By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Amazon SES Custom MAIL FROM Domain Setup jumping between DISABLED / ENABLED

1

Since I have enabled a custom mail from domain I keep getting notifications that the domain setup has been disabled – and a couple hours later enabled again. This happens almost once every day. Note that I am not changing any DNS setting in between. The domain is not hosted with AWS, but the DNS records are properly set.

Any idea what might go wrong?

Subjects of the email notifications:

  • Amazon SES Custom MAIL FROM Domain Setup DISABLED in AWS Region Europe (Frankfurt)
  • Amazon SES Custom MAIL FROM Domain Setup ENABLED in AWS Region Europe (Frankfurt)
  • Shane A Farrar
    2 years ago

    When you say that the DNS records are properly set, does that include verifying that the NS record is set properly where the domain was bought, and a name server url hasn’t been mistakenly truncated. Additionally, there are no conflicts with records on that end? For instance, there isn’t an A record for my.example.com and an NS record for my.example.com where the domain is currently administered from, which might be resolving strangely?

  • Johannes
    2 years ago

    Hi Shane, thanks for the reply. Yes, everything you mentioned is set properly and double checked. The error mail specifies that the problem lies at the MX records. However, the MX record is properly set to "feedback-smtp.eu-central-1.amazonses.com" with priority 10. I also periodically verify using mxtoolbox.com.

  • Steve de Niese
    2 years ago

    I'm experiencing this exact same issue - any update on solving this one?

  • Johannes
    2 years ago

    Unfortunately not. I continue to receive the mails every few days and click them away...

  • Glen
    2 years ago

    Also having this problem, DNS at Cloudflare. I get Enabled and Disabled pretty much daily now.

Topics
Front-End Web & MobileBusiness Applications
Tags
Amazon Simple Email Service
Language
English
Johannes
asked 2 years ago810 views
2 Answers
0

There are a couple of things required to set up a custom MAIL FROM domain in SES. This section of AWS SES documentation details the requirements - https://docs.aws.amazon.com/ses/latest/dg/mail-from.html#mail-from-set.

Of particular note are the DNS records that must be present to be successful.

NameTypeValue
subdomain.domain.comMX10 feedback-smtp.region.amazonses.com
subdomain.domain.comTXT"v=spf1 include:amazonses.com ~all"
---

** Important **

To successfully set up a custom MAIL FROM domain with Amazon SES, you must publish exactly one MX record to the DNS server of your MAIL FROM domain. If the MAIL FROM domain has multiple MX records, the custom MAIL FROM setup with Amazon SES will fail.

The link has details how to add DNS records to popular DNS providers (Item #6). I recommend checking DNS MX record values when you get enabled/disabled, corresponding to Verified/Failed in the Classic SES console and Successful/Failed in the new SES console.

AWS
SUPPORT ENGINEER
Ron_H
answered 2 years ago
  • Johannes
    2 years ago

    Hi Ron, thanks for your reply. The DNS records are set as specified. There is only one MX record set for the subdomain. The domain in question is mail.literaturkreis.online if you want to verify.

  • Ron_H SUPPORT ENGINEER
    2 years ago

    Hello, Johannes. Thanks for sending, I see that is listing amazonses as required. To confirm, that's when the status of MAIL FROM is good? I'd be interested in seeing the value when showing failed (disabled).

  • Johannes
    2 years ago

    Hi Ron, sorry for the late reply. The problem had stopped for a while. Unfortunately, it has been back for two days and the status changes to DISABLED about once a day and then to ENABLED a few hours later. To answer your question: Nothing was changed in the DNS configuration in the meantime. That's the strange thing.

  • Glen
    2 years ago

    I don't think this issue is being fully understood. If the correct settings were not in place, the MAIL FROM would NOT BE ENABLE to begin with EVER!! The problem that we are experiencing is that everything is set up correctly (the proof is that AWS ENABLES the MAIL FROM domain), yet, AWS still DISABLES and ENABLES the MAIL FROM on a daily basis. You can see my inbox here: https://ibb.co/zrZWxrd

0

Experiencing the same issue with custom MAIL FROM domain setup jumping between enabled and disabled. Spent some time investigating today.

Like Johannes, my MX and TXT records are set up correctly.

I noticed the name servers of both my domain and Johannes' domain sometimes return the TLD part in upper case. Not entirely sure, but this is either the result of message compression or a security measure (see this post on serverfault.com for more details).

Could this be the problem? It shouldn't be, because DNS is case insensitive.

One of my other domains, with Route 53 NS works fine. The MX record for that domain is always returned in the same format (lower case).

Hope someone can confirm that this is indeed the cause.

Here are the dig queries to verify:

dig +noall +answer literaturkreis.online NS
literaturkreis.online.  0       IN      NS      ns.inwx.de.
literaturkreis.online.  0       IN      NS      ns2.inwx.de.
literaturkreis.online.  0       IN      NS      ns3.inwx.eu.

dig +noall +answer @ns.inwx.de mail.literaturkreis.online MX
mail.literaturkreis.online. 3600 IN     MX      10 feedback-smtp.eu-central-1.amazonses.COM.

dig +noall +answer @ns3.inwx.eu mail.literaturkreis.online MX
mail.literaturkreis.online. 3600 IN     MX      10 feedback-smtp.eu-central-1.amazonses.com.
martian
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content