- Newest
- Most votes
- Most comments
Is there no one that can even provide a bit off input on this matter. Its rather urgent in my world and google and AWS docs does not provide much info to a solution.
Hi,
I'm sorry to hear you're experiencing problems with the domain verification of your organization. I took a quick look at your account and found that the domain that is used for the only active organization in your account is not in Route 53. The name servers configured for this domain do not point to Route 53. Please verify that your domain records are correctly configured.
Kind regards,
Robin
Good Morning
you are correct in what you have found.
if i do a ns lookup it points to
etyay.co.za. 21599 IN NS ns4.tld-ns.com.
etyay.co.za. 21599 IN NS ns3.tld-ns.net.
etyay.co.za. 21599 IN NS ns2.tld-ns.com.
etyay.co.za. 21599 IN NS ns1.tld-ns.net.
;; SERVER: 192.168.0.1#53(192.168.0.1) (UDP)
I then located the company domains.co.za and asked them for the records they advised that the domain was transferred to another company gandi.net i then contacted them who advised that the domain was transffered to AWS and provided the following WHOIS
DoreenDomain Name: etyay.co.za
Registry Domain ID: DOM_3LXZU-COZA
Registrar WHOIS Server: whois.gandi.net
Registrar URL: http://www.gandi.net
Updated Date: 2021-01-19T18:31:37Z
Creation Date: 2020-08-19T10:03:01Z
Registrar Registration Expiration Date: 2021-08-19T10:03:01Z
Registrar: GANDI SAS
Registrar IANA ID: 81
Registrar Abuse Contact Email: abuse@support.gandi.net
Registrar Abuse Contact Phone: +33.170377661
Reseller: Amazon Registrar, Inc.
Domain Status: ok http://www.icann.org/epp#ok
You can see that AWS is listed as the reseller on domain whois information: https://whois.gandi.net/en/results?search=etyay.co.za
So please can you advise me on what i need to get or rectify so i can move the clients email to AWS.
Thanks
Good Morning
further update on this whois i did
; <<>> DiG 9.17.8 <<>> whois etyay.co.za
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63771
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;whois. IN A
;; AUTHORITY SECTION:
. 86395 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2021012100 1800 900 604800 86400
;; Query time: 223 msec
;; SERVER: 192.168.0.1#53(192.168.0.1) (UDP)
;; WHEN: Thu Jan 21 11:15:18 South Africa Standard Time 2021
;; MSG SIZE rcvd: 109
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5615
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;etyay.co.za. IN A
;; ANSWER SECTION:
etyay.co.za. 0 IN A 169.239.216.61
;; Query time: 2 msec
;; SERVER: 192.168.0.1#53(192.168.0.1) (UDP)
;; WHEN: Thu Jan 21 11:15:18 South Africa Standard Time 2021
;; MSG SIZE rcvd: 45
Hi,
If you know where your domain is registered you can take the NS servers from that registrar and add these to a NS record in your Route 53 hosted zone. After that the domain should become active and the records in Route 53 should start to resolve.
Kind regards,
Robin
Hi are these the NS records ?
etyay.co.za. 21599 IN NS ns4.tld-ns.com.
etyay.co.za. 21599 IN NS ns3.tld-ns.net.
etyay.co.za. 21599 IN NS ns2.tld-ns.com.
etyay.co.za. 21599 IN NS ns1.tld-ns.net.
Hi,
Yes these are the name server from your current registrar. If you want to keep using this registrar you can add all required WorkMail records here. If you want to use Route 53 you need to take the NS records from your hosted zone and replace these with the NS records with your registrar.
Kind regards,
Robin
Good Morning
Its working the domain is operational correctly and the name resolves on the web also.
within workmail the domain is also now verified however i am still missing
MAIL FROM domain Missing
MAIL FROM domain status Missing
I have created the email addresses for the client.
i just need to understand how the sending and receiving of emails will work in regard of SMTP settings for mails
how do i action this part
Also is SES necessary for workmail to work for everyday mail usage
Hi,
That is great to hear that you managed to get your set-up working. For the missing custom MAIL FROM you can enable this in the SES console. (Open your domain in the SES console and configure Custom MAIL FROM). This is recommended to improve your mail deliverability in combination with DMARC and SPF.
Sending and receiving email is simple, if your domain is verified sending mail works with all supported clients. Receiving will work when the MX record points to WorkMail. Both are in order for you. You can use the WorkMail SMTP servers, details on how to connect can be found here: https://docs.aws.amazon.com/workmail/latest/userguide/using_IMAP.html
For SES, WorkMail uses SES to send and receive email, you do not have to do anything for that. So you do not need to use SES for sending but can use the WorkMail SMTP servers.
Kind regards,
Robin
Morning all is now setup except the client cant receive or send emails this is due to the client still being in sandbox on SES i have done the application but it was declined this is rather urgent now as the client cant recieve or send emails
Hi,
For using WorkMail you do not need to do anything with SES. WorkMail will handle this for you, so you will not use SES from your AWS account.
What problems is your client experiencing?
Kind regards,
Robin
Evening
I can set the mailboxes up on mobile devices but this is the error i getting when i try to send emails
<Sending Email> User arn:aws:iam::661611024794:user/amazon-workmail-us-west-2' is not authorized to perform ses:SendRawEmail' on resource `arn:aws:ses:us-west-2:864067736105:identity/etyay.co.za'
2021-01-27 17:26:00 : An error occurred while trying to deliver the mail to the following recipients:
justin@tigerfishsoftware.co.za
Technical report:
Final-Recipient: rfc822; justin@tigerfishsoftware.co.za
further more i cant verify the email for the user info see below
Email Address Verification Failure
We're sorry, but Amazon Web Services could not verify your email address. You will not be able to send email to or from this address until it is verified.
Edited by: TFSSYSADMIN on Jan 27, 2021 9:34 AM
Hi,
It seems that the permissions for WorkMail to use your domain have been lost. You can correct that by adding your domain again in the WorkMail console. You do not need to remove the domain, just add it as a new domain and this should correct the permissions for you.
After that you should be able to send mail.
Kind regards,
Robin
Good Morning
All is working thank you for all your help really appreciated
Relevant content
- Accepted Answerasked 2 years ago
- Accepted Answerasked a year ago
AWS OFFICIALUpdated 8 months ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
