Email using Amazon SES | www.webhare.dev

WebHare can send outgoing mail through Amazon AWS SES, and process bounces/complaints through SNS. This guide will use the Amazon 'aws' command line utility, but you can also do the process through the web interface.

SMTP Account

Configure a SMTP account with AWs in the AWS console. It will provide you with the email/smtp server name, username and password.

In WebHare, set mail settings: SMTP server (eg email-smtp.eu-central-1.amazonaws.com), port (587), username and password.

Bounces and feedback

To prepare your WebHare for SES, you need to ensure it can process bounces. You need to do this once per installation that will use SES.

Before you begin you'll need to find your WebHare server's SNS endpoint (in WebHare's mail configuration) and set up your SES/SNS credentials.

# Set up a topic name - use eg 'myserver-email'
aws sns create-topic --name <TOPIC>

# The above command will return the topic's full ARN which you'll need
# to specify to --topic-arn.
aws sns subscribe --topic-arn <TOPIC-ARN> --protocol https --notification-endpoint <SNS ENDPOINT>

Verify your identity

To be allowed to actually send, you'll need to verify each identity you'll be using at either the email or domain level. To verify an email address:

# Specify the email address to verify
aws ses verify-email-identity --email-address <EMAIL>

and follow the email instructions you receive.

You can also verify a full domain, but that'll also require some DNS setup:

aws ses verify-domain-identity --domain <DOMAIN>

aws ses  get-identity-dkim-attributes --identities <DOMAIN>

Configure the identity

Whether you choose a mail or domain entity, you now need to configure this identity to send its delivery information to this topic (and not just mail it back to you). To link the identity to your SNS topic:

# Receive all three notification types
aws ses set-identity-notification-topic --identity <IDENTITY> --notification-type Bounce --sns-topic <TOPIC-ARN>
aws ses set-identity-notification-topic --identity <IDENTITY> --notification-type Complaint --sns-topic <TOPIC-ARN>
aws ses set-identity-notification-topic --identity <IDENTITY> --notification-type Delivery --sns-topic <TOPIC-ARN>

# Enable header information (WebHare needs the Message-IDs)
aws ses set-identity-headers-in-notifications-enabled --identity <IDENTITY> --notification-type Bounce --enabled
aws ses set-identity-headers-in-notifications-enabled --identity <IDENTITY> --notification-type Complaint --enabled
aws ses set-identity-headers-in-notifications-enabled --identity <IDENTITY> --notification-type Delivery --enabled

# Disable email feedback
aws ses set-identity-feedback-forwarding-enabled --identity <IDENTITY> --no-forwarding-enabled

If none of the above steps returned an error, you're almost done. Set up WebHare's mailrouting, and if you're setting this up for the newsletter module (Pronuntio), don't forget to disable its own bounce handling for each relevant account.

Testing

Amazon provides simulator email addresses you can use to test your configuration. For example, emailing bounce@simulator.amazonses.com should allow you to see the Bounce status in the managed queue mail details.