By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

SES Authentication Credentials Invalid

0

Hi, I'm trying to set the email with Postfix at our new Linux2 AMI server at east1 Virginia region to sent notifications to our own work mails. I've followed this very same procedure to set Postfix with Amazon as for my other machines https://docs.aws.amazon.com/ses/latest/dg/postfix.html

I have an AIM user configured and working for other machines at west2 Oregon. I'm trying to use the same credentials, but always fails with the following message

from mail command line:


relay=email-smtp.us-east-1.amazonaws.com[54.210.211.8]:587, delay=5.6, delays=0.01/0/5.5/0, dsn=4.0.0, status=deferred (SASL authentication failed; server email-smtp.us-east-1.amazonaws.com[54.210.211.8] said: 535 Authentication Credentials Invalid)

When I use the following procedure https://docs.aws.amazon.com/ses/latest/dg/send-email-smtp-client-command-line.html

depth=2 C = US, O = Amazon, CN = Amazon Root CA 1

verify return:1

depth=1 C = US, O = Amazon, OU = Server CA 1B, CN = Amazon

verify return:1

depth=0 CN = email-smtp.us-east-1.amazonaws.com

verify return:1

250 Ok

250-email-smtp.amazonaws.com

250-8BITMIME

250-STARTTLS

250-AUTH PLAIN LOGIN

250 Ok

334 userInBase64

334 passInBase64

***535 Authentication Credentials Invalid***

***530 Authentication required***

503 Error: need MAIL command

503 Error: need MAIL command

....

I tried the above from both zones with the existing SES user/credentials and always fail from the east1-virginia machine and/or when use email-smtp.us-east-1.amazonaws.com as mail server. Only works from the west2-Oregon Linux machines and using email-smtp.us-west-2.amazonaws.com as server.

I think, maybe is incorrect, that the user from AIM is "global" so I can use it in any region that supports SES. Despite this, I've also created a new user with the same profile as the original one launching the AIM Credentials Creation console from east1 virginia region SES console. Then I've checked it in both machines with both region smtp servers and never worked, always fails with exact the same error.

From AWS SES console, the mail test work like a charm and of course my domain is in "verified" state.

Any suggestions?

Thanks in advance.

Topics
Front-End Web & MobileBusiness Applications
Tags
Amazon Simple Email Service
Language
English
Renyones
asked 2 years ago440 views
2 Answers
0

OK, I going to answer to myself.

You only need to create the user directly and exclusively from the SES console at the correct region. Some people says you can reuse other mail users previously created and working at other region, but YOU CAN'T.

Also you can't use a new user created from the AIM console whit the correct config --> doesn't works.

For each region you sould go to SES / SMTP settings / Create SMTP Credentials, and then this create the correct user for your mail.

Maybe some very brief info at the SES console or the SES credential creation documentation pointing or warning about this requirement saved my many hours, especially because i was doing this for the very first time and is the correct moment or place to remember or help me.

Anyways: SOLVED.

Renyones
answered 2 years ago
0

For each region you sould go to SES / SMTP settings / Create SMTP Credentials, and then this create the correct user for your mail.

Seems to me THAT creating credentials in any region other than :

...... email-smtp.ap-northeast-1.amazonaws.com

is not possible.

There appears to be NO OPTION.

Or .... I can't find out how!

rePost-User-5747509
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content