We are using AWS SNS to send out email for Alarms .We receive the email with subject Newsletter/Marketing which we are trying to avoid.
Is there any way where we can configure the subject for SNS notification email in AWS console??
We receive the email with [the] subject [prefixed with] Newsletter/Marketing which we are trying to avoid
This does not sound like anything CloudWatch or SNS would be adding.
This sounds like something your email service or server is adding, after the mesage is received, in a misguided effort to be "helpful."
Examine the headers of the incoming mesage -- you may see evidence of this tampering. Or Send the email to a mailbox on a different mail service, such as Gmail (which I assume you are not using, since my CloudWatch alarms do not show this), and examine what you see in the message.
Related
My organization's AWS account got an alert that we sent over 10,000 emails last week, many of which were marked as spam.
The catch is: No emails were supposed to be sent, we don't know who did it, and thus we're suspecting that it was a malicious actor.
How can we see a history of all emails sent and log all future SES emails? Specifically, can we see the contents of those emails? Is there a way we can determine who/which user sent those emails?
I'd like to emphasize that I need to see all emails sent by SES, regardless of region or any other parameters.
Any other tips or tricks?
This tutorial seems like overkill:
https://aws.amazon.com/premiumsupport/knowledge-center/ses-email-sending-history/
How can we see a history of all emails sent and log all future SES emails?
yes using CloudWatch Metrics you can easily find all the metrics associated with ses, for future try using a notification system using cloudwatch and sns when something happens
Docs https://docs.aws.amazon.com/ses/latest/dg/monitor-sending-activity-console.html
Is there a way we can determine who/which user sent those emails?
Yes use cloud trail events
can we see the contents of those emails?
I am afraid No, you can't, you might need to build custom solution like creating an event, and then processing contents with lambda.
Im using AWS Lambda for sending emails by Amazon SES.
Each time that the request send_email succeeds I got the message id like confirmation.
But now, I want to use somehow this messageId. For example to know if this message concretelly get delivered or bounced.
CloudWatch offers me metrics, with the number of delivered or bounced messages but I want to look throught each one.
¿Is there any statement that allows to know the state of a message by id?
Due to the asynchronous nature of SMTP and how mails are being routed, you can't have this information immediately when sending an e-mail (via SES or otherwise).
However, AWS provides a feedback system which notifies an SNS topic when a message is delivered, bounced, or a complaint was received.
While the documentation is very detailed, the general idea is that you subscribe your own lambda(s) to the configured SNS topic(s) and you can then handle these events as you see fit (i.e. persist data on DynamoDB, call your unsubscribe API and so on).
We use Amazon's SES service, and have set up Topics and Subscriptions under SNS (Simple Notification Service) so that we get notification emails when an email is bounced or successfully delivered. That's all working fine.
We sometimes send emails via SES on behalf of one of our partners, and before we can do that we need to verify their email address. The process is that the system asks SES to send out a verification email to the person saying "Example.com wants to send emails on your behalf, is that ok?", with a link for them to click. If they click it, then that email is marked as Verified within SES, and we can use it as a from address.
What I can't work out is how to automate the process of knowing whether they've clicked the link yet. I can log in to the AWS dashboard, and go and look at the list of verified email addresses, but i'd like to make it an automated process.
What would be ideal is if it worked the same way as bounces & deliveries: that i set up a "Verification" topic, and subscribe to it so we get an email like we do with bounces and deliveries. Then, the scheduled job that deals with incoming email notifications can say "Aha, this is a verification email for foobar#example.com: I'll mark their account as 'ses-verified'".
Does anyone know if it's possible to set this up? All the docs on the SES site just talk about bounces, deliveries and complaints.
thanks, Max
You can use the GetIdentityVerification api call in the SES part of the awssdk:
https://docs.aws.amazon.com/ses/latest/APIReference/API_GetIdentityVerificationAttributes.html
You could do this in a serverless way by having a lambda function do the check, and expose the lambda as an API endpoint to your application (among other ways).
Alternatively you could just try to send a single test email to a test/internal email address and check if it gives you an error - if its not verified, it will return an error immediately when you try to do the send.
EDIT:
If you want to use the CLI instead:
aws ses get-identity-verification-attributes --identities "mailbox#thedomain.com"
Is there a way to identify the originating email from a complaint notification in Amazon's SES? For example if we have 3 different mailing groups all sending different emails, and the recipient doesn't like 1 of them and reports it as spam, is there anything in the SES notification that would help us identify which email, and therefore which mailing group, we need to act on?
Yes, there is! From the docs:
Monitor your bounces and complaints and remove any bounced or
complained recipient addresses from your mailing list. You can be
notified of bounces and complaints in one of two ways: by email or by
Amazon Simple Notification Service (Amazon SNS) notifications. For
more information, see Monitoring Using Amazon SES Notifications.
Basically you can receive an email of a SNS notification (email, SMS, queue, etc.) to handle this. I would suggest SNS as it's way more flexible and the cost shouldn't be a problem (considering you don't have loads of complaints, of course!). Take a look:
Monitoring Using Amazon SES Notifications
EDIT: to identify the specific message the complaint is about, you'll need to store the unique ID created by SES when you send the message. From this AWS blog post:
Amazon SES assigns a unique message ID to each email that you
successfully submit to send. When Amazon SES receives a bounce or
complaint message from an ISP, we forward the feedback message to you.
I have used complaints treatment but never paid attention to this message ID. Anyway, looks like the path to follow.
Yes, you can do that
For each of the email that you send out via the SES, it gives back a messageID which is unique for every message that goes out (In your case it will be unique for each of the 3 mails that you send to the same recipient).
You need to persist that somewhere when you send emails.
Now when a complain occurs SES gives back the original messageId that this particular email was sent with.
And this way you can look up your local persistance and find out which of the 3 emails did the user complained for
I am still in the sandbox of Amazons SES trying set a bounce email handler.
I am using the mailbox simulator to test a bounce/complaint email.
I have created a SNS topic (and I have subscribed to receive notifications from this topic):
I have selected this topic to receive bounce email notifications, then I have disabled email notifications:
However, when I send e-mails to bounce#simulator.amazonses.com from SES I still receive a bounceback e-mail and there aren't updates in the SNS topic.
I will try to make this issue clearer with some screenshots.
It can happen outside the sandbox too.
I did not realise that the Amazon SES console can set a SNS bounce/complaint topic for the domain, as well as a separate SNS setting for every verified email address.
So each verified email address can have its own different SNS bounce/complaint topic if you want! If you want them all the same, you have to go and set them all up in the console: tell each one to use SNS, otherwise they have 'Email Feedback Forwarding' set to "enabled" and this will override the setting at domain level.
The configurations of not receiving "Email Feedback" and sending Bounce emails to SNS Topic were set to my Domain example.com.
In my Verified Emails I had myself#example.com and I was sending e-mails with it.
It happens that my verified e-mail itself had these configurations too, so when I set them to be like those of my domain, everything started working.
If I had tried to send e-mails with anythingelse#example.com it would've worked.
Email Feedback Forwarding and SES notifications via Amazon SNS are exposed as two separate mechanisms. The linked documentation describes as much:
You must receive bounce and complaint notifications either by email or
through Amazon SNS – The default method is by email, through a feature
called email feedback forwarding.
Since you've shown that Email Feedback Forwarding is disabled, you are likely still receiving bounce notifications via your verified SNS email subscription.
To test, try removing your email subscription from the SNS topic and then sending an email to the bounce simulator again. To test further, you could subscribe a different email address or even an SQS queue to verify that bounce notifications are still being published.