Have you ever thought of setting up your web or application server with your own email server? Well, when you setup a application it is likely to have your own email server to handle incoming and outgoing mail to your domain. Before I get into my topic I assume that you got some basic knowledge of AWS. Here I am going to explain you how to setup a simple postfix email server with AWS SES to handle all your email. For any kind of more information please refer AWS SES doc. Lets put it in simple way. We have two phases in this implementation.
- Configure SES with Domain
- Configure postfix and integrate with SES on EC2
Configure SES with Domain
Amazon SES requires that you verify your email address or domain, to confirm that you own it and to prevent others from using it. When you verify an entire domain, you are verifying all email addresses from that domain, so you don’t need to verify email addresses from that domain individually. For example, if you verify the domain example.com, you can send email from firstname.lastname@example.org, email@example.com, or any other user at example.com. Lets verify our domain name with SES.
- Go to the AWS console management and click on the SES.
- Click on the Domain availabe on left top corner.
- Click verify new Domain.
- On the Verify a New Domain, for Domain, type the name of the domain that you registered using Route 53, and then choose Verify This Domain.
- On the Verify a New Domain dialog box, choose Use Route 53. Your Domain Verification and Email Receiving Record will be updated in Route 53.
If you don’t see Use Route 53 your domain may not be registered with Route 53.
- Once verified your domain, you can use any email address from this domain as your email.
- To establish connection between postfix and SES you will need SMTP credential.
- Now choose the SMTP settings in same SES console.
- Choose Create My SMTP Credential.
- Give the user name and click create.
- Download the credentials this will be uses when you configure server.
Configure postfix and integrate with SES on EC2
In this section you are going to install and configure postfix on EC2 instance.
- You should have up and running EC2 machine.
- Open port 25(SMTP) and 22(SSH) for all security group.
Lets get started
Lets login to machine using putty or ssh client. Now need to create a domain on Route53.
- Go to the AWS console and choose Route53.
- Choose Hosted Zone and select your domain where you wish to configure.
- Click on create record set to add a new record set, then select A-IPv4 address for the resource type.
- Add subdomain name in NAME field and enter a record value that is your EC2 IP.
- Set the desired TTL.
- Then click on Create button.
Now we will install Postfix on our EC2 machine.
sudo apt-get update sudo apt-get install postfix
Now we need to make some changes in postfix configuration file. Lets do it one by one.
To integrate our postfix with SES we need to add some more line in main.cf.
vim /etc/mailname example.com
vim /etc/postfix/main.cf mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain myhostname = example.com myorigin = /etc/mailname relayhost = [email-smtp.us-east-1.amazonaws.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_use_tls = yes smtp_tls_security_level = encrypt smtp_tls_note_starttls_offer = yes smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
Value of relay host will change depending upon SES region you use.
Comment out of the following line of master.cf file by putting # infront of it:
vim /etc/postfix/master.cf #-o smtp_fallback_relay=
Edit the file /etc/postfix/sasl_passwd if not present please create it:
vim /etc/postfix/sasl_passwd [email-smtp.us-west-2.amazonaws.com]:587 IAMUSERNAME:PASSWORD
NOTE: Add your SMTP username and password that you downloaded. Save and close the file and use the below command to create hashmap database.
sudo postmap /etc/postfix/sasl_passwd
Stop and Start Postfix:
sudo service postfix stop sudo service postfix start