- Newest
- Most votes
- Most comments
Hi, Your SES configuration may be set to enforcing a policy of sending only when a TLS connection can be established to receiving server (and message is encrypted) all the way to the end-user. Depending on how sensitive your emails are, this may be the desired behavior.
However, if you want to continue to send the mail, even when unencrypted, you can disable the require TLS setting. SES will still use TLS when possible, according to documentation -
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/security.html
In my use case I've found the solution instructions following these instructions https://docs.aws.amazon.com/ses/latest/dg/vdm-get-started.html. I turned off "optimized shared delivery" option in virtual deliverability manager settings the emails are delivered immediately.
Not worked too.....
Sorry but it didn't work. The emails keep returning with the same error message. Any other suggestions?
Relevant content
- asked 2 years ago
- asked 5 years ago
- asked 5 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 3 months ago
Got it, and I followed these steps, after created a configuration set with the option TLS obrigatory:
Amazon SES to receiver Amazon SES supports TLS 1.2, TLS 1.1, and TLS 1.0 for TLS connections.
By default, Amazon SES uses opportunistic TLS. This means that Amazon SES always attempts to make a secure connection to the receiving mail server. If Amazon SES can't establish a secure connection, it sends the message unencrypted.
You can change this behavior by using configuration sets. Use the PutConfigurationSetDeliveryOptions API operation to set the TlsPolicy property for a configuration set to Require. You can use the AWS CLI to make this change.
To configure Amazon SES to require TLS connections for a configuration set At the command line, enter the following command:
aws sesv2 put-configuration-set-delivery-options --configuration-set-name MyConfigurationSet --tls-policy REQUIRE In the preceding example, replace MyConfigurationSet with the name of your configuration set.
When you send an email using this configuration set, Amazon SES only sends the message to the receiving email server if it can establish a secure connection. If Amazon SES can't make a secure connection to the receiving email server, it drops the message.