使用 AWS SES 接收电子邮件

Joe.Ye 2023-03-25 云运维

AWS SES: https://console.aws.amazon.com/ses/home
参考文档:https://docs.aws.amazon.com/zh_cn/ses/latest/DeveloperGuide/receiving-email.html

配置SES邮件代收

Email Receiving -> Rule Sets -> Create a Receipt Rule

  • Recipients: Add Recipient
  • Actions: Add action (S3 & Lambda)
  • Rule details: Rule name (appblog-ses-receipt-rule-set)
  • Review

S3配置

创建S3 bucket,名称为appblog-ses,默认权限(即阻止公共访问权限)

Receipt RuleReview阶段报错:

Could not write to bucket: appblog-ses (Request ID: 18fc830c-2a55-4ab0-b646-835466d113e0)

则配置SES访问S3的权限:S3 bucket详情 -> 权限 -> 存储桶策略

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowSESPuts",
            "Effect": "Allow",
            "Principal": {
                "Service": "ses.amazonaws.com"
            },
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::BUCKET-NAME/*",
            "Condition": {
                "StringEquals": {
                    "aws:Referer": "AWSACCOUNTID"
                }
            }
        }
    ]
}
  • BUCKET-NAME为S3 bucket名称,即appblog-ses
  • AWSACCOUNTID当前登录账号ID,即去横杆的一串数字

参考:https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html
参考:https://stackoverflow.com/questions/41819286/how-to-give-amazon-ses-permission-to-write-to-your-amazon-s3-bucket

Lambda配置

AWS Lambda: https://console.aws.amazon.com/lambda/home

创建Lambda函数

Lambda -> 创建函数

  • 从头开始创作
  • 函数名称:SesForwarder
  • 运行时:Node.js 8.10 (参考aws-lambda-ses-forwarder)
  • 权限:创建具有基本 Lambda 权限的新角色

编辑Lambda函数脚本

AWS Lambda SES Email Forwarder: https://github.com/arithmetric/aws-lambda-ses-forwarder
脚本内容参考: https://github.com/arithmetric/aws-lambda-ses-forwarder/blob/master/index.js

只需修改配置内容:

var defaultConfig = {
  fromEmail: "forwarder@appblog.cn",
  subjectPrefix: "",
  emailBucket: "appblog-ses",
  emailKeyPrefix: "appblog/",
  forwardMapping: {
    "support@appblog.cn": [
      "joe@appblog.cn",
      "admin@appblog.cn",
      "test@appblog.cn"
    ],
    "develop@appblog.cn": [
      "joe@appblog.cn",
      "admin@appblog.cn",
      "test@appblog.cn"
    ]
  }
};

编辑Lambda函数脚本

IAM: https://console.aws.amazon.com/iam/home

创建策略

(1)访问管理 -> 策略 -> 创建策略 -> JSON

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
            "logs:CreateLogGroup",
            "logs:CreateLogStream",
            "logs:PutLogEvents"
         ],
         "Resource": "arn:aws:logs:*:*:*"
      },
      {
         "Effect": "Allow",
         "Action": "ses:SendRawEmail",
         "Resource": "*"
      },
      {
         "Effect": "Allow",
         "Action": [
            "s3:GetObject",
            "s3:PutObject"
         ],
         "Resource": "arn:aws:s3:::S3-BUCKET-NAME/*"
      }
   ]
}

(2)查看策略 -> 设置名称为LambdaSesForwarderPolicy -> 创建策略

附加策略

(1)访问管理 -> 角色

找到前面创建Lambda函数时创建的具有基本Lambda权限的新角色:SesForwarder-role-xxxxxx,并点击进入摘要页

(2)点击附加策略,选择刚刚创建的策略LambdaSesForwarderPolicy附加策略即可

版权声明:
作者:Joe.Ye
链接:https://www.appblog.cn/index.php/2023/03/25/receiving-emails-using-aws-ses/
来源:APP全栈技术分享
文章版权归作者所有,未经允许请勿转载。

THE END
分享
二维码
打赏
海报
使用 AWS SES 接收电子邮件
AWS SES: https://console.aws.amazon.com/ses/home 参考文档:https://docs.aws.amazon.com/zh_cn/ses/latest/DeveloperGuide/receiving-email.html 配置SES……
<<上一篇
下一篇>>
文章目录
关闭
目 录