- Newest
- Most votes
- Most comments
This is now fixed. I had to purchase the AWS support for $29 for this answer but it was worth it because it is now fixed so hopefully I save you from also having to pay for support.
For those of you that happen to stumble on this post and have the same issue, here is the fix.
The reason was due to the difference between how v2 and v1 SES APIs verify the email identity.
Generally, with SES if the domain at large is verified it is not required to verify a specific email address within that domain. That is unless you want changes to the configuration as to how certain email addresses should operate. However, to make use of email address identity while sending email using SES SMTP, you need to verify the email address using the v1 API.
In your web console, it might be showing as verified since it is using v2 calls. However, if you check the same using CLI, you will see the status as “Failed or pending”. This is very strange behavior and almost seems like a bug to me, but I do not work at AWS.
You can verify this by running this command: (Replace user@example.com with your email identity)
aws ses get-identity-verification-attributes --identities "user@example.com"
And it will show this…
{
"VerificationAttributes": {
"user@example.com": {
"VerificationStatus": "Pending"
}
}
}
Which is completely different than what is shown in the console.aws.amazon.com/ses
Mitigation:
- Open the Amazon SES console.
- From the AWS Region selector in the navigation bar, select the Region that your identity is in.
- From the list of Verified identities, select the email identity. Then, choose Delete
- Choose Create Identity. Then, re-enter the email identity details
- Then run this CLI command (Replace user@example.com with your email identity)
aws ses verify-email-identity --email-address user@example.com
Note: This command adds an email address to the list of identities for your Amazon SES account in the current AWS region and attempts to verify it. As a result of executing this operation, a verification email is sent to the specified address.
- Click that verification link received in your mailbox for this email identity and verify the email address on AWS console as well as AWS CLI by running the verification attribute command
aws ses get-identity-verification-attributes --identities user@example.com
The result should look like this...
{
"VerificationAttributes": {
"user@example.com": {
"VerificationStatus": "Success"
}
}
}
- Once the verification status is "Verified" on the console and shows "Success" on the CLI level, you can test by sending an email for the email identity and verify it is using the correct configuration set on SES.
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 months ago