Im having a problem with sending emails using Amazon SES. I have an Amazon EC2 instance.
It worked for the first couple of days but I just noticed last week all emails now fail. I have tried sending using Node and the Amazon SES sdk and from within AWS where you can send a test email. I have the following code in Node:
var aws = require('aws-sdk');
// load aws config
aws.config.loadFromPath('email_config.json');
// load AWS SES
var ses = new aws.SES({
apiVersion: '2010-12-01'
});
ses.sendEmail({
Source: from,
Destination: {
ToAddresses: to
},
Message: {
Subject: {
Data: 'Somebody registered'
},
Body: {
Html: {
Data: body,
}
}
}
}, function(err, data) {
console.log('email err is ', err, ' and data is ', data);
});
The result of the log is:
email err is null and data is { ResponseMetadata: { RequestId: 'ad28f526-0b15-11e6-ad87-1108d652684a' },
MessageId: '010101544ebc41b3-f7bd43dd-0505-4eb2-a056-219ce6180fc5-000000' }
But the email doesnt deliever and I then receive an email from Amazon saying:
An error occurred while trying to deliver the mail to the following recipients: < my email address >
This contains an attachment with the following text:
From: < my email address >
To: < my email address >
Subject: Somebody registered
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit
Message-ID: <010101544ebc41b3-f7bd43dd-0505-4eb2-a056-219ce6180fc5-000000#us-west-2.amazonses.com>
Date: Mon, 25 Apr 2016 18:44:01 +0000
X-SES-Outgoing: 2016.04.25-54.240.27.56
Feedback-ID: 1.us-west-2.GkIUmTTEDEIC5VBoooumwcKSnMDcLT8S4Zd3/deS/BU=:AmazonSES
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
s=gdwg2y3kokkkj5a55z2ilkup5wp5hhxx; d=amazonses.com; t=1461609841;
h=From:To:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID:Date:Feedback-ID;
bh=fHqQiK/2DJ+B7zddmElFttCiWFnADDSNj5umLJQCPJs=;
b=ZI/358zmcRHVBKTdA6qbQky5nj5z/YWw215KvkZ+oD73N0booHbl+jx+O05FdcKR
irDjmyEDppGkp7rToZSTt/NHDeRrbERixT/ZCjGo/KOxvShovD7Z5mnDViRmkS5sTz5
qo0oO0NuRz1lGVPkT5ONHNhKhWs7ncC9id0ycm34=
When I actually log into AWS and send a test email through the console, I get the same failure.
I have verified the senders email address and I have an approved sending limit for the region.
Any ideas what this could be?
EDIT
I just noticed in my AWS control panel > SES Home > Domains it says my domain is 'pending verification'. Could this be it? It says I need to add a TXT DNS record with a name of xxx and value of yyy. I already did this on Register365. Maybe I did it wrong? Register365 doesnt provide name and value fields for a TXT record, only a 'result' field. So I added a TXT record with the 'result' field of: xxx=yyy. Is this the correct approach? This was weeks ago though and its still pending verification....
EDIT
I've since added a TXT record to my Register 365 control panel, and still my domain cannot be verified. The record looks like:
Amazon provided me with the following TXT record to verify my domain:
TXT Name*: _amazonses.mydomain.com
TXT Value: u1qHYT6/2KV9Kl1VLKsApXjwcPqVXKJ8KeXj50k=
So in the Register 365 control panel "result" field I've added the record in the form name=value i.e "_amazonses.mydomain.com=u1qHYT6/2KV9Kl1VLKsApXjwcPqVXKJ8KeXj50k="
I then ran nslookup to find the record but got the message:
server can't find _amazonses.mydomain.com: NXDOMAIN
What am I doing wrong?
EDIT
I have now changed the TXT record to:
But after 3 days I have gotten another email from Amazon saying they have failed to verify the domain. Im utterly baffled now, I've been trying to verify it for 6 weeks!
My SES account is not in sandbox mode - i've already been approved to send email via SES. I've also verified my sender email address.
Are there any other options open to me? The Amazon SES service seems absolutely dire.
Also when I run:
nslookup -type=TXT _amazonses.redmatterapp.com ns-478.awsdns-59.com
I'm still seeing:
server can't find _amazonses.redmatterapp.com: NXDOMAIN
When I run:
nslookup -type=TXT redmatterapp.com ns-478.awsdns-59.com
I get:
Can't find redmatterapp.com: No answer
Why is this happening? My DNS is with Register 365
EDIT
Seems like the nameservers I was using with nslookup were wrong. When I run nslookup, i know get:
_amazonses.redmatterapp.com text = "u1qN5cbTEDb/2EV9Bhd67YHT5jjqVXKJ8KeXj50k="
Which looks right. Yet still verification for my domain fails...
As Michael, the SQL Bot pointed out, you need a hostname (_amazonses) on the left, and the value on the right. That will help to validate the domain.
However, there are a number of other possible reasons for failure. Is SES still in sandbox mode? If that's the case, you'll need to verify the TO and the FROM email addresses.
It might be easier to verify individual email addresses if you can't get the domain verification working. So create them in SES, and go through the validation process. Once you create those (or, if you manage to get the domain verified) create an SNS topic that sends you email, and then configure the Bounce, Complaint, and Delivery notifications to that SNS topic - you should end up with an email for every delivery attempt, regardless of whether it succeeds or not.
The last thing to consider is the possibility that your email address has been added to the supression list. If you generate a lot of errors, SES will add you to a "do not email" list. There is an ability to request removal from this list in the SES console.
The hostname part is _amazonses (left column, next to the number 2)
The value is "u1qHY..."
I think you're on the right track in that last image, only I believe the host name is _amazonses, and u1qHYT6/2KV9Kl1VLKsApXjwcPqVXKJ8KeXj50k= is the result, instead of putting everything in the result field in the form "_amazonses.yourdomain.com=u1qHYT6/2KV9Kl1VLKsApXjwcPqVXKJ8KeXj50k=". Iiuc, the idea is that AWS will curl _amazonses.yourdomain.com, expecting your key to be served as a TXT file, but currently you're serving a TXT file with the contents _amazonses.yourdomain.com=u1qHYT6/2KV9Kl1VLKsApXjwcPqVXKJ8KeXj50k= (I can't quite read, as its cut off; pardon my guess) on yourdomain.com instead.
The reason I believe this is that you're getting the error NXDOMAIN, which means the domain _amazonses.yourdomain.com doesn't exist, which makes sense if you hadn't set up a TXT record for _amazonses.yourdomain.com, but instead set up a txt record for http://yourdomain.com instead with the value _amazonses.yourdomain.com=u1qHYT6/2KV9Kl1VLKsApXjwcPqVXKJ8KeXj50k=. Its also what the other two answers seem to suggest, which makes me feel more confident.
I recently verified a domain for the company I work for successfully, it is set as follows in my domain DNS (as a TXT record):
It may be worth you reading Amazon's troubleshooting page if you're still having issues.
Adding to my answer:
I've just checked in my AWS console, if you open up SES > Domains and click on your domain name. Scroll down then click DKIM, I had to verify some more there:
And add them as CNAME records as follows:
One thing people forget with this process is the fact that, Amazon requires you to leave the TXT record in place even after the verification. Otherwise they will revoke the domain.
Hope this helps!
Yet another edit (sorry)
When I run nslookup -type=TXT _amazonses.redmatterapp.com ns-1471.awsdns-55.org to try and find your TXT record, it comes back:
Server: ns-1471.awsdns-55.org
Address: 205.251.197.191#53
** server can't find _amazonses.redmatterapp.com: NXDOMAIN
This shows that the TXT record is not setup correctly.
Related
By provider, I mean the provider responsible for mail, e.g. for gmail the provider would be gmail(or/by google) and for microsoft.com it would be outlook(by microsoft).
Basically, I want to find out given an email domain e.g. abc#xyz.com, hxy#tuv.com is from a specific provider(outlook or gmail) in our case, since xyz or tuv is not explicitly evident which provider it belongs to.
I have succeded somewhat, my idea being to make use of MX records, so I do something like this in nodejs:
const dnsMod = require('dns');
dnsMod.resolveMx(
'mydomain.com', (err, value)=>{
console.log('The error is : ', err);
console.log('The value is : ', value);
}
)
and it returns records like this:
[
{ exchange: 'alt3.gmail-smtp-in.l.google.com', priority: 30 },
{ exchange: 'alt1.gmail-smtp-in.l.google.com', priority: 10 },
{ exchange: 'gmail-smtp-in.l.google.com', priority: 5 },
{ exchange: 'alt2.gmail-smtp-in.l.google.com', priority: 20 },
{ exchange: 'alt4.gmail-smtp-in.l.google.com', priority: 40 }
]
so, seeing this we can conclude the provider in this case is infact gmail.
But, my point is, is it safe to conclude the provider is gmail just it contains words like google, gmail etc. In other words, do google's mail servers always have a google.com in the end, (or Similarly, microsoft's mail provider have outlook.com or microsoft.com in the end)? If not, what better way would be to confirm this?
EDIT: As per suggested by comment, I need the information because, based on the information I need to show only one of google or outlook button.
For getting the information who is the responsible for the mail domain do a whois query by your prefered whois query service, pe. by https://who.is
Based on the answer of eddy, you can do a whois query by automatic too:
Coding a domain lookup tool
I need to send a URL attachment in nodemailer.i try to many ways but mail was not deliverd.I was seen elasticemail gateway they showed a error like this "suppressed" how will i solve this issue
attachments:[{ // use URL as an attachment
filename:'GSTR3B_33ADQFS8223E1ZY_012019_1551501263.pdf',
path:'my url'}]
if you are getting "suppressed" from Elastic Email check in the Contacts section on your dashboard to be sure that the contact is in an "Active" state. The contact might be suppressed by the system.
I'm following this tutorial to send email in App Inventor: https://www.hackster.io/taifun/trigger-ifttt-to-send-an-email-using-app-inventor-9df505 (You will have to scroll down on the page to view the tutorial)
The tutorial is straight forward and easy to understand. However, the IFTTT service (Maker) is now called "Webhooks".
I don't know what else has changed since that tutorial was written.
Following the tutorial:
the URL is correct https://maker.ifttt.com/trigger/Sendmail/with/key/*MYKEY*
the RequestHeaders are correct Content-Type: application/json
the PostText is correct: { "value1" : "faeryofiris#gmail.com", "value2" : "test", "value3" : "test body" }
I have double and triple checked for spelling errors.
Once I click a button to send this email, I receive the response:
"Congratulations! You've fired the Sendmail event!"
Except... there is no email. Both emails are my actual emails, so they are valid emails. "faeryofiris#gmail.com" should be the "FROM" email, and "pixiibomb#gmail.com" is the email that is registered on IFTTT (this should be the email that receives a message from faeryofiris) I keep refreshing my gmail, and still... no email.
Any ideas?
I've run into this issue several times. The solution has always been to click "Edit Connection" on the Webhooks Service Settings page. This will get you a new key. It doesn't solve their issue which is that keys tend to die for no explained reason but it should get your setup working again.
I have a website that I'm getting back up after a year+ of being down. I haven't made any code changes, and I've got the site back up and everything is working as before except for the site/app sending email.
It's an ubuntu node.js server. It's hosted on Amazon and I had to create another instance and repoint the dns, etc. An example code snippet that used to work but now doesn't:
var emailServer = email.server.connect({user:"<my gmail>",password:"<mypw>",host:"smtp.gmail.com",ssl:true});
emailServer.send({
text: "Your username is: " + userName + ".",
to: emailAddress,
subject: "Activate Your a2zCribbage Account",
attachment: [...]
}, function(err, message) { if (err) console.log(err); });
When I first tried to send email the gmail account I use got a message "sign-in attempt prevented" Someone just tried to sign in to your Google Account <account> from an app that doesn't meet modern security standards.
I followed what Google said and changed the security to allow apps, but still nothing gets sent.
What am I missing? What other things can I try? Do ec2 severs not just allow email to be sent by default?
Gmail is not a platform for sending automated email. Just because you can doesn't mean it's designed for doing so.
AWS EC2 instances are also problematic for sending email; the ports may be blocked or throttled, you are certainly getting higher spam scores for doing so.
The canonical solution is to use AWS SES. Here's sample code and here's the documentation. There's also a simple third-party library.
But please bear with me. I do not need help with ndns or JavaScript. I need help with DNS Resource Records.
I can already send resource records. I just need to know how to send the right ones for an Authoritative DNS Server.
I am writing the DNS server using ndns. Ndns is supposed to do the low level communications for me, but I still have to know the basics of DNS. Ndns is not documented except for this example. It is in JavaScript, but it should be pretty easy to read anyway. When a request is received, it adds a resource record to the response and sends the response
function handleDnsRequest(request, response) {
response.addRR(
ndns.ns_s.ar, // Section AR
'node.js', // Name
ndns.ns_t.txt, // Type TXT
ndns.ns_c.in, // Class IN
1991, // TTL
'http://nodejs.org/' // Value
);
response.send();
}
So, no matter what the request, this handler adds a response record as follows
Section AR (Additional Records)
Name "node.js"
Type TXT (Text String)
Class IN (Internet)
TTL 1991 (~33 minutes)
Value (Text String)
Which gives this output on Windows nslookup
C:\>nslookup - 127.0.0.1
node.js text =
"http://nodejs.org/"
Default Server: UnKnown
Address: 127.0.0.1
> google.com
Server: UnKnown
Address: 127.0.0.1
Name: google.com
>
How can I send correct responses? I want to start off by sending a fixed IP address for all A records no matter what and to deny most everything else as unsupported or whatnot.
In a typical log in to nslookup, ask for an a record What would be the typical list of Resource Records that would come out of the DNS server?
I want to start off by sending a fixed
IP address for all A records no matter
what and to deny most everything else
as unsupported or whatnot.
Aha, now we're getting somewhere.
You need to return an RR in the answer section that has the same "owner name" as that in the (first) question, with the appropriate fields.
Try this:
function listener (req, res)
{
res.addRR(
ndns.ns_s.an, // answer section
req.question[0].name, // name
ndns.ns_t.a, // type
ndns.ns_c.in, // class
3600, // TTL
'127.0.0.1' // RDATA
);
res.header.aa = 1; // authoritative answer
res.header.ra = 0; // recursion not available
res.send ();
}
This only handles the default response, and doesn't check whether the inbound query was for an A record or not.
To refuse other queries you'll want to check for:
req.question.length == 1
req.question[0].type == ndns.ns_t.a
req.question[0].class == ndns.ns_c.in
and then set res.header.rcode to something non-zero.
A real authoritative server would also send DNS server names in the authority section, but you should be able to get away without doing so here.