How do you strip the attachments from AWS SES-SNS incoming emails? - amazon-web-services

My problem statement is as follows:
I have configured AWS SES to receive emails on a subdomain. SES then send a notification to our web application via SNS. Now, SNS has a 150kb limit and therefore any emails with an attachment of sive>150kb is bounced.
My question is:
Is there a way to strip the SES email of the attachments before dispatching through SNS?
One solution is to save the attachments in S3, but we have absolutely no use for the attachments at this point and would prefer not incurring additional S3 costs for nothing. I have looked at multiple AWS documentation and have not been able to find a solution. Any pointers will be greatly appreciated.

AFAIK, there is no direct way or configuration to achieve this. One workaround is to trigger a simple event driven Lambda function to extract an attachment from an email and discard it.

Related

AWS Help, Email to S3 to Lambda to Push Notification

So my plan is to receive an email which will be saved to an s3 bucket and also trigger a lambda function which will send a mobile push notification. Firstly is it possible, I've worked on this for a while and I'm pretty sure it is, although errors keep popping up. My current problem is that my emails are not saving into my S3 bucket, when they are saved this message from AWS comes up - message saved in S3 Bucket
Any help is very appreciated, and maybe some other opinions on my plan would also be fantastic.
Yes, it is possible :) The message in your screenshot just lets you know that you have successfully setup the S3 receipt rule action.
On a high level you have to take the following steps:
Verify your domain to receive emails. This means adding certain DNS records that point to AWS SES. It's easy to do this if your domain is registered with Route53 because the UI in SES offers you to do that with a button click. Explained here for Route53 For other domain providers you have to take a few more manual steps: Add a TXT record pointing to SES to prove you own the domain and Add an MX record pointing to SES for receiving mails
Create a receipt rule set in AWS SES. This allows you to configure what should happen when you receive an email for certain email address(es). Explained here The detailed config what should happen is defined in receipt rules.
For this rule set, setup a receipt rule to store the email file in S3. Also explained here
For this rule set, setup another receipt rule to trigger a Lambda function that sends you a notification or does whatever you want to do with the email. Lambda Action options explained here (Alternatively, you can setup an SNS Action and trigger an SNS topic to which you subscribe using your phone number - however, the SNS message will be a JSON string that includes all metadata as well, so it's not easy to read -> I'd preprocess it first using a Lambda function and that's what you probably want to do)
Did you follow these steps? Is there any error happening?
All these steps require quite a bit of manual work. Also, it's tough to setup more complex scenarios in case this is necessary and requires you to manually adjust the settings like changing a receipt rule. Depending on what you want to achieve, I can recommend you to look into some further links that help you creating these environments for you in a (semi-)automated way:
A library to forward emails to any other email address but still requires a lot of manual work, e.g. to verify a domain or setup the receipt rules.
CloudFormation custom resources to automate the SES domain verification (Afaik this is also available as a Serverless Application in the Serverless Application Repository)
I recently ran into your scenario in a similar way and have created an AWS CDK construct to make it easier to forward emails to other mail addresses: Serverless email receiving with SES using AWS CDK You could add some further automation (e.g. notification to Slack) in your target email address account like Gmail if you are keen to make your hands a bit dirty.
A slightly different approach is taken here with a Serverless email setup using S3 and SES. Maybe you get some inspiration out of it for your own situation or can use it in some other way. It's using CloudFormation to setup almost everything.
If you have more questions, just let me know.

How to track how many mails have been sent from each domain in Amazon SES

I am currently trying to configure a way to track the emails that i am sending through Amazon SES by using multiple domains. What i really want to achieve is to be able to track how many emails have been sent from each domain seperately. It is something i can achieve throught SES API ?I couldn't find any solution to this.
There is no AWS offered API for that. You can set up SES delivery notifications. This pushes notification to SNS topic. You can then create a subscription to this SNS topic. This really opens up much more possibilities of what you can do to achieve your goal. The simplest approach could be just sending an email and processing it in your email client if you don't have many emails sending out from SES. More sophisticated approaches may involve setting up an HTTP endpoint and letting SNS send back HTTP(S) data, or utilizing AWS lambda and SQS, etc.

How can I see a report of my AWS Bounced emails?

I have an application that automatically sends thousands of emails per hour using Amazon Web Service's Simple Email System (SES).
How/where can I view a report of email bounces?
EDIT:
Below #Neil shows how I can setup SNS to email me about bounced emails. But is there any way I can see a report of Bounced emails in the past? Going forward is there a way I can see a bounce report/table instead of getting an email notification every time an email bounces?
It has been long time wanted but there's no built-in feature for now.
I suggest you push on this thread so Amazon gives more info about the roadmap to integrate this feature
You can configure AWS to email you via SNS. See here
You can configure SES to send bounces (and complaints, and even deliveries) to an SNS endpoint.
From SNS, you can configure different subscribers: email, http(s), or a couple other options. The interesting option is Lambda. Create a Lambda end point, and then write a simple function that inserts the information you want to track into DynamoDB.
This might cost you a few cents/month, but you have control over what you're recording and how to access it.

AWS SES - Logging SendEmail & SendRawEmail calls (SMTP)

We've changed our email service from Mandrill to Amazon SES. We are using it with SMTP.
In Mandrill we had access to some details such as:
raw content of the emails
delivery dates
is the email viewed by the recipient
are the links in the email clicked
But in SES Management Console > Sending Statistics page it shows only the numbers without any details for deliveries, bounces, complaints & rejects.
And I've looked into CloudTrail, CloudWatch & S3 combination with no luck. Also I'm not sure if this is still valid but this page says
All Amazon SES APIs except for the email-sending APIs (SendEmail and SendRawEmail) are supported.
So I can't seem to log these data with CloudTrail.
Can I log them via another method (maybe a third party tool?). How do other people log these? Or do they? Maybe it's not possible with SMTP but possible with only API?
Example scenario
We're using multiple IAM access keys (with multiple users) for SES. Let's say there is 50% increase in complaints. Doesn't AWS offer any tool to find the culprit access key?
I had found this thread when trying to get easy access to who Amazon SES sent emails to, at what time, etc. I found the tutorials at Amazon pretty helpful:
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/event-publishing-tutorials.html
I actually tried all four of them. I couldn't figure out how to get the CloudWatch path to actually show who the email went to, but the other ones worked. I eventually settled on the Amazon Redshift path:
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/event-publishing-redshift.html
It works well for me and provides an SQL query view into the "log" data. They do have a new Query tool, so you don't have to use JDBC/ODBC if you don't want to.
Hoping this will help someone else looking...
For raw content logging, you would have to proxy the SMTP requests through some service that logs everything and then sends it to SES, or just log everything in your code before making the call to SES.
For delivery rates you would have to setup SNS listeners to process SES bounce notifications.
For email viewed and links clicked you would have to build your own analytics service to add tracking to the emails you send, or find some third-party service that does that for you.
There is a reason SES is so much cheaper than other email services like Mandrill, it is because you don't get all the features that the other services provide. Honestly if you want things like click tracking analytics I would suggest you rethink moving away from Mandrill, or look at other email services like SendGrid. SES is more of a raw email sending service that doesn't provide any of those higher-level features you are looking for.

How to implement inbound email on Amazon AWS?

I'm relatively new to AWS, but I am trying to figure out how to get AWS to receive emails. According this post How to configure email accounts like support#xyz.com or feedback#xyz.com on AWS SES only handles outbound email.
What I am hoping to achieve is the ability to filter aliases. For example, if the alias is "xyz12alias", then any email sent to "xyz12alias#mydomain.co", can see the email and process the content appropriately. Which in my case will be storing it in account associated with the filter.
Can anybody direct me to a strategy or service within AWS that would allow me to implement inbound email on Amazon AWS?
https://postmarkapp.com/inbound appears to give me what I want, but is there anything within the AWS framework itself? Are there alternate services to postmarkapp?
Thanks.
Amazon Simple Email Service just introduced incoming e-mail support:
https://aws.amazon.com/about-aws/whats-new/2015/09/amazon-ses-now-supports-inbound-email/
In addition to offering a scalable, cost-effective email-sending
platform, Amazon SES can now accept your incoming emails. You can
configure Amazon SES to deliver your messages to an Amazon S3 bucket,
call your custom code via an AWS Lambda function, or publish
notifications to Amazon SNS. You can also configure Amazon SES to drop
or bounce messages you do not want to receive. If you choose to store
your messages in Amazon S3, Amazon SES can encrypt your mail using AWS
Key Management Service (KMS) before writing it to the bucket.
You configure all of these actions by defining receipt rules, which
you set up by using the Amazon SES console or the Amazon SES API.
Receipt rules enable a single message to trigger multiple actions.
Your rules can be as broad or as specific as you choose because you
can configure them to apply to specific email addresses or entire
domains.
You can also use receipt rules to control which messages Amazon SES
can accept on your behalf. Another filtering method is to set up
custom IP address block lists and allow lists. If you know that you
don’t want to receive mail originating from a particular IP address
range, simply add it to your account's IP address block list. You can
also override block lists by adding IP address ranges to your allow
list, which provides fine-grained control over your inbound email
traffic.
You'd have to set up your own server; that's the way to handle it using AWS. They don't provide anything other than their bulk email delivery service. A few links below:
http://jeffreifman.com/how-to-install-your-own-private-e-mail-server-in-the-amazon-cloud-aws/
http://cerebellumstrategies.com/2012/04/15/amazon-linux-postfix-dovecot/
Update: there is now a solution available in AWS, as referenced in the comments below.
Still doesn't appear to be possible on SES. I'd recommend looking at Mandrill and Sendgrid though.
http://mandrill.com/features/
https://sendgrid.com/docs/API_Reference/Webhooks/parse.html
Here is how to use Amazon and any virtual server to deliver email from SES to a local IMAP account.
This plan is about stable operations: every step is under our control.
Have SES receive emails
And deliver to an S3 bucket and send notification to a SNS topic
Subscribe to that notification with HTTPS protocol
Use aws/aws-php-sns-message-validator and write a small PHP script to reveive notifications from SNS through HTTPS
SNS only sends messaged ID-s, put those in a file
Install incron on your server to start a shell script that downloads those messages from the S3 bucket by s3cmd and delivers to the local IMAP account by sendmail
Use any IMAP server, I use Courier IMAP
Read your messages with e.g. Rainloop webmail
Use SES also for sending outgoing emails
When using AWS SES inbound mail support, main challenge is that, it fits well for programmatic tasks, but hardly human readable since it receives in raw message delivered format.
You you can setup a S3 bucket, SNS Topic (Which could again links to Email, SMS & etc.), Lambda to forward the inbound mail with the same format it receives to take any programmatic actions based on the content of the email.
If you want read the message in human readable format, you need to write your own code to do the formatting. For example using Serverless lambda SES forwarder includes, NodeJS code runs in Lambda to convert raw email to human readable format and forward to recipient email.