By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS SES with delegate implementation

0

We have AWS MP 1 account where we have enabled SES Production and have verified couple of identities. We have another AWS MP2 account where we have used ARN of verified identity in AWS MP1 SES.

Now when we are sending email using sendEmail function call in lambada function of AWS MP2, we can see Mail sent count as 1 in AWS MP2 account and not in AWS MP1 account Is this behavior is correct? Also, end user did not received email, why is it so?

Topics
Front-End Web & MobileBusiness Applications
Tags
Amazon Simple Email Service
Language
English
Ashish
asked 2 months ago29 views
1 Answer
0

The behavior you're describing is partially correct, but there are some important points to consider:

  1. Mail sent count: It is correct that the mail sent count appears in the AWS MP2 account (delegate sender) and not in the AWS MP1 account (identity owner). In a delegate sender setup, the sending quotas, bounces, and complaints are attributed to the delegate sender's account (MP2 in this case), not the identity owner's account (MP1).

  2. End user not receiving email: There could be several reasons for this:

    a) Sandbox status: Both the identity owner's account (MP1) and the delegate sender's account (MP2) must be removed from the Amazon SES sandbox before either can send emails to non-verified addresses. If either account is still in the sandbox, emails to non-verified addresses will fail.

    b) Region mismatch: The delegate sender (MP2) must connect to the Amazon SES endpoint in the same AWS Region where the identity owner (MP1) verified the identity. If you're using a different region, the email sending will fail.

    c) Authorization policy: Ensure that the sending authorization policy in the MP1 account correctly authorizes the MP2 account to send on behalf of the verified identity.

    d) ARN usage: Verify that you're correctly passing the ARN of the authorized identity when calling the sendEmail function in your Lambda in MP2.

    e) Bounce or complaint: The email might have bounced or been marked as a complaint, which would prevent delivery but still count as sent.

To troubleshoot:

  1. Confirm both accounts are out of the SES sandbox.
  2. Verify you're using the correct region in MP2 that matches the identity verification in MP1.
  3. Double-check the sending authorization policy in MP1.
  4. Ensure the correct ARN is being used in the sendEmail function in MP2.
  5. Check for any bounce or complaint notifications in the MP2 account.

If the issue persists after verifying these points, you may need to contact AWS Support for further assistance.
Sources
Delegate Sender Tasks for Amazon SES Sending Authorization - Amazon Simple Email Service
Sending Emails for the Identity Owner for Amazon SES Sending Authorization - Amazon Simple Email Service
Sending emails for the identity owner for Amazon SES sending authorization - Amazon Simple Email Service

profile picture
re:Post Agent
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content