Installation Guide

SES Configuration

To configure AWS Simple Email Service (SES) as a SMTP Relay for WorkSpaces Manager, we will need to do the following steps:
1) DNS Domain to be used as sender
2) Create DNS records as requested
3) Create SMTP Credentials
4) Test emails
5) Configure WSM

First, navigate to Amazon SES and click on “Create Identity”:

As identity type, we need to choose domain and use the right name of our DNS domain. By default, we will also use DKIM (DomainKeys Identified Mail) to ensure messages are not altered in transit.

Once requested, the identity will have a status of “Verification pending” and will show the records that need to be created in our DNS for the domain that we are verifying:

These CNAME records will be different for each request:

Once the records are created, wait for 10-15 minutes for them to be published and replicated:

Once the replication happens, AWS will check the status and set the domain as “verified” the endpoint is able to send emails and DKIM successfully registered:

Now, you will generate a credential in AWS IAM to consume the endpoint in the dashboard of the SES service. Select the button to “Create SMTP Credentials”, in which we can also see important information like:
SMTP Endpoint
TLS Ports (recommended 587)

For the credentials, we are creating an IAM User in the AWS account with SES Sending permissions. It is very important to save the SMTP Credentials in a secure location, since these are only displayed once, although they can be downloaded via a CSV file:

You can check to test the email flow works, by clicking on the “Send test email”:

There are several options that you can choose here, so feel free to investigate each one of the boxes:

It is important to mention that when a new SES Identity is created, the domain is set to type “Sandbox”, which means that it can exclusively send emails to and from the very same domain that is registered. If we need to send to different DNS domains, then we need to contact AWS Support and ask to convert the domain from “Sandbox” to “Production”, as explained here:
https://docs.aws.amazon.com/ses/latest/dg/request-production-access.html

With the information that we have generated, we can populate the SMTP credentials in WorkSpaces Manager:

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment