DOCSLIB.ORG

Mail Automation by AWS SES with Salesforce Integration

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mail Automation by AWS SES with Salesforce Integration Contents Mail Automation by AWS SES with Salesforce Integration 2 Introduction 2 Amazon SES 2 Prerequisites 2 Architecture 2 Email Automation Steps in AWS Could Services 3 Step 1: Set up Your Domain 3 Step 2: Configure Your S3 Bucket 3 Step 3: Create an IAM Policy and Role: 4 Step 4: Create a Lambda Function 5 Step 5: Create a Receipt Rule Set: 6 Step 6: Test the Function 6 Troubleshooting 7 Costs of using this solution 7 Limitations 7 Conclusion 7 1 Mail Automation by AWS SES with Salesforce Integration Introduction The Business analysis is to automate the process of sending reply mail to authorized user from the mail id with its domain and mail id registered with Amazon SES. The reply mail body contains case id which is generated in Salesforce through AWS Lambda function. Following are the services required from AWS. Amazon SES Amazon Simple Email Service (SES) is a cost-effective, flexible, and scalable email service that enables developers to send transactional email or any type of high-quality content to receivers. Amazon SES's helps in protecting sender reputation by its flexible IP deployment and email authentication options. This service is mainly used to send mails securely and globally. Use Case: A solution for forwarding inbound emails to domains that are not managed by Amazon SES. Going forward, we will get an idea, how to forward incoming email to an email address that is managed outside of Amazon SES by deploying python code in AWS Lambda, Amazon SES, Amazon S3. Prerequisites To complete this use case, we need to have a domain that receives incoming email. If you do not already have a domain, you can purchase one through Amazon Route 53. Architecture The following architecture shows the flow of this solution using multiple AWS services. 2 The following actions occur in this solution: 1. A new email is sent from an external sender to your domain. All the incoming mails of your domain are handled by Amazon SES. 2. An Amazon SES receipt rule saves the incoming message with message id in an S3 bucket. 3. An Amazon SES receipt rule triggers the execution of a Lambda function. 4. The Lambda function retrieves the message id from S3, and then creates a new case object in salesforce. Salesforce sends mail content and particular object id to lambda. 5. Lambda receives that content and sends it to Amazon SES. 6. Amazon SES sends the message to the destination i.e., recipient’s mail address. Email Automation Steps in AWS Could Services Step 1: Set up Your Domain 1. In Amazon SES, domain verification needs to be done that you want to use to receive incoming email. For the new users the account will be in a test environment which is known as Amazon SES sandbox, so verify the recipient's mail address also. 2. Register that domain and verify by adding SES TEXT value in domain. Once, addition of domain done successfully then with 30min, domain will be verified from AWS. 3. Add the following MX record to the DNS configuration for your domain: 10 inbound-smtp.<regionInboundUrl>.amazonaws.com If the region you are using is US East (N. Virginia), then replace <regionInboundUrl> with us-east-1. 4. Add SES IP range to your mail domain server. Whitelisting of IP in organization level should be communicated to AWS. 5. Submit a request to remove your account if your account is still in the Amazon SES. Sandbox. Step 2: Configure Your S3 Bucket 1. In Amazon S3, create a new bucket or choose existing bucket. 2. Configure IAM role by applying the following policy to the bucket: 3 { "Version": "2012-10-17", "Statement": [ { "Sid": "AllowSESPuts", "Effect": "Allow", "Principal": { "Service": "ses.amazonaws.com" }, "Action": "s3:PutObject", "Resource": "arn:aws:s3:::<bucketName>/*", "Condition": { "StringEquals": { "aws:Referer": "<awsAccountId>" } } } ] } 3. In the policy, make the following changes: Replace <bucketName> with your S3 bucket name. Replace <awsAccountId> with your AWS account ID. Step 3: Create an IAM Policy and Role: 1. Create a new IAM Policy with the following permissions: { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "logs:CreateLogStream", "logs:CreateLogGroup", "logs:PutLogEvents" ], "Resource": "*" },{ "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "s3:GetObject", "ses:SendRawEmail" ], "Resource": [ "arn:aws:s3:::<bucketName>/*", "arn:aws:ses:<region>:<awsAccountId>:identity/*" ] } ]} 4 In the preceding policy, make the following changes: Replace <region> with the name of the AWS Region that you created the bucket in. 2. Create a new IAM role. Attach the policy that you just created to the new role. Step 4: Create a Lambda Function 1. In the Lambda console, create a new Python 3.7 function from scratch. Choose an IAM role that created in previous steps for the execution role. 2. Refer and deploy the following python code which is for salesforce support. 3. Create environment variables whatever required for salesforce as follows: 4. Create the following environment variables for s3 and mail addresses in the Lambda function: Key Value MailS3Bucket S3 bucket name that you created earlier. MailS3Prefix The path of the folder where you will store message id. MailSender The address that the mail to be sent from. MailRecipient The address that the mail to be forwarded to. Region AWS Region name to be used to send the mail. 5 Step 5: Create a Receipt Rule Set: 1. In the Amazon SES console, create a new Receipt Rule Set. 2. Add Recipient mail address that you want to send mail. 3. Add a Lambda function and s3 to the Receipt Rule in Actions tab. Step 6: Test the Function To test the function, send an email to recipient mail address which is in the Receipt Rule that was created earlier. In a minute or two, the email reverts to the inbox that you specified in the MailRecipient variable of the Lambda function. 6 Troubleshooting If in case the mail did not reverted to the destination email address even after sending a test mail, do the following: Check for the Amazon SES Receipt Rule and make sure it is active. Make sure that recipient email address matches with the specified in MailRecipient variable of the Lambda function. You can also check for the errors in CloudWatch Log for the Lambda function created. Subscribe an email address or corresponding phone number to the SNS topic and send another test email. If you receive a bounce notification after sending a test mail, then do the following: Make sure that the domain verification process is completed successfully. Make sure that the receipt rule is handling the email address which you are sending. Costs of using this solution Refer the following link for AWS SES pricing details. https://aws.amazon.com/ses/pricing/ Limitations This solution supports in all available AWS Regions where Amazon SES is available. Conclusion This solution makes it possible to forward incoming mail from one of the Amazon SES verified domains to a verified email address. This solution can be used, if you have multiple AWS accounts, and you want to send all incoming mails to single destination from each of those accounts. 7 .
Load more

Recommended publications
  • Comodo Antispam Gateway Software Version 1.5
    Comodo Antispam Gateway Software Version 1.5 Administrator Guide Guide Version 1.5.082412 Comodo Security Solutions 525 Washington Blvd. Jersey City, NJ 07310 Comodo Antispam Gateway - Administrator Guide Table of Contents 1 Introduction to Comodo Antispam Gateway........................................................................................................................... 4 1.1 Release Notes............................................................................................................................................................. 5 1.2 Purchasing License .................................................................................................................................................... 6 1.3 Adding more Users, Domains or Time to your Account .................................................................................................6 1.4 License Information................................................................................................................................................... 10 2 Getting Started................................................................................................................................................................... 13 2.1 Incoming Filtering Configuration ................................................................................................................................ 13 2.1.1 Configuring Your Mail Server..................................................................................................................................
    [Show full text]
  • DNS Manager User Guide VF
    Vodafone Hosted Services: DNS Manager User Guide DNS Manager User Guide 1 Vodafone Hosted Services: DNS Manager User Guide DNS Manager What is DNS Manager ? DNS Manager allows the end-user to edit their domain’s zone file, including A (address) records, CNAME (canonical name) records and MX (mail exchange) records. What is the Default Zone File ? If the end-user selects “Edit Zone File” and clicks “Next”, their current zone file will be displayed at the top of the screen. By default, their zone file will contain several important records. Any changes to these records may cause serious problems with their website and email performance. What is DNS ? DNS (Domain Name System or Domain Name Service) catalogs and updates information in regards to domain names. DNS converts domain names into IP addresses. DNS usually contains a set of zone files that lists the types of redirection that will be done. 2 Vodafone Hosted Services: DNS Manager User Guide What are Zone Files ? Four types of records are important in a zone file: • A records • CNAME records • MX records • Start of Authority (SOA) domain.com points to 216.251.43.17 mail.domain.com points to 69.49.123.241 mail will be delivered to 10 mx1c1.megamailservers.com first mail will be delivered to 100 mx2c1.megamailservers.com second mail will be delivered to 110 Resource Record Abbreviations The end-users domain name is called their “origin”. The origin is appended to all names in the zone file that do not end in a dot. For example, if their domain is yourname.com, the entry “www” in the zone file is equal to www.yourname.com.
    [Show full text]
  • Master Thesis Characterizing Sender Policy Framework Configurations At
    Master Thesis Characterizing Sender Policy Framework Configurations at Scale Gabri¨elMathay Kahraman Monday 7th September, 2020 A thesis presented for the degree of Master of Science Computer Science Design and Analysis of Communication Systems (DACS) Chair: prof. dr. ir. Aiko Pras Supervisor: dr. ir. Mattijs Jonker Co-supervisors: ir. Olivier van der Toorn and dr. Doina Bucur Abstract Phishing involves disguising oneself as a trustworthy entity in electronic communication, for example, by pretending to send e-mail on behalf of a company. Phishing e-mails can be prevented if domains implement e-mail security techniques. One of the techniques to improve e-mail security is the Sender Policy Framework (SPF). To enable SPF, the administrator of a domain can specify an SPF policy in the DNS zone of the domain. The SPF policy determines which IP addresses are authorised to send e-mail from the administrator's domain. When an e-mail server receives an e-mail, the e-mail server retrieves the SPF policy of the sender's domain. Next, the IP address of the sender will be queried against the SPF record, and the response of this query determines how to handle the incoming e-mail. The SPF standard was released over six years ago. Even though six years have passed, the research community does not yet have a thorough understanding of the characteristics of SPF use. What we miss is an understanding of how SPF policies are configured, how SPF policies have changed over time, and what the problematic trends are of SPF use. In this Thesis, we address the missing of a large scale analysis on SPF policies over time.
    [Show full text]
  • Email Services Deployment Administrator Guide Email Services Deployment Administrator Guide
    Email Services Deployment Administrator Guide Email Services Deployment Administrator Guide Documentation version: 1.0 Legal Notice Copyright 2016 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq. "Commercial Computer Software and Commercial Computer Software Documentation," as applicable, and any successor regulations, whether delivered by Symantec as on premises or hosted services. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S.
    [Show full text]
  • System Administrator's Guide
    ePrism Email Security System Administrator’s Guide - V11.0 4225 Executive Sq, Ste 1600 Give us a call: Send us an email: For more info, visit us at: La Jolla, CA 92037-1487 1-800-782-3762 [email protected] www.edgewave.com © 2001—2017 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The Email Security software and its documentation are copyrighted materials. Law prohibits making unauthorized copies. No part of this software or documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into another language without prior permission of EdgeWave. 11.0 Contents Chapter 1 Overview 1 Overview of Services 1 Email Filtering (EMF) 2 Archive 3 Continuity 3 Encryption 4 Data Loss Protection (DLP) 4 Personal Health Information 4 Personal Financial Information 5 ThreatCheck 6 Vx Service 6 Document Conventions 7 Supported Browsers 7 Reporting Spam to EdgeWave 7 Contacting Us 8 Additional Resources 8 Chapter 2 ePrism Appliance 9 Planning for the ePrism Appliance 9 About MX Records 9 Configuration Examples 10 Email Security Outside Corporate Firewall 10 Email Security Behind Corporate Firewall 10 Mandatory 11 Optional 12 Accessing the ePrism Appliance 12 ePrism Appliance
    [Show full text]
  • Migration Technical Guide
    OneNet | Hosted Exchange Migration Technical Guide Migration Technical Guide Documentation OneNet Hosted Exchange Page 1 of 21 OneNet | Hosted Exchange Migration Technical Guide Contents Introduction ....................................................................................................................... 3 Target Audience ........................................................................................................... 3 Section Overview ......................................................................................................... 3 Migration Planning .............................................................................................................. 4 Pre-Migration Planning Form .......................................................................................... 5 Client Site Preparation ......................................................................................................... 6 Mail Data Export .......................................................................................................... 6 Download Outlook 2010/2013 or Microsoft Outlook 2011 (for Mac OS X) ............................. 7 Software Disclaimer ...................................................................................................... 7 Email Client Configuration ............................................................................................. 7 Client System Requirements .......................................................................................... 8 Outlook
    [Show full text]
  • The Qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 Pages)
    < Free Open Study > The qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 pages) This guide begins with a discussion of qmail s history, architecture and features, and then goes into a thorough investigation of the installation and configuration process. Table of Contents The qmail Handbook Introduction Ch apt - Introducing qmail er 1 Ch apt - Installing qmail er 2 Ch apt - Configuring qmail: The Basics er 3 Ch apt - Using qmail er 4 Ch apt - Managing qmail er 5 Ch apt - Troubleshooting qmail er 6 Ch apt - Configuring qmail: Advanced Options er 7 Ch apt - Controlling Junk Mail er 8 Ch apt - Managing Mailing Lists er 9 Ch apt - Serving Mailboxes er 10 Ch apt - Hosting Virtual Domain and Users er 11 Ch apt - Understanding Advanced Topics er 12 Ap pe ndi - How qmail Works x A Ap pe ndi - Related Packages x B Ap pe ndi - How Internet Mail Works x C Ap pe ndi - qmail Features x D Ap pe - Error Messages ndi x E Ap pe - Gotchas ndi x F Index List of Figures List of Tables List of Listings < Free Open Study > < Free Open Study > Back Cover • Provides thorough instruction for installing, configuring, and optimizing qmail • Includes coverage of secure networking, troubleshooting issues, and mailing list administration • Covers what system administrators want to know by concentrating on qmail issues relevant to daily operation • Includes instructions on how to filter spam before it reaches the client The qmail Handbook will guide system and mail administrators of all skill levels through installing, configuring, and maintaining the qmail server.
    [Show full text]
  • Auditing an Email Server Patrick Mattson May 2019
    Auditing an Email server Patrick Mattson May 2019 [email protected] Page 1 of 34 Table of Contents Proposal notes ........................................................................................................................................ 4 Learning objective 1 ................................................................................................................................ 6 Learning objective 2 ................................................................................................................................ 6 Learning objective 3 ................................................................................................................................ 6 Learning objective 4 ................................................................................................................................ 6 What are the components of an email server. ......................................................................................... 6 Microsoft Exchange Components ........................................................................................................ 7 Edge Transport - Mail Transfer Agent (MTA) ................................................................................... 7 Other components: ............................................................................................................................. 7 DNS Settings .................................................................................................................................... 7
    [Show full text]
  • Lesson 9: Configuring DNS Records
    Lesson 9: Configuring DNS Records MOAC 70-411: Administering Windows Server 2012 Overview • Exam Objective 3.2: Configure DNS Records • Configuring DNS Record Types • Using the DNSCMD Command to Manage Resource Records • Troubleshooting DNS Problems © 2013 John Wiley & Sons, Inc. 2 Configuring DNS Record Types Lesson 9: Configuring DNS Records © 2013 John Wiley & Sons, Inc. 3 DNS Records • A DNS zone database is made up of a collection of resource records, which are used to answer DNS queries. • Each resource record (RR) specifies information about a particular object. • Each record has a type, an expiration time limit, and some type-specific data. © 2013 John Wiley & Sons, Inc. 4 DNS Records Many of the resource records are automatically created: • Clients or the DHCP servers create the host and Pointer (PTR) records. • When you install a DNS server, NS records are usually created. • When you install domain controllers, Service Location (SRV) records are created. © 2013 John Wiley & Sons, Inc. 5 Creating and Configuring DNS Resource Records Different properties define different accounts: • First name, last name, and login name for a user account • Name of the printer and location for a printer in Active Directory Just as you have different types of objects in Active Directory, you also have different types of resource records in DNS, with different fields. © 2013 John Wiley & Sons, Inc. 6 Creating and Configuring DNS Resource Records When you create a new zone, two types of records are automatically created: • Specifies authoritative SOA information about a DNS zone • Specifies an authoritative NS name server for the host © 2013 John Wiley & Sons, Inc.
    [Show full text]
  • Mdaemon Messaging Server
    MDaemon Email Server | How-To Best Practices Guide Deploying a Mail System When deploying an email system, there are certain things that must be considered, including domain registration & hosting, DNS records, security/encryption requirements, and more. This document will help guide you through the pre-deployment topics that must be considered before installing MDaemon. Purchase and Register a Domain You will need to have a domain name. There are several services from which you can purchase a domain name. One of the most popular is GoDaddy. You will also need to register your domain name with ICANN through a domain name registrar. Registration fees are typically between $10 and $40 per year. Registration gives you legal rights to the domain name for one year, and must be renewed annually. Registration allows you to be certain that you are the legal, registered owner of the domain. The world’s largest domain name registrar is GoDaddy (www.godaddy.com). SSL Certificates SSL (Secure Sockets Layer) certificates are required for encrypted communications. You can purchase SSL certificates from GoDaddy, GlobalSign, or several other organizations. You an also generate your own self-signed SSL certificates in MDaemon via the Security | Security Manager | SSL & TLS configuration screen. DNS DNS (Domain Name System) is a system that translates domain names (such as example.com) into IP addresses that computers use to identify each other on the internet. DNS providers provide DNS servers, which are used to host DNS records that map domain names to IP addresses. DNS servers are normally managed by your Internet service provider (ISP), however, you can also host your own DNS server.
    [Show full text]
  • Linux Network Administrators Guide Remote Systems
    Chapter 16. ManagingTaylor UUCP UUCP was designed in the late seventies by Mike Lesk at AT&T Bell Laboratories to provide a simple dialup network over public telephone lines. Despite the popularity of dialup PPP and SLIP connections to the Internet, many people who want to have email and Usenet News on their home machine still use UUCP because it is often cheaper, especially in countries where Internet users have to pay by the minute for local telephone calls, or where they do not have a local ISP and must pay long distance toll rates to connect. Although there are many implementations of UUCP running on a wide variety of hardware platforms and operating systems, overall, they are highly compatible. However, as with most software that has somehow become standard over the years, there is no UUCP that one would call the UUCP. It has undergone a steady evolution since the first version was implemented in 1976. Currently, there are two major species that differ mainly in their hardware support and configuration. Of these two, various implementations exist, each varying slightly from its siblings. One species is known as Version 2 UUCP, which dates back to a 1977 implementation by Mike Lesk, David A. Novitz, and Greg Chesson. Although it is fairly old, it is still frequently used. Recent implementations of Version 2 provide much of the comfort that the newer UUCP species do. The second species was developed in 1983 and is commonly referred to as BNU (Basic Networking Utilities) or HoneyDanBer UUCP. The latter name is derived from the authors' names (P.
    [Show full text]
  • Network Working Group M. Nakamura Request for Comments: 3974 Kyoto University Category: Informational J
    Network Working Group M. Nakamura Request for Comments: 3974 Kyoto University Category: Informational J. Hagino IIJ Research Laboratory January 2005 SMTP Operational Experience in Mixed IPv4/v6 Environments Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). IESG Note: The content of this RFC was at one time considered by the IETF, and therefore it may resemble a current IETF work in progress or a published IETF work. This RFC is not a candidate for any level of Internet Standard. The IETF disclaims any knowledge of the fitness of this RFC for any purpose, and in particular notes that the decision to publish is not based on IETF review for such things as security, congestion control, or inappropriate interaction with deployed protocols. The RFC Editor has chosen to publish this document at its discretion. Readers of this RFC should exercise caution in evaluating its value for implementation and deployment. This document contains a specific interpretation of the applicability of the MX processing algorithm in RFC 2821, Section 5, to dual-stack environments. Implementors are cautioned that they must reference RFC 2821 for the full algorithm; this document is not to be considered a full restatement of RFC 2821, and, in case of ambiguity, RFC 2821 is authoritative. Abstract This document discusses SMTP operational experiences in IPv4/v6 dual stack environments. As IPv6-capable SMTP servers are deployed, it has become apparent that certain configurations of MX records are necessary for stable dual-stack (IPv4 and IPv6) SMTP operation.
    [Show full text]