- Newest
- Most votes
- Most comments
I understand that you're encountering email delivery issues specifically with Amazon EC2 instances located in the US West (Oregon) us-west-2 region. The provided logs indicate that while the emails are accepted for delivery, they are subsequently deferred with a "Connection timed out" error when attempting to send.
First, it's important to note that Amazon EC2, by default, imposes restrictions on egress traffic on port 25 for all instances. If your application requires traffic on SMTP port 25, you can request the removal of this restriction.
Since you have instances in more than one Region and you are experiencing issues with specifically in US West (Oregon) us-west-2 region, then submit a separate request for US West (Oregon) us-west-2 region. Please note if you have instances in more than one Region, then submit a separate request for each Region.
You'll receive an email with the Request ID after submitting the request form. It might take up to 48 hours to process your request. If your request is approved, you receive an email to notify you that the port 25 restriction is removed. If you don't receive an update within 48 hours after submitting the request, reply to the initial email that you received.
Now, let's delve into some troubleshooting steps:
- Confirm that your EC2 instances in the us-west-2 region have proper network connectivity to both the internet and the mail servers. Replace email-smtp.us-west-2.amazonaws.com with the mail server/SMTP endpoint. You can use commands like telnet or netcat (nc) to test connectivity on the relevant SMTP ports (25, 587, 465).
telnet email-smtp.us-west-2.amazonaws.com 587
telnet email-smtp.us-west-2.amazonaws.com 25
telnet email-smtp.us-west-2.amazonaws.com 465
nc -vz email-smtp.us-west-2.amazonaws.com 587
nc -vz email-smtp.us-west-2.amazonaws.com 25
nc -vz email-smtp.us-west-2.amazonaws.com 465
Or, in PowerShell:
Test-NetConnection -Port 587 -ComputerName email-smtp.us-west-2.amazonaws.com
-
Please ensure that neither your security groups nor network ACLs are blocking outbound email traffic from the us-west-2 region to the mail server. Here are the key points to verify:
- Outbound rules in security groups must allow traffic to the SMTP server on TCP ports 25, 587, or 465.
- Network ACL outbound rules should also permit traffic to the SMTP server on the same ports.
- Inbound network ACL rules should allow traffic from the SMTP server on TCP ports 1024-65535.
- Confirm that your EC2 instance has proper internet connectivity.
-
Double-check that you're using the correct SMTP port and protocol settings for sending emails. Typically, as you might be aware SMTP uses port 25 or 587.
-
Please ensure that your EC2 instances present in us-west-2 region can perform DNS resolution correctly. You can use tools like "nslookup" to test DNS resolution.
If the issue persists after these steps, it's advisable to contact the AWS Support Team and create a case based on your Support Plan. Complex email delivery issues often require in-depth investigation and collaboration to resolve effectively.
I hope this guidance helps you address the email delivery problem you're facing with your EC2 instances in the us-west-2 region.
Relevant content
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago