Amazon SES 535 Authentication Credentials Invalid

StackOverflow https://stackoverflow.com/questions/21452278

  •  04-10-2022
  •  | 
  •  

質問

In the code below I tried 2 combinations

  1. The User (refer to attached image), the password
  2. The Access ID and the Access Key

Both gave the same error. I ran this code in my eclipse environment in my home network.

Error

Attempting to send an email through the Amazon SES SMTP interface...
The email was not sent.
Error message: 535 Authentication Credentials Invalid

Amazon SES Users

Code

public class amazon_ses_smtp_test {

    static final String FROM = "someone@myemail.com";   // This has been verified on the Amazon SES setup
    static final String TO = "justanyone@anydomain";  // I have production access

    static final String BODY = "This email was sent through the Amazon SES SMTP interface by using Java.";
    static final String SUBJECT = "Amazon SES test (SMTP interface accessed using Java)";

    static final String SMTP_USERNAME = "tried username and tried accesskey here";
    static final String SMTP_PASSWORD = "tried the password and the access key"; 

    static final String HOST = "email-smtp.us-east-1.amazonaws.com";    

    static final int PORT = 25;

    public static void main(String[] args) throws Exception {

        Properties props = System.getProperties();
        props.put("mail.transport.protocol", "smtp");
        props.put("mail.smtp.port", PORT); 

        props.put("mail.smtp.auth", "true");
        props.put("mail.smtp.starttls.enable", "true");
        props.put("mail.smtp.starttls.required", "true");

        Session session = Session.getDefaultInstance(props);

        MimeMessage msg = new MimeMessage(session);
        msg.setFrom(new InternetAddress(FROM));
        msg.setRecipient(Message.RecipientType.TO, new InternetAddress(TO));
        msg.setSubject(SUBJECT);
        msg.setContent(BODY,"text/plain");

        Transport transport = session.getTransport();

        try
        {
            System.out.println("Attempting to send an email through the Amazon SES SMTP interface...");

            transport.connect(HOST, SMTP_USERNAME, SMTP_PASSWORD);
            transport.sendMessage(msg, msg.getAllRecipients());
            System.out.println("Email sent!");
        }
        catch (Exception ex) {
            System.out.println("The email was not sent.");
            System.out.println("Error message: " + ex.getMessage());
        }
        finally
        {
            transport.close();          
        }
    }
}
役に立ちましたか?

解決

Important

Your SMTP user name and password are not the same as your AWS access key ID and secret access key. Do not attempt to use your AWS credentials to authenticate yourself against the SMTP endpoint. For more information about credentials, see Using Credentials With Amazon SES.

Here's the link: http://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html

他のヒント

The issue is fixed in our case with the following : The AWS SMTP had special characters in its credentials . The credentials have to be url encoded and then provided in the configuration.

If you're using Terraform, you can use the following .tf file so that you can get the proper data

resource "aws_iam_user" "smtp_user" {
  name = "smtp_user"
}

resource "aws_iam_access_key" "smtp_user" {
  user = aws_iam_user.smtp_user.name
}

data "aws_iam_policy_document" "ses_sender" {
  statement {
    actions   = ["ses:SendRawEmail"]
    resources = ["*"]
  }
}

resource "aws_iam_policy" "ses_sender" {
  name        = "ses_sender"
  description = "Allows sending of e-mails via Simple Email Service"
  policy      = data.aws_iam_policy_document.ses_sender.json
}

resource "aws_iam_user_policy_attachment" "test-attach" {
  user       = aws_iam_user.smtp_user.name
  policy_arn = aws_iam_policy.ses_sender.arn
}

output "smtp_username" {
  value = aws_iam_access_key.smtp_user.id
}

output "smtp_password" {
  value = aws_iam_access_key.smtp_user.ses_smtp_password_v4
}

This will output the user name and password needed for SMTP authentication for the region.

This will do the proper computation for the password.

I found that it's not enough to create the SES SMTP credentials. After you do that, go to Domains, select your domain, Identity Policies, Policy Generator. You'll need to get the SMTP user's ARN, which you can find in the IAM section.

The smtp password is not the same as the secret access key. The smtp password can be obtained from your access key as described here on AWS docs: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert

Obtaining Your Amazon SES SMTP Credentials

You need an Amazon SES SMTP user name and password to access the Amazon SES SMTP interface. You can use the same set of SMTP credentials in all AWS regions.

Important

Your SMTP user name and password are different from your AWS access key ID and secret access key. For more information about credentials, see Using Credentials With Amazon SES.

Follow this doc to get SMTP credentials

https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html

ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top