Amazon SES e-mail

 In Amazon AWS

Configuring Amazon AWS SES E-mail Services

for your Linux Account & WordPress

Important Installation Update Dec 2022

Lambda functions now use Node18 which uses Javascript SDK3.
This will not work for the email coding examples.
Simply use Node16 (which uses SDK2). When creating a Lambda file, you can rename index.mjs to index.js if it presents you with that naming.

IAM permissions may fail if your Lmabda functions omit to provide S3, Cloudwatch and Lambda full access. I now use all three and even inclide Administrator Full Access.

Surely down the track someone will provide the equivalent SDK3 functions.

This article may be used to configure an Amazon AWS account for SES e-mail services with your domain name, postfix, and your WordPress site.

These steps are involved and show the direction for an end-to-end configuration.

Once you know how to do these configurations it is not so hard at future times, but coming up to speed on all this without this documentation is a long and steep learning curve.

I no longer use Proton mail, rather MS Exchange. Some clients also use Amazon Workmail, or Google Business. Where there is no significant need for such services, basic SES can forward emails to an existing email address at no real cost.

NOTE: for an e-mail BIMI logo this is still up in the air as to how it will unfold in the future. You cannot afford to buy a VMC certificate.

However, if BIMI is working, with the correct DNS records, it WILL NOT WORK if the bimi logo .svg file is not in a website of the same domain name. I have tried redirects to other sites, but it has not worked for me. So, if you have myname@mydomain.au for your emails, you have to have HTTPS configured on an actual mydomain.au website. S3 website buckets do not work either.

Is it Viable to Build Your Own Email Service

No – Not really

Over the last couple of years I kept revisiting this with many hours in configurations and testing. Eventually I configured a basic and secure service, but it is a very complex specialist area. I don’t recommend building a server unless as a technical exercise – which would open up various topics to learn more about.

So, without one’s own service, it is best to use SES to forward emails to an existing service, or to pay for Amazon WorkMail or MS Outlook Exchange (there are others).

Mail services are highly complex and costly, with companies investing millions of dollars in it. The configurations are like all the wires you would have inside a jet airplane – it is very complex and interdependent.

Or perhaps think of it as murky seaweed tendrils that go off into any direction. You will take a long time to get somewhere.

Then there are issues of blacklisting, spam, reliability. It goes on and on. By the time you add service costs and disk space, a paid service is better for serious work.

I pursued all this with countless hours on postfix, dovecot, saslauthd, openssl, roundcube and so forth and the Amazon EC2/SES platform. Various forums say it is not viable.

If you want to keep a cloud record of emails, you can add a rule to Amazon Workmail (or MS Exchange which basically forwards an email to Amazon where you use Lambda/SES to place it into a bucket) to copy emails into an S3 bucket, and place a 365 days expiry time on the objects. Then use software like MSP360 Explorer to access the bucket and copy files to your PC. Then use a shell script to add the .eml file extenstion to each filename. Then import the files into a client like emClient to search through the archived emails.

If you do get a service running, you could theroetically hook it into the archives of all your emails that are stored in an S3 bucket so that you can read them.

I have worked through an extreme number of Internet articles and forums on configuring things like SES, Postfix, Dovecot etc. Most are highly simplistic articles that only give you a small subsection of configurations, or the more complex ones only relate to that person’s specific setups away from Amazon, or simply do not work.

If we were to study further the ins and outs of SMTP and IMAP, for example, the question would be why? If we cannot do anything with these, it is perhaps only of interest similar to a University introductory text book level. To configure a service takes a lot of hunting around, but it does get one more used to the components and technology involved, which could be a good thing.

Please see my article on building an email service if you wish.

Start typing and press Enter to search