使用 AWS SES 接收电子邮件

AWS SES: https://console.aws.amazon.com/ses/home
参考文档:https://docs.aws.amazon.com/zh_cn/ses/latest/DeveloperGuide/receiving-email.html

配置SES邮件代收

Email Receiving -> Rule Sets -> Create a Receipt Rule

  • Recipients: Add Recipient
  • Actions: Add action (S3 & Lambda)
  • Rule details: Rule name (appblog-ses-receipt-rule-set)
  • Review

S3配置

创建S3 bucket,名称为appblog-ses,默认权限(即阻止公共访问权限)

Receipt RuleReview阶段报错:

1
Could not write to bucket: appblog-ses (Request ID: 18fc830c-2a55-4ab0-b646-835466d113e0)

则配置SES访问S3的权限:S3 bucket详情 -> 权限 -> 存储桶策略

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowSESPuts",
"Effect": "Allow",
"Principal": {
"Service": "ses.amazonaws.com"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::BUCKET-NAME/*",
"Condition": {
"StringEquals": {
"aws:Referer": "AWSACCOUNTID"
}
}
}
]
}
  • BUCKET-NAME为S3 bucket名称,即appblog-ses
  • AWSACCOUNTID当前登录账号ID,即去横杆的一串数字

参考:https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html
参考:https://stackoverflow.com/questions/41819286/how-to-give-amazon-ses-permission-to-write-to-your-amazon-s3-bucket

Lambda配置

AWS Lambda: https://console.aws.amazon.com/lambda/home

创建Lambda函数

Lambda -> 创建函数

  • 从头开始创作
  • 函数名称:SesForwarder
  • 运行时:Node.js 8.10 (参考aws-lambda-ses-forwarder)
  • 权限:创建具有基本 Lambda 权限的新角色

编辑Lambda函数脚本

AWS Lambda SES Email Forwarder: https://github.com/arithmetric/aws-lambda-ses-forwarder
脚本内容参考: https://github.com/arithmetric/aws-lambda-ses-forwarder/blob/master/index.js

只需修改配置内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
var defaultConfig = {
fromEmail: "forwarder@appblog.cn",
subjectPrefix: "",
emailBucket: "appblog-ses",
emailKeyPrefix: "appblog/",
forwardMapping: {
"support@appblog.cn": [
"joe@appblog.cn",
"admin@appblog.cn",
"test@appblog.cn"
],
"develop@appblog.cn": [
"joe@appblog.cn",
"admin@appblog.cn",
"test@appblog.cn"
]
}
};

编辑Lambda函数脚本

IAM: https://console.aws.amazon.com/iam/home

创建策略

(1)访问管理 -> 策略 -> 创建策略 -> JSON

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*"
},
{
"Effect": "Allow",
"Action": "ses:SendRawEmail",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::S3-BUCKET-NAME/*"
}
]
}

(2)查看策略 -> 设置名称为LambdaSesForwarderPolicy -> 创建策略

附加策略

(1)访问管理 -> 角色

找到前面创建Lambda函数时创建的具有基本Lambda权限的新角色:SesForwarder-role-xxxxxx,并点击进入摘要页

(2)点击附加策略,选择刚刚创建的策略LambdaSesForwarderPolicy附加策略即可

Powered by AppBlog.CN     浙ICP备14037229号

Copyright © 2012 - 2020 APP开发技术博客 All Rights Reserved.

访客数 : | 访问量 :