Amazon SES and Amavis

with smtp_tls_security_level = encrypt you force postfix to use TLS, even through your local amavis filter which might not support it

you could add -o smtp_tls_security_level=none to the amavis/reinject instance in master.cf to get this working

so, copying from from your how-to page, your master.cf should probably look like this:

amavis unix - - - - 2 smtp 
  -o smtp_data_done_timeout=1200 
  -o smtp_send_xforward_command=yes 
  -o disable_dns_lookups=yes 
  -o max_use=20
  -o smtp_tls_security_level=none        <----- add this line



 127.0.0.1:10025 inet n - - - - smtpd 
  -o content_filter= 
  -o local_recipient_maps= 
  -o relay_recipient_maps= 
  -o smtpd_restriction_classes= 
  -o smtpd_delay_reject=no 
  -o smtpd_client_restrictions=permit_mynetworks,reject 
  -o smtpd_helo_restrictions= 
  -o smtpd_sender_restrictions= 
  -o smtpd_recipient_restrictions=permit_mynetworks,reject 
  -o smtpd_data_restrictions=reject_unauth_pipelining 
  -o smtpd_end_of_data_restrictions= 
  -o mynetworks=127.0.0.0/8 
  -o smtpd_error_sleep_time=0 
  -o smtpd_soft_error_limit=1001 
  -o smtpd_hard_error_limit=1000 
  -o smtpd_client_connection_count_limit=0 
  -o smtpd_client_connection_rate_limit=0 
  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
  -o smtp_tls_security_level=none    <----- add this line