I’m having trouble moving from SendGrid to Amazon SES.
Could someone kindly share their settings from app.yml or confirm mine are correct?
## TODO: The SMTP mail server used to validate new accounts and send notifications
DISCOURSE_SMTP_ADDRESS: email-smtp.eu-west-2.amazonaws.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: xxxxxxx
DISCOURSE_SMTP_PASSWORD: "xxxxxxxxxx"
DISCOURSE_SMTP_ENABLE_START_TLS: true # (optional, default true)
DISCOURSE_SMTP_AUTHENTICATION: login
The domain is verified at SES, you don’t need the SMTP auth parameter.
Additionally, you may have to get your ses account out of sandbox if not already done and request a limit increase. The sandbox condition applies per-region
I’m still at a loss as to why no emails are being sent via AWS SES.
When I send a test email via the admin page of our Discourse it simply says ‘sent’. Trying a lost password request also goes through the motions correctly but no email ever arrives.
I don’t think SES logs, so can I can’t check to see if it’s even receiving the emails.
The only thing which may cause a problem is that our reply-to address is using a gmail.com account , rather than our site domain.
Has anyone run in to this combination / scenario before?
That’s the email address that will be in the from line. It needs to be an address in the domain that SES will send from. SES won’t send mail that pretends to be coming form gmail. You don’t have control over gmail.com, so SES won’t send mail with that in the from line. notification_email should be something@yourverifieddomain
I use SES as well and it works well for me. The only difference I can see in comparison is that the DISCOURSE_SMTP_AUTHENTICATION: login line does not exist in mine. Also that DISCOURSE_SMTP_ENABLE_START_TLS: true and DISCOURSE_SMTP_PORT: 587 are both commented out, though that shouldn’t make a difference.
The only 3 lines that I modify in the app.yml is the SMTP address, username and password. The rest is commented out as-is from a fresh install and using defaults. After rebuild I just need to ensure that the site setting notification email is set to an address which uses a domain verified on SES. I don’t use quotes on the password anymore, but my older installs did and it worked fine either way.
Yeah would be worth trying changing the reply-to address to use an address using the verified SES domain as recommended in the above reply, just to test if that will make it send properly.
If it doesn’t work, I’d check if your host is blocking some ports and perhaps double check that the SES credentials were generated correctly. I see you’ve confirmed above that your domain is verified with SES.
The reply to address is on the same domain as the from domain yeah, but on some instances it’s not the same subdomain (still the same root domain though). Both cases work fine for me.
I’m sure that you caught this -> have you verified the outgoing email address that discourse uses to send?
If it is notify@yourverifieddomain, you need to go into SES, second row under ‘Identity Management’ and add then verify the sending email. Nothing goes out until you do this.
No alarms, no sirens, just no go.
Having a gmail reply is great. That is what I did. Then members authorization emails were getting spam blocked because From and Reply didn’t match.
Eventually I wrote a simple AWS Lambda (took a week to learn how) that forwards incoming email to the Discourse API. Very clean. No POSTIX.