Trying to receive emails AND store them into an S3 bucket

amazon-web-services amazon-s3 email mx-record amazon-ses

I'm trying to store emails i receive into an s3 bucket, i followed this tutorial and multiple others : https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-getting-started.html

My MX record is set to my mail.Domain like this : Domain MX 10 mail.domain When i change it to Domain MX 10 inbound-smtp.us-east-1.amazonaws.com

I do not receive mails anymore and still do not get emails stored.

I do not know what is missing exactly ? someone help please.

Update : Managed to follow Mlu answer and i'm now at a very close step to getting my answer, the only problem is that AWS SES does not accept a "FROM" that is outside of my domain reaching another outside domain.

For example A sends email to B, B forwards (looks more like redirects) email to C, so C sees that he got a message from A not B, that, AWS SES doesn't like and will give this error for example :

554 Message rejected: Email address is not verified. The following identities failed the check in region US-EAST-1: [email protected], Jon Doe (in reply to end of DATA command).


Solution 1:

First some DNS / email background - even if you have multiple MX records for example.com in your DNS the emails are only received by one of the servers listed. Typically the sender contacts the one with the lowest preference but in your case if both have priority 10 the sender server will just choose one randomly.

If you want to both receive email on your mail.example.com and through AWS SES to store it in S3 you will have to feed it from one to the other explicitly.

I've got a similar setup in one of our projects and we receive the mails by Postfix (that's our mail.example.com) and from there we forward it to SES using the always_bcc postfix configuration directive.

In this case the example.com MX record only points to mail.example.com, not to SES. However we also have a record for ses.example.com being a MX record pointing to inbound-smtp.us-east-1.amazonaws.com. Then our always_bcc = [email protected] and obviously in SES we've got the domain ses.example.com configured to store emails to S3.

If you want you can also do it the other way around - receive on SES first and from there save to S3 and forward to your other mail server.

The bottom line is that you can'y simply list both SES and the mail server and expect that the emails will arrive to both. You have to explicitly receive at one and forward to the other.

Hope that helps :)

Related

How do I forward a www subdomain through DDNS and use the domain's certificate? - Ubuntu Nginx Let's Encrypt DDNS
Any ideas how could I've been ransomware hacked?
Is there any specific command to check all running processes inside a specific VM on ESXi?
Looking for a CLI application that allows me to connect to server over SSH quickly
rsyslog is putting log entries into an included file
How much does FreeBSD differ from Linux?
ipmitool and freeipmi don't see the same sensors
POST of large file is timing out, when running through ARR
Getting tlsv1 alert unknown ca:../ssl/record/rec_layer_s3.c:1528:SSL alert number 48 even though verification seems to be ok
Windows batch file to start and stop service for different users
Is an email alias technically the same as a forwarding internally?
In RAID what is better: fewer larger drives or more smaller drives?