarding Emails to your Inbox Using Amazon SES. You can launch the CloudFormation stack to automate the majority of the configurations.

Hosting Google Domain on AWS EC2

I'm not sure if this is the place to ask this.
I recently bought a domain from Google and setup email forwarding so that emails sent to 'me#domain.com' get sent to the gmail of the account that owns the domain, then I stared an ec2 instance on AWS. I changed my nameservers in Google domains so that when I go to my domain, I get my ec2 instance and this works correctly.
However, now my email forwarding no longer works, so I tried setting up a MX in route 53 on AWS using
5 gmr-smtp-in.l.google.com.
10 alt1.gmr-smtp-in.l.google.com.
20 alt2.gmr-smtp-in.l.google.com.
30 alt3.gmr-smtp-in.l.google.com.
40 alt4.gmr-smtp-in.l.google.com.
with no name as I have read online. I am still not recieving emails like i used to and am unsure what to do. Thanks in advance
Have you considered using AWS SES and AWS Lambda to forward your emails?
First, you need to verify your domain - Amazon SES Domain Verification TXT Records
Second, create an S3 bucket with a unique and meaningful name. This will be used to store emails, for example ascisolutions.com-emails . Create a folder inside this bucket to store emails.
Third, create a Lambda function to forward the emails. See AWS Lambda SES Email Forwarder for files needed for AWS Lambda and instructions how to set it up as it requires to modify a config file.
Next, you need to create a rule set - Creating a Receipt Rule Set for Amazon SES Email Receiving
After that, you need to create a rule in the new rule set to let SES know what to do with the email that it received - Creating Receipt Rules for Amazon SES Email Receiving
Next, you want to update your MX records - Publishing an MX Record for Amazon SES Email Receiving
When you're done, wait a few minutes for DNS to update and then test to see if email forwarding is working.
Hope this was helpful.

AWS: how to manage email

I have domain on Godaddy. I will migrate dns for this domain from godaddy to AWS. However, AWS seems to be not the best service to use email (send and receive message like in gmail).
I'm going to use 2 emails: support#example.com and contact#example.com. one of them I will use to send notifications from app on AWS. Second one, I want to use like typical email for daily personal duties.
What solution you can recommend me?
Set me record on AWS route 53 after migration to some another service?
You could use AWS Simple Email Service (SES) to send notifications programmatically from applications using AWS SDK.
Receiving email with SES is also supported, and you can use it to trigger other AWS services, such as Lambda or SNS. In addition, SES can forward received messages to Amazon WorkMail which is an email client you were looking for.
In case if you dont want to pay to Amazon WorkMail since it will cost little more , you can use aws s3 to receive your daily mails.
https://aws.amazon.com/blogs/ses/receiving-email-with-amazon-ses/

How to implement inbound email on Amazon AWS?

I'm relatively new to AWS, but I am trying to figure out how to get AWS to receive emails. According this post How to configure email accounts like support#xyz.com or feedback#xyz.com on AWS SES only handles outbound email.
What I am hoping to achieve is the ability to filter aliases. For example, if the alias is "xyz12alias", then any email sent to "xyz12alias#mydomain.co", can see the email and process the content appropriately. Which in my case will be storing it in account associated with the filter.
Can anybody direct me to a strategy or service within AWS that would allow me to implement inbound email on Amazon AWS?
https://postmarkapp.com/inbound appears to give me what I want, but is there anything within the AWS framework itself? Are there alternate services to postmarkapp?
Thanks.
Amazon Simple Email Service just introduced incoming e-mail support:
https://aws.amazon.com/about-aws/whats-new/2015/09/amazon-ses-now-supports-inbound-email/
In addition to offering a scalable, cost-effective email-sending
platform, Amazon SES can now accept your incoming emails. You can
configure Amazon SES to deliver your messages to an Amazon S3 bucket,
call your custom code via an AWS Lambda function, or publish
notifications to Amazon SNS. You can also configure Amazon SES to drop
or bounce messages you do not want to receive. If you choose to store
your messages in Amazon S3, Amazon SES can encrypt your mail using AWS
Key Management Service (KMS) before writing it to the bucket.
You configure all of these actions by defining receipt rules, which
you set up by using the Amazon SES console or the Amazon SES API.
Receipt rules enable a single message to trigger multiple actions.
Your rules can be as broad or as specific as you choose because you
can configure them to apply to specific email addresses or entire
domains.
You can also use receipt rules to control which messages Amazon SES
can accept on your behalf. Another filtering method is to set up
custom IP address block lists and allow lists. If you know that you
don’t want to receive mail originating from a particular IP address
range, simply add it to your account's IP address block list. You can
also override block lists by adding IP address ranges to your allow
list, which provides fine-grained control over your inbound email
traffic.
You'd have to set up your own server; that's the way to handle it using AWS. They don't provide anything other than their bulk email delivery service. A few links below:
http://jeffreifman.com/how-to-install-your-own-private-e-mail-server-in-the-amazon-cloud-aws/
http://cerebellumstrategies.com/2012/04/15/amazon-linux-postfix-dovecot/
Update: there is now a solution available in AWS, as referenced in the comments below.
Still doesn't appear to be possible on SES. I'd recommend looking at Mandrill and Sendgrid though.
http://mandrill.com/features/
https://sendgrid.com/docs/API_Reference/Webhooks/parse.html
Here is how to use Amazon and any virtual server to deliver email from SES to a local IMAP account.
This plan is about stable operations: every step is under our control.
Have SES receive emails
And deliver to an S3 bucket and send notification to a SNS topic
Subscribe to that notification with HTTPS protocol
Use aws/aws-php-sns-message-validator and write a small PHP script to reveive notifications from SNS through HTTPS
SNS only sends messaged ID-s, put those in a file
Install incron on your server to start a shell script that downloads those messages from the S3 bucket by s3cmd and delivers to the local IMAP account by sendmail
Use any IMAP server, I use Courier IMAP
Read your messages with e.g. Rainloop webmail
Use SES also for sending outgoing emails
When using AWS SES inbound mail support, main challenge is that, it fits well for programmatic tasks, but hardly human readable since it receives in raw message delivered format.
You you can setup a S3 bucket, SNS Topic (Which could again links to Email, SMS & etc.), Lambda to forward the inbound mail with the same format it receives to take any programmatic actions based on the content of the email.
If you want read the message in human readable format, you need to write your own code to do the formatting. For example using Serverless lambda SES forwarder includes, NodeJS code runs in Lambda to convert raw email to human readable format and forward to recipient email.