I setup email receiving for patty at smylee.com using Amazon SES.
During this project I learned that in order to decrypt messaging using SES built-in encryption, you must decrypt using an
Encryption Client available only in AWS SDK for Java and Ruby.
Because of this restriction, in this code, during the s3 event message to sqs phase, the lambda function encrypts the file at rest and removes the original.
- SES (RECEIVING) -> Send message to S3
- S3 -> Writes email file to raw directory in S3
- Lambda -> Encrypt the raw file, place into encrypted directory, deletes the original raw email file, and then sends a message to SQS.
- SQS -> Receives message and waits for something to poll it.
Process Email in Message Queue
- CloudWatch Rule -> Triggers lambda function on schedule.
- Lambda -> Will poll the queue for any messages waiting to be processed. It will then decrypt the email in the encrypted directory, change the reply-to email and send the original email (minus the original sender) to the email specified in the lambda function.
- SES -> Send the email message
- Email appears in the email provided in the lambda function.
More information and steps to set this up can be found at: https://github.com/smyleeface/smylee_com_ses
I also added an alarm if the SQS gets too large in a short period of time, it will trigger a CloudWatch alarm.