For some reason I'm having trouble connecting the dots on how to do what seems pretty simple.
How do I log all e-mail sent through the AWS Simple Email Service with specific message details?
That log, at the very minimum, needs to contain the IP address of the sending server. But, I really need the TO
address as well. Backstory - we have several servers that utilize this service, and when one of them acts up and starts sending thousands of e-mails we get alerts through Cloudwatch monitoring - but no way to find out what server is actually sending them.
Immediately, upon research, you find evidence of people really wanting this feature and it not being available. However, newer articles suggest this is possible.
Ideally, I have tried to use Event Publishing to Cloudwatch as described in these two articles: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/monitor-using-event-publishing.html https://docs.aws.amazon.com/ses/latest/DeveloperGuide/event-publishing-add-event-destination-cloudwatch.html
- I created a new SES configuration set.
- I added a cloudwatch destination to this configuration set.
- I specified Event Types of Sends; Rejects; Bounces; Complaints; Deliveries; Rendering Failures
- I chose Value Source of
Message Tag
with Name ofses:source-ip
and Default Value ofsource-ip
.
After some time, no events are published to Cloud Watch.
The documentation just isn't very clear on this whole process, and never gets down the actual details with examples.
There is some suggestion that I might have to add headers to our outgoing e-mail to track, but other suggestions that there are defaults, and that I don't actually have to modify our sending behavior.
Fine-grained – These metrics are categorized by email characteristics that you define using message tags. To publish these metrics to CloudWatch, you must set up event publishing with a CloudWatch event destination and specify a configuration set when you send an email. You can also specify message tags or use auto-tags that Amazon SES automatically provides.
There is also some documentation about using Kinesis Firehose as a destination and it shows examples of very detailed message info - which is exactly what I would love to have: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/event-publishing-retrieving-firehose-examples.html#event-publishing-retrieving-firehose-send
I just don't know which direction to go here and how to set this up.
I need the simplest way to log what seems like basic SES diagnostic information and use it for troubleshooting purposes later. It's hard to believe this information isn't just readily available in the AWS console somewhere.
Did you already see the tutorial ? https://docs.aws.amazon.com/ses/latest/DeveloperGuide/event-publishing-tutorials.html
I hope that could help ya
I've commented on your post first and then suddenly, after whole day of testing, realisation occured in my head.
This realisation came from the AWS blog. Heading "How do message tags work?"
TLDR is, auto-tags are getting applied either if you are using AWS SES
SendEmail/SendRawEmail
API or addingX-SES-CONFIGURATION-SET: CONFIGURATION-SET-NAME
header when using SMTP credentials.Unfortunately for us there is no cheap way of having this kind of detail logged = ).
Kinesis streaming seems like the only option.