Search code examples
laravellaravel-5.5amazon-ses

Laravel 5.5 trying to use Aws SES to send mails but it keeps returning errors

I am setting up a website with a contact form that will use AWS SES to send mail. I have set up my .env file:

MAIL_DRIVER=ses
MAIL_HOST=us-west-2
MAIL_PORT=587
MAIL_USERNAME=AKADADQADADGX45EO
MAIL_PASSWORD=EASDDEWWWEDWEDASDQWDQWDBTb5
MAIL_ENCRYPTION=tls

My mail.php is set up to use the .env() vaules same with services.php:

'ses' => [
        'key' => env('MAIL_USERNAME'),
        'secret' => env('MAIL_PASSWORD'),
        'region' => env('MAIL_HOST'),
    ],

I have applied for and been removed from sandbox.

I have the IAM user set up with AmazonSESFullAccess and even made my own policy (AmazonSesSendingAccess) just in case the above was not right:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "ses:SendRawEmail",
            "Resource": "*"
        }
    ]
}

And this keeps coming up:

Error executing "SendRawEmail" on "https://email.us-west-2.amazonaws.com"; AWS HTTP error: Client error: `POST https://email.us-west-2.amazonaws.com` resulted i ▶
<ErrorResponse xmlns="http://ses.amazonaws.com/doc/2010-12-01/">\n
  <Error>\n
    <Type>Sender</Type>\n
    <Code>MessageReje (truncated...)\n
 MessageRejected (client): Email address is not verified. The following identities failed the check in region US-WEST-2: email@email.com - <ErrorResponse  ▶
  <Error>\n
    <Type>Sender</Type>\n
    <Code>MessageRejected</Code>\n
    <Message>Email address is not verified. The following identities failed the check in region US-WEST-2: email@email.com</Message>\n
  </Error>\n
  <RequestId>269f02b9-1320-4882-b3d4-0cd57559aaea</RequestId>\n
</ErrorResponse>

I am at a loss on this. I shouldn't need to verify anything since I am not in sandbox anymore. One last thing I have made certain that I was approved for US West Oregon which is us-west-2.

Solution

  • You have to verify your domain and email from the AWS control panel itself, try to look at the points 2 and 3 in this medium article.

    To answer to your comment:
    I'm not saying that you would have to verify your client emails, as that's impossible, maybe just create a no-reply@yourdomain.com or similar, that will be the email sender, and set the email's reply-to header to the email the customer put in the form.

    That domain verification has to be done because AWS have to be sure you do own the domain of the email account that is sending the email.

    That's a spam prevention measure, otherwise you could just fake the mail sender in the email header itself and maybe the AWS mail server might get flagged for spam (that would affect also other users that is using AWS to send emails).