Trying to send mail from Amazon EC2 server with java code but getting an exception like -
Exception in thread "main" Status Code: 403, AWS Request ID: 3e9319ec-bc62-11e1-b2ea-6bde1b4f192c, AWS Error Code: AccessDenied, AWS Error Message: User: arn:aws:iam::696355342546:user/brandzter is not authorized to perform: ses:SendEmail
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:500)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:262)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:166)
at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.invoke(AmazonSimpleEmailServiceClient.java:447)
at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.sendEmail(AmazonSimpleEmailServiceClient.java:242)
at brandzter.util.SESExample.SendMail(SESExample.java:46)
at brandzter.util.SESExample.<init>(SESExample.java:31)
at brandzter.util.SESExample.main(SESExample.java:52)
Java Result: 1
My credential is ok don't know why I am unable to send email here. will I need to configure/update any setting in server?
It is possible to send emails from an EC2 instance. You must fill in an online form with Amazon to remove the sending restrictions and set up the reverse DNS.
According to the EC2 FAQ there's a limitation. aws.amazon.com/ec2/faqs Q: Are there any limitations in sending email from Amazon EC2 instances? Yes. In order to maintain the quality of Amazon EC2 addresses for sending email, we enforce default limits on the amount of email that can be sent from EC2 accounts.
SMTP traffic is blocked by your security groups or network access control lists (network ACL) on default port 25, port 587, or port 465. Note: By default, outbound traffic is blocked on port 25 (SMTP) for all EC2 instances and AWS Lambda functions.
You user is not authorized in Identity and Access Management (IAM) to send email to SES.
Error 403 refers to the HTTP code 403 Unauthorized.
The error at the end tells you what permission you are lacking.
arn:aws:iam::696355342546:user/brandzter is not authorized to perform: ses:SendEmail
Alternately your AWS account may not be signed up for the Simple Email Service, but I doubt that is the problem.
You can add a group to IAM that is allowed just the sendEmail action with the following policy:
{
"Statement": [
{
"Action": [
"ses:SendEmail"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
]
}
Alternately you can give it a policy that allows it to execute any action on SES with:
{
"Statement": [
{
"Action": [
"ses:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}
]
}
In my case i Went to IAm console, choose my user and attach policy AmazonSESFullAccess
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With