Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Getting 403 Forbidden errors when trying to send emails through SES with the word "select" in them

0

We started having a strange problem in the last few hours. We send transactional emails through SES. One of the email templates we use has the word "select" in it. Example:

Reservations are free and -- if you select a free cancellation rate...

This worked just fine for many years until early this morning when we started getting a 403 Error back any time we tried to send an email. We eventually narrowed it down to the word "select". If we removed it from the email, it would send just fine. We're guessing it has something to do with an updated WAF ruleset that must be blocking the word "select" due to its possible use in a query-based SQL-type attack, but we're not sure.

Has anyone else come across this? I can see the thinking, here, but to block a commonly used word from being sent via email is probably not the best approach to dealing with a potential vulnerability.

Topics
Front-End Web & MobileBusiness ApplicationsSecurity, Identity, & ComplianceAWS Well-Architected Framework
Tags
Amazon Simple Email ServiceAWS WAFSecurity
Language
English
asked 4 years ago927 views
1 Answer
0

Definitely create a support case for this - something has changed (clearly!) and they can investigate with the service team.

AWS
EXPERT
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content