Email Amazon SES for xenforo ?

GamerJota · Jul 25, 2016

That's weird, If I set it up like that I get the following error when the boards tries to send e-mails:
Code:
Email to [VALID EMAIL] failed: Could not read from email-smtp.us-east-1.amazonaws.com

eva2000 · Jul 25, 2016

Try re-creating or regenerating your AWS AMI access key/token.

GamerJota · Jul 25, 2016

I did try that, in phpBB TLS works fine, in XenForo only SSL works, otherwise I get the error mentioned above

eva2000 · Jul 25, 2016

GamerJota said: ↑

I did try that, in phpBB TLS works fine, in XenForo only SSL works, otherwise I get the error mentioned above
Click to expand...

strange then. Tried a new AWS AMI user ?

eva2000 · Jul 25, 2016

see Amazon SES SMTP Issues - Amazon Simple Email Service

eva2000 · Jul 25, 2016

also see XF 1.1 - Amazon SES With Xenforo | Page 3 | XenForo Community
@Matt's old post

I've just got it working!

You also need to make sure that if you have the bounce address populated, that is also validated. I've just removed my bounced address (as it was on a different domain), and they are sending now.
Click to expand...

GamerJota · Jul 25, 2016

Tried with a new AMI user, also with the solutions of the topics above, still the same, I guess I will just stick to SSL.

eva2000 · Jul 25, 2016

GamerJota said: ↑

Tried with a new AMI user, also with the solutions of the topics above, still the same, I guess I will just stick to SSL.
Click to expand...

very strange then.

Itworx4me · Feb 6, 2018

I am having issues sending email on port 587 using Amazons SES SMTP. I ran this code:

Code (Text):

ss -lntu

Netid State      Recv-Q Send-Q                                                            Local Address:Port                                                              Peer Address:Port
udp   UNCONN     0      0                                                                             *:53                                                                           *:*
udp   UNCONN     0      0                                                                     127.0.0.1:11211                                                                        *:*
udp   UNCONN     0      0                                                                            :::53                                                                          :::*
tcp   LISTEN     0      0                                                                             *:21                                                                           *:*
tcp   LISTEN     0      0                                                                             *:53                                                                           *:*
tcp   LISTEN     0      0                                                                             *:22                                                                           *:*
tcp   LISTEN     0      0                                                                     127.0.0.1:25                                                                           *:*
tcp   LISTEN     0      0                                                                     127.0.0.1:8891                                                                         *:*
tcp   LISTEN     0      0                                                                     127.0.0.1:9000                                                                         *:*
tcp   LISTEN     0      0                                                                     127.0.0.1:11211                                                                        *:*
tcp   LISTEN     0      0                                                                             *:80                                                                           *:*
tcp   LISTEN     0      0                                                                             *:80                                                                           *:*
tcp   LISTEN     0      0                                                                            :::21                                                                          :::*
tcp   LISTEN     0      0                                                                            :::53                                                                          :::*
tcp   LISTEN     0      0                                                                            :::22                                                                          :::*
tcp   LISTEN     0      0                                                                            :::3306                                                                        :::*

Doesn't show port 587 as being open or used. How would I open port 587 to work with Amazons SES SMTP?

Thanks,
Itworx4me

eva2000 · Feb 6, 2018

Did you request Amazon SES support to take you out of sandbox mode ? If not you want to be able to send live real emails ? Did you test send emails via SES in Xenforo ? You won't see port 587 listed as it's not a listening service.

Did you setup correctly Amazon AMI access key/token. Try re-creating or regenerating your AWS AMI access key/token.

Centmin Mod LEMP stack installs CSF Firewall out of the box, so to be able to remotely connect to external servers, you need to whitelist and allow TCP connections out. Centmin Mod 123.09beta01 by default now should allow port 587 for TCP_OUT and TCP6_OUT in CSF Firewall config file /etc/csf/csf.conf.
Code (Text):
egrep '^TCP_OUT|^TCP6_OUT' /etc/csf/csf.conf
TCP_OUT = "993,995,465,587,1110,1194,9418,20,21,22,25,53,80,8079;8080,8081,8082,110,113,443,587,993,995"
TCP6_OUT = "993,995,465,587,20,21,22,25,53,80,110,113,443,587,993,995"
Also see Centmin Mod LEMP stack CSF Firewall default port listing.

Also see Amazon SES SMTP Issues - Amazon Simple Email Service

Itworx4me · Feb 7, 2018

eva2000 said: ↑
Did you request Amazon SES support to take you out of sandbox mode ? If not you want to be able to send live real emails ? Did you test send emails via SES in Xenforo ? You won't see port 587 listed as it's not a listening service.

Did you setup correctly Amazon AMI access key/token. Try re-creating or regenerating your AWS AMI access key/token.

Centmin Mod LEMP stack installs CSF Firewall out of the box, so to be able to remotely connect to external servers, you need to whitelist and allow TCP connections out. Centmin Mod 123.09beta01 by default now should allow port 587 for TCP_OUT and TCP6_OUT in CSF Firewall config file /etc/csf/csf.conf.
Code (Text):
egrep '^TCP_OUT|^TCP6_OUT' /etc/csf/csf.conf
TCP_OUT = "993,995,465,587,1110,1194,9418,20,21,22,25,53,80,8079;8080,8081,8082,110,113,443,587,993,995"
TCP6_OUT = "993,995,465,587,20,21,22,25,53,80,110,113,443,587,993,995"
Also see Centmin Mod LEMP stack CSF Firewall default port listing.

Also see Amazon SES SMTP Issues - Amazon Simple Email Service
Click to expand...
I finally got xenforo to send email. For some reason I had to verify the boards email address in Amazon. I am not sure why because eveything I read say once you are out of sandbox that it didn't matter which email address worked.

I was wondering if you had to setup a DKIM for outgoing emails from the server? I currently have a DKIM setup to work with Zoho for incoming and outgoing emails. Can you have 2 DKIM?

Thanks,
Itworx4me

eva2000 · Feb 7, 2018

yes AWS SES need to verify email and email domain to cover your bases For outgoing postfix yes DKIM is advised see Email - Steps to ensure your site/server email doesn't end up in spam inboxes

Itworx4me · Feb 7, 2018

eva2000 said: ↑

yes AWS SES need to verify email and email domain to cover your bases For outgoing postfix yes DKIM is advised see Email - Steps to ensure your site/server email doesn't end up in spam inboxes
Click to expand...

I have verified my domain with SES now. I am using AWS SES for outgoing email. So no need to setup postfix.

Thanks for the help @eva2000
Itworx4me

pamamolf · Feb 8, 2018

So even if we use Amazon SES we should have set Dkim records?

I thought that was not needed as SES will take care of it through the SMTP ..... ?

eva2000 · Feb 8, 2018

pamamolf said: ↑

So even if we use Amazon SES we should have set Dkim records?

I thought that was not needed as SES will take care of it through the SMTP ..... ?
Click to expand...

see Email - Steps to ensure your site/server email doesn't end up in spam inboxes

Ensure Proper DNS Records Setup

Ensure you have setup proper SPF, DKIM, DMARC & PTR DNS records for your main hostname i.e. hostname.domain.com and all @domain.com domain names as per outlined and linked instructions at here and Getting Started Guide Step 1 for main hostname (i.e. hostname.domain.com). The addons/opendkim.sh addon in 123.09beta01 will help you setup SPF/DKIM for main hostname of your Centmin Mod server. Without these DNS records for your main hostname and all domain names, the likelihood of your server sent and @domain.com sent emails delivering to target inboxes is lessened and may end up in user's spam box or being rejected.
Click to expand...

There's 2 servers sending outbound emails

1. your centmin mod server via postfix @hostname.domain.com
2. your amazon ses services via @domain.com

need DKIM, SPF, DMARC for both sets of @domain.com and @hostname.domain.com

MaximilianKohler · Jul 2, 2023

eva2000 said: ↑

For forums I don't use postfix relay, I use Xenforo SMTP email options and put Amazon SES SMTP server and username/password
Click to expand...

Can you show your Xenforo "options/groups/emailOptions/" page settings? Presumably you're using xenforo's automated bounce handling? And connect it somehow to Amazon SNS?

I've been reading through a bunch of threads on the xenforo forums and no one is giving clear and full directions for how to set up SES.

This addon might be the easiest way to do it? Beta - Amazon SES Bounces Support
I haven't read another clear explanation of how to set up the automated bounce handling.

EDIT: I found this XF 2.0 - Bounce Email - use a dedicated gmail address (bounces9384@gmail) to handle bounces. Is that what you're using?

eva2000 · Jul 2, 2023

MaximilianKohler said: ↑

I found this XF 2.0 - Bounce Email - use a dedicated gmail address (bounces9384@gmail) to handle bounces. Is that what you're using?
Click to expand...

Yup that's all I use for Bounce but not gmail account just a separate @mydomain.com email account with IMAP access.

Log in / Register

Forums

Welcome to Centmin Mod Community

Email Amazon SES for xenforo ?

GamerJota Member

eva2000 Administrator Staff Member

GamerJota Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

GamerJota Member

eva2000 Administrator Staff Member

Itworx4me Premium Member Premium Member

eva2000 Administrator Staff Member

Itworx4me Premium Member Premium Member

eva2000 Administrator Staff Member

Itworx4me Premium Member Premium Member

pamamolf Well-Known Member

eva2000 Administrator Staff Member

MaximilianKohler Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Welcome to Centmin Mod Community

Email Amazon SES for xenforo ?

GamerJota Member

eva2000 Administrator Staff Member

GamerJota Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

GamerJota Member

eva2000 Administrator Staff Member

Itworx4me Premium Member Premium Member

eva2000 Administrator Staff Member

Itworx4me Premium Member Premium Member

eva2000 Administrator Staff Member

Itworx4me Premium Member Premium Member

pamamolf Well-Known Member

eva2000 Administrator Staff Member

MaximilianKohler Member

eva2000 Administrator Staff Member

.