Hey so I used MXToolBox ( https://mxtoolbox.com/ ) to check the headers on one of the emails sent from my system and noticed we were blacklisted on SORBS ( http://support.sorbs.net/ ).
I use AWS SES to send emails from our system for Forgot Password, Verify Email etc.
I sent a request to be removed from the blacklist and they accepted my request but said we were caught by a Spam Trap. He gave me an example of the most recent email that was captured by the Spam Trap with Host & Domains hidden.
The subject for the email was "CoronaVirus Update (COVID-19)" and the From field was "From: Raj Rummy". I have never heard of that name and no one in my company sent any emails with that subject.
Is the IP Address that my emails get sent from directly tied to me or are they more generic AWS IP Addresses that can be tied to multiple AWS SES accounts?
If it is directly tied to me how would I go about figuring out how they got access to send emails from my IP Address?
AWS SES will use its own managed set of IP address for e-mail sending. You can however apply for a dedicated (leased) IP address as described here. Extra costs apply as described here.
In order to perform tracing for e-mail sending in AWS SES, you should monitor your sending activity. This will not only allow you to investigate such events but it will allow you to track bounces/complaints effectively and proactively (i.e. raise an alarm when bounce rate is above threshold).