We have auditing requirements that may require us to go back and keep a copy of the email sent out. We're using Amazon SES to send out emails.
Is there any way to retain logs about the email and its contents or should I simply cc the email to some other email account to be used for auditing and trouble shooting later?
You can make use of AWS CloudTrail which keeps track of all APIs including SES. When you enable CloudTrail for SES, all your activity is stored in a S3 bucket which you can retrieve anytime you want.
Take a look at: Logging Amazon SES API Calls By Using AWS CloudTrail
There isn't really a native feature within SES for keeping a copy of sent emails. But there is a feature for storing a copy on S3 for received emails. So if you take your idea of cc'ing or bcc'ing an email box you control then you could follow this instructions. Its a bit of hack but its low effort.
Related
I'm trying to setup Amazon Cognito, and according to what it says in the console I need to sign up for Amazon SES in order to send the confirmation code and forgot password messages.
So I applied for Amazon SES access through their support center explaining that I will only be using Amazon SES in conjunction with Cognito. I also included all the normal information they request, such as domain name, how bounces are handled, etc.
They replied denying access with this as the explanation:
We made this decision because we believe that your use case would impact the deliverability of our service and would affect your reputation as a sender. We also want to ensure that other Amazon SES users can continue to use the service without experiencing service interruptions.
So I found this puzzling, because my understanding is that I have to signup for SES in order to have production user registration and confirmation with Amazon Cognito.
Does anyone know if we can use Cognito without SES or if there is some other way of handling this?
You can configure Cognito to send all emails via a Lambda function. Inside that function you can perform the email sending using any email service you want.
I would like to send a verification code to a specific user (only one) via email or text message. I have successfully done so through Amazon SES but I have not attempted through Amazon SMS yet. I have found myself going down the rabbit hole of investigating AWS Pinpoint.
It seems to me Pinpoint is meant for mass user messaging (text/email) rather than one-of individual messaging. I'm hoping I gathered that correctly.
My question, is there an advantage/disadvantage of using Pinpoint over Amazon SES and SMS for my use case?
This may be addressed by the Pinpoint FAQ
Q: I already use Amazon SNS or Amazon SES. What do I gain by switching
to Amazon Pinpoint?
In typical Amazon SNS and Amazon SES use cases, you have to set up
your application to manage each message's audience, content, and
delivery schedule. These same features are built in to Amazon
Pinpoint. With Amazon Pinpoint, you can create message templates,
delivery schedules, highly-targeted segments, and full campaigns.
Pinpoint also appears to be able to push notifications to users through the users preferred contact mechanism. This means that you are not limited to SMS and you reach your users with activation codes through the means they want to be reached. It also allows two-way communication.
The Pinpoint homepage also says:
You can send direct messages—such as order confirmations, welcome
messages, and one-time passwords—using the console or the Amazon
Pinpoint REST API. You can also use the API to build custom
applications that deliver campaign and transactional messages across
multiple channels.
This suggest it is suitable for your uses, though it has additional mass-communication features you do not currently need.
In addition to above points mentioned by #Freiheit you can send and receive SMS messages through Amazon Pinpoint. This will help you to track user response and create surveys, reviews and quiz like scenarios.
Check this AWS Documentation link
I have an application that automatically sends thousands of emails per hour using Amazon Web Service's Simple Email System (SES).
How/where can I view a report of email bounces?
EDIT:
Below #Neil shows how I can setup SNS to email me about bounced emails. But is there any way I can see a report of Bounced emails in the past? Going forward is there a way I can see a bounce report/table instead of getting an email notification every time an email bounces?
It has been long time wanted but there's no built-in feature for now.
I suggest you push on this thread so Amazon gives more info about the roadmap to integrate this feature
You can configure AWS to email you via SNS. See here
You can configure SES to send bounces (and complaints, and even deliveries) to an SNS endpoint.
From SNS, you can configure different subscribers: email, http(s), or a couple other options. The interesting option is Lambda. Create a Lambda end point, and then write a simple function that inserts the information you want to track into DynamoDB.
This might cost you a few cents/month, but you have control over what you're recording and how to access it.
We've changed our email service from Mandrill to Amazon SES. We are using it with SMTP.
In Mandrill we had access to some details such as:
raw content of the emails
delivery dates
is the email viewed by the recipient
are the links in the email clicked
But in SES Management Console > Sending Statistics page it shows only the numbers without any details for deliveries, bounces, complaints & rejects.
And I've looked into CloudTrail, CloudWatch & S3 combination with no luck. Also I'm not sure if this is still valid but this page says
All Amazon SES APIs except for the email-sending APIs (SendEmail and SendRawEmail) are supported.
So I can't seem to log these data with CloudTrail.
Can I log them via another method (maybe a third party tool?). How do other people log these? Or do they? Maybe it's not possible with SMTP but possible with only API?
Example scenario
We're using multiple IAM access keys (with multiple users) for SES. Let's say there is 50% increase in complaints. Doesn't AWS offer any tool to find the culprit access key?
I had found this thread when trying to get easy access to who Amazon SES sent emails to, at what time, etc. I found the tutorials at Amazon pretty helpful:
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/event-publishing-tutorials.html
I actually tried all four of them. I couldn't figure out how to get the CloudWatch path to actually show who the email went to, but the other ones worked. I eventually settled on the Amazon Redshift path:
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/event-publishing-redshift.html
It works well for me and provides an SQL query view into the "log" data. They do have a new Query tool, so you don't have to use JDBC/ODBC if you don't want to.
Hoping this will help someone else looking...
For raw content logging, you would have to proxy the SMTP requests through some service that logs everything and then sends it to SES, or just log everything in your code before making the call to SES.
For delivery rates you would have to setup SNS listeners to process SES bounce notifications.
For email viewed and links clicked you would have to build your own analytics service to add tracking to the emails you send, or find some third-party service that does that for you.
There is a reason SES is so much cheaper than other email services like Mandrill, it is because you don't get all the features that the other services provide. Honestly if you want things like click tracking analytics I would suggest you rethink moving away from Mandrill, or look at other email services like SendGrid. SES is more of a raw email sending service that doesn't provide any of those higher-level features you are looking for.
I'm relatively new to AWS, but I am trying to figure out how to get AWS to receive emails. According this post How to configure email accounts like support#xyz.com or feedback#xyz.com on AWS SES only handles outbound email.
What I am hoping to achieve is the ability to filter aliases. For example, if the alias is "xyz12alias", then any email sent to "xyz12alias#mydomain.co", can see the email and process the content appropriately. Which in my case will be storing it in account associated with the filter.
Can anybody direct me to a strategy or service within AWS that would allow me to implement inbound email on Amazon AWS?
https://postmarkapp.com/inbound appears to give me what I want, but is there anything within the AWS framework itself? Are there alternate services to postmarkapp?
Thanks.
Amazon Simple Email Service just introduced incoming e-mail support:
https://aws.amazon.com/about-aws/whats-new/2015/09/amazon-ses-now-supports-inbound-email/
In addition to offering a scalable, cost-effective email-sending
platform, Amazon SES can now accept your incoming emails. You can
configure Amazon SES to deliver your messages to an Amazon S3 bucket,
call your custom code via an AWS Lambda function, or publish
notifications to Amazon SNS. You can also configure Amazon SES to drop
or bounce messages you do not want to receive. If you choose to store
your messages in Amazon S3, Amazon SES can encrypt your mail using AWS
Key Management Service (KMS) before writing it to the bucket.
You configure all of these actions by defining receipt rules, which
you set up by using the Amazon SES console or the Amazon SES API.
Receipt rules enable a single message to trigger multiple actions.
Your rules can be as broad or as specific as you choose because you
can configure them to apply to specific email addresses or entire
domains.
You can also use receipt rules to control which messages Amazon SES
can accept on your behalf. Another filtering method is to set up
custom IP address block lists and allow lists. If you know that you
don’t want to receive mail originating from a particular IP address
range, simply add it to your account's IP address block list. You can
also override block lists by adding IP address ranges to your allow
list, which provides fine-grained control over your inbound email
traffic.
You'd have to set up your own server; that's the way to handle it using AWS. They don't provide anything other than their bulk email delivery service. A few links below:
http://jeffreifman.com/how-to-install-your-own-private-e-mail-server-in-the-amazon-cloud-aws/
http://cerebellumstrategies.com/2012/04/15/amazon-linux-postfix-dovecot/
Update: there is now a solution available in AWS, as referenced in the comments below.
Still doesn't appear to be possible on SES. I'd recommend looking at Mandrill and Sendgrid though.
http://mandrill.com/features/
https://sendgrid.com/docs/API_Reference/Webhooks/parse.html
Here is how to use Amazon and any virtual server to deliver email from SES to a local IMAP account.
This plan is about stable operations: every step is under our control.
Have SES receive emails
And deliver to an S3 bucket and send notification to a SNS topic
Subscribe to that notification with HTTPS protocol
Use aws/aws-php-sns-message-validator and write a small PHP script to reveive notifications from SNS through HTTPS
SNS only sends messaged ID-s, put those in a file
Install incron on your server to start a shell script that downloads those messages from the S3 bucket by s3cmd and delivers to the local IMAP account by sendmail
Use any IMAP server, I use Courier IMAP
Read your messages with e.g. Rainloop webmail
Use SES also for sending outgoing emails
When using AWS SES inbound mail support, main challenge is that, it fits well for programmatic tasks, but hardly human readable since it receives in raw message delivered format.
You you can setup a S3 bucket, SNS Topic (Which could again links to Email, SMS & etc.), Lambda to forward the inbound mail with the same format it receives to take any programmatic actions based on the content of the email.
If you want read the message in human readable format, you need to write your own code to do the formatting. For example using Serverless lambda SES forwarder includes, NodeJS code runs in Lambda to convert raw email to human readable format and forward to recipient email.