I'm working on deploying a rails site that will be sending emails (checkout confirmations, alerts, etc) from an EC2 server. What are some best practices for doing this successfully?
There are two things that I think
- Tradeoffs when choosing an SMTP provider (Google apps vs. a paid service?)
- Proper DNS and server settings to make it less likely that your email is marked as spam
Pointers to any resources are greatly appreciated.
Thanks!
It has been repeatedly said that EC2 instances are bad for email service. The reason given is that Amazon's IP ranges have been abused by spammers in the past, spammers who just rented a EC2 instance for a few hours to send spam. Thus Amazon IP's should now carry a negative reputation in IP address based DNSBL's.
I can't say if the above about Amazon IP's is entirely true or not. What you can do is verify your IP address with a tool like MXToolbox's checker.
If you decide to set up a mailserver on EC2, then hunt around on this site for best practices. My short list of this you absolutely must do (there can be more) is:
For a more comprehensive discussion of best practices, see this large Stack Overflow thread.
Reverse DNS is usually handled by the netblock owner, i.e. Amazon. See this from Amazon regarding reverse DNS.
Much of the above will have to be re-done if your IP address changes. So be sure to get a permanent IP in Amazon's cloud. All in all, I don't think cloud hosting is ideal for SMTP service...
for EC2 sites, I've following this Page and found it worked great. They even offer a fully working EC2 package if you want to start using a pre-build one.
Some key things to remember includes setting up a SPF address in your DNS entry and setting up RDNS and finally disabling RELAYING within your SMTP Server
Other than that, you be a fully welcomed member of the SMTP community.
I'd send email from EC2 instances through an encrypted, authenticated connection to a non-EC2 relay on address space that you own and monitor for blacklisting.
Then it might actually stand a chance of being delivered.
You can't depend on an EC2 instance's IP address reputation, nor will you be able to get it removed from blacklists (this sometimes requires proof that you own the IP address block)
Also, you can't rely on an EC2 instance having a disc which won't disappear without warning, so your queued mail may vanish at any moment.
I am doing this now; it is less than ideal. Particularly because reverse DNS is unworkable on EC2 (Amazon won't let you modify it).
I had to have my IP address (an "Elastic" address) removed from a couple of RBLs that had proactively added all of Amazon's space, but so far it works (just; I have to keep a close eye on the rejections). I haven't seen many rejections lately.
Eventually, I'll probably move the service to AuthSMTP or similar. I've also set up a hosted Gmail account, but I'm not sure if that will work yet (the Rails developer hasn't reconfigured the application to give it a shot). I think the authentication (Gmail requires secure authentication, I believe), might pose an issue.
Mark's comment on the disk disappearing is correct, but you can mitigate that by using an EBS-backed volume.
If you fill out this form and include your Elastic IP addresses, your IP addresses will not be listed on the blacklists (after a couple of days) unless you actually start spamming from them.
https://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ec2-email-limit-rdns-request
By default, EC2 IP addresses are greylisted on most spam lists due to their dynamic nature. Submitting the request above will make it so your IP addresses aren't grey listed.
This has changed! It seems AWS has that problem under control. You must now contact support if you want to send a larger number of emails, so that they can unlock it for you:
http://aws.amazon.com/contact-us/ec2-email-limit-request/
They also support reverse DNS entries now.
The result: We have no email sending issues :-)