I have an scalable environment on amazon cloud. I want to send emails (transactional, mailing) from EC2 instances.
I am using one elastic Ip for my load balancer. I have installed postfix on all my instances.
Now, I got mail from amazon saying this
"You recently reached a limit on the volume of email you were able to send out of SMTP port 25 on your instance:"
1) Do I have to use any mail service provider to send mails (eg: http://aws.amazon.com/ses/)?
2) I googled it, people suggesting to send request to amazon through this link
https://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ec2-email-limit-rdns-request
If I have go with 2nd option, Do I have to take another elastic ip?
Could somebody explain me the proper way to send request.
I sent request to Amazon. They have removed the limit.
Related
Anybody here has experience with configuration SMTP on Cpanel host by AWS EC2.
After I have done configurations, DKIM is valid, SPF is valid, but PTR is not valid (reverse DNS). Then when I sent a test email to mail-tester.com, it was 3/10. Here is the error message
We didn't find a server (A Record) behind your hostname ip-172-31-1-135.ap-southeast-1.compute.internal.
You may want to publish a DNS record (A type) for the hostname
ip-172-31-1-135.ap-southeast-1.compute.internal or use a different hostname in your mail software.
I'm a newbie for DNS stuff, if you need more information, please give me a comment.
You should configure your mail server software to use your custom hostname (for example mail.example.com), not the AWS assigned default (such as ip-172-31-1-135.ap-southeast-1.compute.internal)
You need to contact AWS support to have PTR record configured https://aws.amazon.com/blogs/aws/reverse-dns-for-ec2s-elastic-ip-addresses/
Keep in mind that Amazon EC2 throttles traffic on port 25 of all EC2 instances by default, but you can request for this throttle to be removed: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/
If you want to receive emails on this server you can't change port number from 25 to something else as other servers will try to connect on this port to deliver emails. You also have to ask AWS to remove throttle on port 25 as stated before.
If you haven't already, create A DNS record for cpanel.mydomain.com pointing to your elastic IP (it is important that you have elastic IP not automatically assigned public IP)
Finally, I got 9.8/10 after tweaking some configuration and waiting for AWS Support to map Elastic IP to my domain name, then I can get 10/10
Most importantly, have to make sure hostname has to your my domain
1. set hostname
sudo hostname cpanel.mydomain.com
Set it automatically
cd /etc/dhcp/dhclient-exit-hooks.d/
sudo nano set-hostname.sh
file set-hostname.sh
#!/bin/sh
hostname cpanel.mydomain.com
/scripts/fixetchosts
For more detail, please free to reference here
I have already migrated my app but there still are users that use the old parse url, which then sends the traffic to my self-hosted databse. I need to whitelist parse's IP range so that my MongoDB is not exposed to anyone.
I have already found an answer here that mentions:
you can try whitelisting the IP addresses currently published by Amazon for AWS US-East
I need to know whether this answer is still relevant.
Thanks.
I have deployed application to Win Azure Virtual Machine.
but when i try to send email, almost all S.M.T.P. rejects my Message or sends it to spam.
i have set up SPF + DKIM + Dmarc on my domain.
only one thing i suppose the problem should be is PTR for my VIP of VM.
Can i Use Route 53 for that?
or I should use other SMTP provider like... sendgrid, Amazon SES ?
please Help friends
thanks
It's a bad idea to send email directly from Azure. It will almost certainly be treated as spam. It's hard enough setting up a valid email server to send mail. Adding a scalable provider to the mix only makes it more complicated to avoid getting flagged.
SendGrid integrates very nicely, and can be configured via SMTP or through use of their API. Here are instructions from Microsoft on how to get up and running quickly.
Also, here is a similar question on ServerFault.com
Azure don't allow us to add PTR record for our VIP of Virtual machine. So, many mail server will consider mail as spam message.
Right now we are using Amazon SES and it works very well and also far cheaper than SendGrid.
Can an Amazon EC2 instance process requests from and return results to an external client which may a browser or non-browser application? (I know that the EC2 instance will require a IP address and must be able to create a socket and bind to a port in order to do this.)
I'm considering an Amazon EC2 instance because the server application is not written in PHP, Ruby or any other language that conventional web hosting services support by default.
Sure it will. Just setup the security group the right way to allow your clients to connect.
Take a look at this guide: Amazon Elastic Compute Cloud - Security Groups
Also keep in mind: It's not possible to change the policy group after you created the EC2 instance. This feature is available for VPC instances only. See http://aws.amazon.com/vpc/faqs/#S2 for more information.
From where do I get the correct syntax to create a proper SPF record for EC2 amazon server? I understand how to create a dns entry but I have no idea what to put in place for the SPF record.
This is very easy to do:
Provision an Elastic IP for your server
Setup an "A" record for the server which will be sending mail with your favorite registrar- a good practice to follow is to include "svr" somewhere in the hostname, as in, app-svr-01.youdomain.com
Click here to contact amazon and ask for a reverse dns record for the IP
add the following somewhere in your SPF record and you should be good to go:
a:app-svr-01.youdomain.com
Note: if you need to relay mail through this server from your other AWS servers, or communicate between servers in any other way, you shoukd not use this new FQDN, but rather the AWS FQDN from the AWS console (it will look like ec2-xxx-xxx-xx-xx.compute-1.amazonaws.com).
Using your custom domain name will route through the "WAN" and incur bandwidth charges.
You can use the Amazon Simple Email Service (SES). If you only use this service (and not directly), then your SPF can be as simple as described in the FAQ:
http://docs.amazonwebservices.com/ses/latest/DeveloperGuide/SPF.html
maybe changing it to a definite fail on mismatch:
v=spf1 include:amazonses.com -all
Creating an SPF record for an EC2 instance is a waste of time. Every major ISP and blacklist will blackhole mail from an EC2 IP no matter what you do. Since anyone can spin up an instance, get a new IP, send spam and disappear, nobody trusts their mail.
Use an external mail server, like SendGrid.