Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Still getting SIGv2 Utilization warning after updating my credentials

0

Hi,

I updated my credentials on the 13th Jan 2021 but have again received the email warning:

Important notification regarding Simple Email Service (SIGv2 Utilization)   

**We have observed Signature Version 2 requests (on an Amazon SES SMTP endpoint) originating from your account over the last week.**

I created the new credentials as instructed and I only use SMTP to send my emails.

Is it possible to find out the IP address of where the "Signature Version 2 requests" observed in the last week are originating?

In IAM I can see the old v2 user account - but last activity on this users shows as 33 days ago.

Many thanks

Steve

Tópicos
Web e dispositivos móveis front-endAplicativos de negócios
Tags
Serviço de e-mail simples da Amazon
Idioma
English
sacu
feita há 3 anos187 visualizações
6 Respostas
0
Resposta aceita

Hi,

Those are uses spotted since the beginning of the year, so the notification you received should normally begin with

"If you have already migrated your credentials from Signature Version 2 to Signature Version 4, you can ignore this communication."

EDIT: actually, I doubled checked and you're absolutely right. The communication reminder still contains "over the last week", which is wrong. Those were observed since the beginning of the year. I will make sure this gets corrected, please accept our apologies for the confusion.

AWS-User-9331904
respondido há 3 anos
0

Same problem, just received this email: "We have observed Signature Version 2 requests (on an Amazon SES SMTP endpoint) originating from your account over the last week."

IAM doesn't show any activity for the old user since I regenerated the SMTP credentials 33 days ago.

npomerleau
respondido há 3 anos
0

Thanks.

This line in the email is somewhat misleading:

We have observed Signature Version 2 requests (on an Amazon SES SMTP endpoint) originating from your account over the last week

Got me thinking...could I have a server somewhere using the old credentials? I didn't think so.

So, if in IAM, I can see no activity on the old accounts then I am fine.

Steve

sacu
respondido há 3 anos
0

That's the correct way to verify it if you are getting your SMTP credentials from the SES console, absolutely.

There is another, rarer case: for the few customers that are self-signing an existing IAM user by using the sigv2 algorithm (either in their code, or through a library), if they just changed the algorithm to be the sigv4 signing algorithm, they could legitimately still observe activity on the user.

AWS-User-9331904
respondido há 3 anos
0

Yes, this was fairly unsettling! Having inherited this system I was pretty sure that I had updated our SMTP credentials in all the requisite locations. Then I got this e-mail warning me that in the past week the service is still being accessed with SIGv2 credentials. I spent hours combing through, self-auditing the entire system and writing up a support request. I should have googled first!

(File this under "Don't believe everything you read on the internet. Even if it comes from Amazon.")

Yossi15
respondido há 3 anos
0

Same issue here. I wish the email was more careful about when the V2 creds were used.

whitewizardllc
respondido há 3 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante