How to add MX record for AWS SES? - amazon-web-services

I am trying to set up AWS SES to receive emails and have it sent to my S3 bucket. I can presently send emails but cannot receive any emails. AWS documentation mentions Publishing an MX Record for Amazon SES Email Receiving (Publishing an MX Record for Amazon SES Email Receiving) but it doesn't actually tell you how to do this. Please can someone advise?
I have already created a receipt rule set and created the s3 bucket with the required permissions for emails to be sent there. I think my issue is with not knowing how to publish the MX record.

You need to login to your domain registrar panel to control records associated to it. To find the registrar information, try the ICANN's whois utility https://whois.icann.org/en.
Nearly all registrar's have a FAQ section explaining how to add a recordset to the zone. For eg.:
Gandi - https://wiki.gandi.net/en/dns/zone/mx-record
NameCheap - https://www.namecheap.com/support/knowledgebase/article.aspx/322/2237/how-can-i-set-up-mx-records-required-for-mail-service
GoDaddy - https://in.godaddy.com/help/manage-dns-zone-files-680
etc.

Related

how to receive emails using the aws ses and aws sns?

I am trying to receive emails on a domain email like xyz#example.com and I have done the following steps to get the results but am unable to get that.
Firstly, I have created an SNS topic and linked that SNS topic with HTTPS protocol to a rest API to receive the incoming email details. And then in SES firstly I have verified the domain and then in the email receiving section I have created a rule set and activated that rule set and I have not added recipient condition and in the action I am using AWS SNS topic and same topic which I have created for this email receiving. But I am not able to receive the email content to the endpoint which I have linked to SNS topic. I have added the MX record in Cloudflare DNS and I am using us-east1 for value endpoint.
How can I implement this?
Check your destination rules, if you need receive all traffic domain add your naked domain: example.com, if you need receive traffic for specific address: user#example.com, also check if You have more than one MX record, if You have two or more setup priority for SES.

How to send AWS SES email to same domain that is verified

I have setup Amazon Simple Email Service account on one my my domains. Lets say it example.com
I am not able to send emails to that same domain I have verified.
meaning sending email from noreply#example.com to myemail#example.com is not happening.
I even tried in AWS console's send test email but couldn't send the email.
I couldn't find in AWS SES documentation saying we can't send emails to same domain.
Can we send emails to same domain in AWS SES? If not is it documented in AWS SES?
If yes how can I send them?
I don't see in AWS SES documentation that it doesn't support sending to the same domain name.
I finally got to know that the domain I'm using is configured with Office 365 email provider, the admin have configured Spam filters such a way that it doesn't even enter user's inbox if they recognized it to be sending automated emails from same domain.
Conclusion: its not an issue from Amazon AWS SES but in-house spam filtering.

AWS SES email receiving - 550 mailbox not found

I've been trying to set up AWS Simple Email Service as a way to forward emails received to my custom domain on to my Gmail account, without any email hosting service required.
I have set up and verified my custom domain (mycustomdomain.com) as well as verified the email address they'll be forwarded to (myemail#gmail.com) as I'm still in Sandbox mode.
Under Email Receiving -> Rule Sets, I have an active / enabled rule set (forward-to-myemail-gmail) which is enabled, doesn't require TLS and has spam/virus scanning on.
There are no recipients specified, which I believe should allow this rule to be triggered for ALL recipients under my custom domain.
I have a single SNS action specified, which is to publish to the SNS topic (sns-forward-to-myemail-gmail) using base64 encoding
I have also set up my SNS topic as above and associated subscription, and have tested sending a notification to this topic manually using the console, so have confirmed it works.
However if I try sending an email to, for example, test#mycustomdomain.com, I get a bounce message back saying:
Address not found
Your message wasn't delivered to test#mycustomdomain.com because the address couldn't be found or is unable to receive email.
The response was:
550 Mailbox does not exist!
I've also confirmed that the MX records have been set up correctly using mxtoolbox.com, which says the domain records point to feedback-smtp.us-west-2.amazonses.com
Any suggestions for what I'm doing wrong? Many thanks!
Ok I figured it out... User error, as expected!
I had two MX records, one for the "mail" subdomain and another for "#" meaning the base domain. Both were set to the feedback endpoint, which was the problem. I think I was misunderstanding the two MX records.
The "mail from" configuration that used the SES feedback endpoint needed to be set for the sending subdomain (mail.mycustomdomain.com) while the SES inbound SMTP endpoint should have been used for the receiving domain (#, which means mycustomdomain.com).
Before when I was setting both to the same value I found either get a verified MAIL FROM or received email but not both. Obvious in hindsight! Hope this helps someone else.
For anyone else that had some trouble understanding ChrisC's answer, here is more detail on what I needed to do. I setup my domain using Route53, but other domain providers is similar.
TL;DR
Create a custom MAIL FROM domain
Add the following records to Route53 or your DNS provider:
Record name
Type
Value/Route traffic to
mail.customdomain.com
MX
10 feedback-smtp.[region].amazonaws.com
customdomain.com
TXT
"v=spf1 include:amazonses.com ~all"
customdomain.com
MX
10 inbound-smtp.[region].amazonaws.com
Outbound mail
Go to the Amazon SES AWS console. Under "Configuration," go to "Verified Identities." Under "Custom MAIL FROM domain," provide a custom subdomain (e.g., mail.customdomain.com). Select the option to add the DNS records (an MX record and a TXT record) to Route53 (or just add them manually). See this page in the AWS docs regarding custom MAIL FROM domains.
Inbound mail
Go to the Route53 AWS console. Under "Hosted zones," click on the domain you want to enable for receiving emails. Add an MX record for the base domain (e.g., customdomain.com) with the following value [priority] inbound-smtp.[region].amazonaws.com, where [region] can be us-east-1, us-west-2, or eu-west 1 (see this page for full details). Do NOT use email-smtp.[region].amazonaws.com for receiving inbound mail. I received a 530 Authentication required error in the bounce email when attempting to do so.
See this page in the AWS docs regarding publishing an MX record for receiving SES email.
Thanks for the answers above. For anyone else working through this, in my case the feedback value (for the mail.xxx.com had to be:
10 feedback-smtp.[region].amazonses.com
While the root domain value had to be:
10 inbound-smtp.[region].amazonaws.com
note that the feedback domain is AMAZONSES while the inbound domain is AMAZONAWS.

Hosting Google Domain on AWS EC2

I'm not sure if this is the place to ask this.
I recently bought a domain from Google and setup email forwarding so that emails sent to 'me#domain.com' get sent to the gmail of the account that owns the domain, then I stared an ec2 instance on AWS. I changed my nameservers in Google domains so that when I go to my domain, I get my ec2 instance and this works correctly.
However, now my email forwarding no longer works, so I tried setting up a MX in route 53 on AWS using
5 gmr-smtp-in.l.google.com.
10 alt1.gmr-smtp-in.l.google.com.
20 alt2.gmr-smtp-in.l.google.com.
30 alt3.gmr-smtp-in.l.google.com.
40 alt4.gmr-smtp-in.l.google.com.
with no name as I have read online. I am still not recieving emails like i used to and am unsure what to do. Thanks in advance
Have you considered using AWS SES and AWS Lambda to forward your emails?
First, you need to verify your domain - Amazon SES Domain Verification TXT Records
Second, create an S3 bucket with a unique and meaningful name. This will be used to store emails, for example ascisolutions.com-emails . Create a folder inside this bucket to store emails.
Third, create a Lambda function to forward the emails. See AWS Lambda SES Email Forwarder for files needed for AWS Lambda and instructions how to set it up as it requires to modify a config file.
Next, you need to create a rule set - Creating a Receipt Rule Set for Amazon SES Email Receiving
After that, you need to create a rule in the new rule set to let SES know what to do with the email that it received - Creating Receipt Rules for Amazon SES Email Receiving
Next, you want to update your MX records - Publishing an MX Record for Amazon SES Email Receiving
When you're done, wait a few minutes for DNS to update and then test to see if email forwarding is working.
Hope this was helpful.

Changing MAIL FROM Domain in Amazon AWS SES

I'm using a marketing email application called Mautic to use AWS SES to send emails. I'm receiving the emails successfully but they're all from the domain amazonses.com. I followed the AWS SES documentation to verify ownership of my domain, I enabled SPF and DKIM successfully, and I put the proper MX records into my GoDaddy DNS. Everything is 'verified' in the AWS Console, but I'm not sure how to get it to use the "MAIL FROM" domain I've setup. Mautic has no settings with respect to the "MAIL FROM" domain so I'm pretty sure I'm just missing the last step on the SES in order to get it to actually use the 'from' domain I've setup.
Please let me know if I can provide any more details that might be helpful. Thanks for your time in advance!
I had the same issue, but it was because I had verified my email address before I set up the MAIL FROM domain. In this case, if you look at the details for the verified email address, you will see the MAIL FROM domain set to amazonses.com. It appears that SES uses this value when sending from this email regardless of the MAIL FROM domain setting.
Since my domain is verified, my solution was to simply delete the verified email. Now when I send emails, it uses the domain default which is my MAIL FROM domain setting.
If you are using verified email addresses, check that it shows the MAIL FROM domain that you want to use in the details.
Ah, I figured it out. In Step 8 of this document it says "You can now use Amazon SES to send email that is signed using a DKIM signature from any valid address in the verified domain." I didn't realize I had to have a verified email from this domain under the "Email Addresses" section of the SES console. I created an email address in my domain, verified it using SES, and now my application can use SES to send email on behalf of my own domain!
AWS also has a Custom Mail From domain setup option. Here is the doc:
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/mail-from.html
Follow the directions very carefully and don't forget you need an SPF record for the new subdomain you create for the Mail From - otherwise SES won't pass it in the header.