I have domain with 1&1 and my host is on AWS. I have configured my domain in Route5 and I set MX records. as per below:
10 mydomain.co.uk
10 mx01.1and1.co.uk
10 mx00.1and1.co.uk
The email transfer is working without any problem. The email are stored in 1&1 mail bucket.
I have an application that runs on Cakephp and here is my email Transport configuration.
'EmailTransport' => [
'default' => [
'className' => 'Cake\Mailer\Transport\MailTransport',
/*
* The following keys are used in SMTP transports:
*/
'host' => 'email-smtp.eu-west-1.amazonaws.com',
'port' => 465, // or 587
'timeout' => 30,
'username' => 'info#mydomain.co.uk',
'password' => '*****',
'client' => null,
'tls' => true,
'url' => env('EMAIL_TRANSPORT_DEFAULT_URL', null),
],
Now when I send emails the emails are sent to client account but the emails goes in spam. and I get red rock - email not encrypt.
Here is the example of the mail transfer from client account:
from: Company Name Ltd <info#mydomain.co.uk>
to: Alex Manor <alex.manor#gmail.com>
date: Jan 21, 2019, 11:13 PM
subject: You have requested to reset password
security: ec2-11-11-11-11.eu-west-1.compute.amazonaws.com did not encrypt this message Learn more
Thank to #Greg Schmidt.
'default' => [
'className' => 'Cake\Mailer\Transport\SmtpTransport', //<= The class name has to use SMTP
'host' => 'smtp.ionos.co.uk',
'port' => 587,
'timeout' => 30,
'username' => 'info#mydomain.co.uk',
'password' => '*****',
'client' => null,
'tls' => true,
'url' => env('EMAIL_TRANSPORT_DEFAULT_URL', null),
],
After too much reading now I know you wouldn't need to change you host provider for email transport. As long as the email email transport methos is set correctly. you shouldn't get red lock.
Here is a good guide to configure the email DNS transfer
Log into 1and1 and go to Manage domains.
The domain was currently set to use 1&1 name servers with MX records of mx00.1and1.co.uk mx01.1and1.co.uk
Logged into Amazon Route 53.
Created a hosted zone for my domain.
Clicked Created record set then used the MX records from 1and1 i.e., 0 mx00.1and1.co.uk and 1 mx01.1and1.co.uk - This was
the important bit which ensured I didn't lose my inbound email
Went into SES and selected the option to use Route 53 which created my CNAME and TXT records automatically in Route53
As I had the 1and1 MX records set up in Route53 now, I could then go back to 1and1 and change the DNS settings to use other
name servers, then entered my Amazon Route53 name servers instead.
Note: point #6 is good for who wants to use AWS host for email transport.
Related
Summary:
I tried to obtain AWS Cognito User name (OAuth2 from Google) with Perl module Paws::CognitoIdp::GetUser but I failed the code:
my $GetUserResponse = $cognito_idp->GetUser(
AccessToken => 'MyTokenModelType',
);
with the error Invalid Access Token.
Environment
I am developing Web service with following environment:
AWS + EC2 + Ubuntu 20.04 + nginx 1.20.1 + Perl 5.30.0
Using Cognito with Google OAuth2.0
What I can do now
When you access my Web service, Sign In with Google button will appear. If you click it, you can run my Perl CGI script.
What I cannot do now
I want to obtain your Google user name and mail address, but I cannot.
What I did
I wrote the following code:
my $cognito_idp = Paws->service('CognitoIdp',
region => "ap-northeast-1",
max_attempts => 3,
);
my $GetUserResponse = $cognito_idp->GetUser(
AccessToken => 'MyTokenModelType',
);
my $uname = $GetUserResponse->Username;
Then...
When I access my Web service, it failed with the Software error:
Software error:
Invalid Access Token
Trace begun at /usr/local/share/perl/5.30.0/Paws/Net/JsonResponse.pm line 22
Paws::Net::JsonResponse::process('Paws::Net::JsonResponse=HASH(0x56495fb33d78)', 'Paws::CognitoIdp::GetUser=HASH(0x56495fb41fd0)', 'Paws::Net::APIResponse=HASH(0x56495fde6f38)') called at /usr/local/share/perl/5.30.0/Paws/Net/Caller.pm line 46
Paws::Net::Caller::caller_to_response('Paws::Net::Caller=HASH(0x56495da09a38)', 'Paws::CognitoIdp=HASH(0x56495e05da48)', 'Paws::CognitoIdp::GetUser=HASH(0x56495fb41fd0)', 'Paws::Net::APIResponse=HASH(0x56495fde6f38)') called at /usr/local/share/perl/5.30.0/Paws/Net/RetryCallerRole.pm line 19
Paws::Net::RetryCallerRole::do_call('Paws::Net::Caller=HASH(0x56495da09a38)', 'Paws::CognitoIdp=HASH(0x56495e05da48)', 'Paws::CognitoIdp::GetUser=HASH(0x56495fb41fd0)') called at /usr/local/share/perl/5.30.0/Paws/CognitoIdp.pm line 331
Paws::CognitoIdp::GetUser('Paws::CognitoIdp=HASH(0x56495e05da48)', 'AccessToken', 'MyTokenModelType') called at /DocumentRoot/index.cgi line 16
For help, please send mail to this site's webmaster, giving this error message and the time and date of the error.
Maybe...
I referred following to the documentation
Maybe 'MyTokenModelType' is just the placeholder and I should specify the correct code.
But I don't know how I can make it.
In addition, I want to know how can I obtain not only user name but also user email address.
(Additional Info 2021-11-12)
Thanks to the comment, I read the article:
How to generate access token for an AWS Cognito user?
and I hacked AWS CLI command but I have not got the answer yet.
I think I got to do $ aws connito-idp initiate-auth but I cannot find what arguments I should pass.
In the AWS => Cognito => Users and groups menu, I see the entry of a user of my Web app.
Username: google_??????????
Enabled: Enabled
Account status: EXTERNAL_PROVIDER
Email: (users_email)
I changed my code like this for the experiment to find what information my Web app has.
use Data::Dumper;
my $cognito_idp = Paws->service('CognitoIdp',
region => "ap-northeast-1",
max_attempts => 3,
);
# my $GetUserResponse = $cognito_idp->GetUser(
# AccessToken => 'MyTokenModelType',
# );
# my $uname = $GetUserResponse->Username;
print "Content-type: text/html\n\n\n";
print '<!DOCTYPE html>';
print '<html><pre>';
print Dumper $cognito_idp;
print '</pre></html>';
and I see the contents of $cognito_idp like this:
$VAR1 = bless( {
'_region_for_signature' => 'ap-northeast-1',
...
'credentials' => bless( {
...
'selected_provider' => bless( {
'expiration' => 1636712506,
'actual_creds' => {
'Type' => 'AWS-HMAC',
'SecretAccessKey' => '??????????????',
'Code' => 'Success',
'AccessKeyId' => '???????????????',
'LastUpdated' => '2021-11-12T03:54:16Z',
'Token' => '?????????????????????????????????????',
'Expiration' => '2021-11-12T10:21:46Z'
},
...
I hope I could get the information of the user from the data above.
My question is, how I can specify the MyTokenModelType value of the code:
my $GetUserResponse = $cognito_idp->GetUser(
AccessToken => 'MyTokenModelType',
);
Still I want your info.
Thanks again.
I have an AWS Lambda function:
sendEmail.js
const AWS = require('aws-sdk');
const ses = new AWS.SES();
function sendEmail(subject, message, senderEmail) {
const params = {
Destination: {
ToAddresses: [
process.env.VERIFIED_EMAIL
]
},
Message: {
Body: {
Text: {
Data: message,
Charset: 'UTF-8'
}
},
Subject: {
Data: subject,
Charset: 'UTF-8'
}
},
Source: process.env.VERIFIED_EMAIL,
ReplyToAddresses: [senderEmail]
}
return ses.sendEmail(params).promise();
}
module.exports = sendEmail;
Called from
index.js
const sendEmail = require('./sendEmail');
exports.handler = async (event, context) => {
return sendEmail(event.subject, event.message, event.email).then((response) => { context.done(null, 'Email sent')});
};
I have the env. variable VERIFIED_EMAIL set to a personal e-mail that is verified by AWS/SES.
My test case:
{
"email": "redacted#outlook.com",
"subject": "desc",
"message": "Hello!"
}
Which passes and returns "Email sent" but I don't actually receive an e-mail. I've also deployed the API-GATEWAY and I can call the API w/ Postman and I receive the same "Email sent" message but no e-mail is actually sent.
I don't think it should be an issue with being in sandbox mode because the email I am sending it from is verified.
PS:
When Looking at the SES management console it says that the emails are being sent (they take up part of the 200 daily quota) and then that none of them were bounced or rejected but simply deliveries.
A few things you should check with your SES before diving deeper.
In sandbox mode both "source email address" and "destination email address" have to be verified. Instead a mail won't be delivered.
In case you verify Email Domain so appropriate dns and DKIM records have to be added in your domain. Plus additional whitelist clearance is assumed if you use corporate domains.
Your IAM AWS user should be permitted to execute SES api calls. Check your policies and roles. Check Secret Key and Secret Id you use.
There might be problems when you use inappropriate email types and email sending endpoints (eg you try to send "SingleTemplatedMessage" via "BulkTemplatedMessage" endpoint)
Check all this things first.
Then you might try something else. In my project we use AWS SDK based on java to interact between BE and SES. It provides logs containing message statuses (if a message was sent successfully, rejected, its id and other errors if they occurred)
Additionally to keep track on every single message you send you can set up SES-SNS to exchange with notifications. It's described in the following article
https://sysgears.com/articles/how-to-track-email-status-with-amazon-ses-and-amazon-sns/
Other problems might occur in your mail client (spam filters etc)
Follow the check list to troubleshoot SES email sending:
Check the SMTP credential is ok or not using code shared by AWS
Same credential using in multiple application/IP may not work
Use minimum mail configuration, if you do not know setting value remove it, do not leave it with NULL.
Set, $config['charset'] = 'UTF-8'; // // 'UTF-8', 'ISO-8859-15'
Set, $config['newline'] = "\r\n"; // "\r\n" or "\n" or "\r"
Additional Check
Make sure trying to send email to the same domain if SES account is Sandbox
Check all outbound with mail TCP port is open
If using NATgateway Check both inbound and outbound with mail TCP port is open in open for the mail sending instance in it.
I want to use Mailgun in my Rails application.
When I include through Heroku addon it display error to add credit card number though I wanted the free version.
I looked up and found this code from Mailgun. Could someone tell me how to use it?
require 'mail'
Mail.defaults do
delivery_method :smtp, {
:port => 587,
:address => "smtp.mailgun.org",
:user_name => "",
:password => "",
}
end
mail = Mail.deliver do
to 'bar#example.com'
from 'foo#YOUR_DOMAIN_NAME'
subject 'Hello'
text_part do
body 'Testing some Mailgun awesomness'
end
end
I tried using this but it displays an error - mailgun SSL_read: sslv3 alert bad record mac
You need to sign up with Mailgun and get your SMTP username and password which you would use in the mail configuration.
I am trying to use the built-in driver for Mailgun to send email. Here's what I have done so far.
Installed Guzzle driver.
Added the following to my config\services.php
'mailgun' => [
'domain' => env('sandbox54d5c9ed96434d689f971fd3.mailgun.org'),
'secret' => env('key-e800aa77cbda23ee8471dd5e'),
],
In my config\mail.php I have added
'driver' => env('MAIL_DRIVER', 'mailgun'),
However, now if I try to do forget password. It says we have sent an email but I don't get anything.
The domain is my sandbox domain name and secret is the API Key.
Am I missing something here or doing something wrong? How can I debug if there are some issues?
Sorry for this late answer, just found your question while googling for something different and hope not too late. If you want to save the credentials in .env, do this in your config\services.php:
'mailgun' => [
'domain' => env('MAILGUN_DOMAIN'),
'secret' => env('MAILGUN_SECRET'),
],
Then in your .env file
MAILGUN_DOMAIN=sandbox54d5c9ed96434d689f971fd3.mailgun.org
MAILGUN_SECRET=key-e800aa77cbda23ee8471dd5e
In the config\services.php you just tell the key on .env file with:
'setting' => env('KEY_IN_ENV')
Laravel will then check if the key found and get the value from .env file:
KEY_IN_ENV = setting_value
Or simply like this in your config\services.php only:
'mailgun' => [
'domain' => 'sandbox54d5c9ed96434d689f971fd3.mailgun.org',
'secret' => 'key-e800aa77cbda23ee8471dd5e',
],
Good for you.
I finally got SES to work, but now im confronted with another problem
The email sent leaves amazonses.com in the from and mailed-by fields like thisI am currently on sandbox access
from: name#myDomain.com via amazonses.com
to: john#aol.com
date: Sat, Jun 2, 2012 at 3:30 PM
subject: Subject message
mailed-by: amazonses.com
question: how can i remove amazonses.com from these 2 fileds and replace the 'mailed-by' field with my companies email address?
heres my php
function sendMail($to, $subject, $message, $from ) {
require_once('sdk-1.5.6.2/sdk.class.php');
$AWS_KEY = "********************";
$AWS_SECRET_KEY = "****************************************";
$amazonSes = new AmazonSES(array( "key" => $AWS_KEY, "secret" => $AWS_SECRET_KEY ));
$response = $amazonSes->send_email(
$from,
array('ToAddresses' => array($to)),
array(
'Subject.Data' => $subject,
'Body.Html.Data' => $message,
)
);
if (!$response->isOK()) {
return false;
}else {
return true;
}
return false;
}
sendMail('john#aol.com', "Body message", "Subject message", "name#myDomain.com" );
Since july 2012 it is easy to sign outgoing mail via SES itself.
Instructions are easy and straightforward.
p.s.: sorry for nekroposting, but this question is the one that popped up when I tried to do the same thing.
The reason you're getting this is by default you're encouraged to use Amazon's own DKIM setup.
In order to remove the 'via amazonses.com' text you'll need to follow instructions similar to these in order to set up your own DKIM keys.
Note that I haven't yet tested this myself.
Set the MX and SPF record obtained form amazon ses into your subdomain through which your sending your emails.
eg:
Suppose verified domain on amazon ses is: domain.com
then add the MX and SPF record obtained when you click on verfied domain to the subdomain- abc.domain.com
It will change your mailed by to abc.domain.com
I don't believe you can. SES allows only to send from your domain (or other verified address), and it always has the ses stamp.
Even if your php mail has From address other than the verified email from SES it will go through the SES but via amazonses will show. But if the From address is the verified email with SES then the via address will not show up. So not to show the via address its better to change the php script of sending mail.
You can replace mailed-by with your companie's email address. To do that, you must create a custom MAIL FROM domain which is the domain with subdomain like sub.example.com.
The below is how you create the custom MAIL FROM domain sub.example.com.
Click on the domain example.com.
Then, the detail is shown.
Then, click on MAIL FROM Domain to show Set MAIL FROM Domain button.
Then, clicking on Set MAIL FROM Domain button, the window is open.
Then, put the subdomain "sub" to the field and click on Set MAIL FROM Domain button.
Then, the MX Record and SPF Record are shown. You must add the MX Record and SPF Record to Route 53 in addition to the records of the domain example.com to verify the custom MAIL FROM domain sub.example.com.
Finally, check if the custom MAIL FROM domain sub.example.com is verified under MAIL FROM domain section.
If MAIL FROM domain status is still pending verification, click on retry in blue.
Then, it will be verified.
After the custom MAIL FROM domain is verified, mailed-by is sub.example.com whether or not you send emails using example.com or sub.example.com and whether or not your account is in the sandbox.