Set up an IAM Role called (say) SNSEmailForwarder:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*"
},
{
"Effect": "Allow",
"Action": [
"sns:GetTopicAttributes",
"sns:List*",
"sns:Publish"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ses:SendRawEmail",
"ses:SendEmail",
"ses:SendBounce"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::YOUR_S3_BUCKET/*"
}
]
}
Verify your email domain on AWS SES (you can't use sandboxed mail domain, so says AWS) :
Setup an SNS topic:
- Go to https://console.aws.amazon.com/sns
- Create topic
- Topic Name: SNSForwardEmails
Setup a Lambda function: 0) Go to https://console.aws.amazon.com/lambda
- Create new lambda function
- Run time: Python 2.7
- Select blueprint > Blank Function
- Configure Triggers > Select "SNS" in the gray empty box on left of lambda logo-sign
- SNS topic: select the topic you have created above. (SNSForwardEmails)
- Enable Trigger: check the box
- Create the function
- Name: LambdaForwardEmails Runtime: Python 2.7 Code entry type: Edit code inline in the text area, copy-paste the whole file I shared here. Role: Choose an existing role Existing Role: the one you have created above. (SNSEmailForwarder)
- Next > Create Function
Setup SES:
- Go to https://console.aws.amazon.com/ses
- Rule Sets (on the left menu)
- Create a Receipt Rule
- Rule Set Name: EmailForwardingRules
- OPTIONAL: enter your domain name without at sign such as: example.com (Add Receipt)
- Next Step
- Add Action: S3
- S3 Bucket: (create sth) Emails Encrypt Message: (uncheck, I am not sure about the consequences of custom encryption) SNS Topic: SNSEmailForwarder (this is important)
- Create Rule
It seems ok. Test with a real email. (In the Lambda editor) The test scenario AWS provides cannot simulate an email message totally.
Where and how are you storing the eml file? what is the content you are getting there ?
Are you trying to send a new email with someone else's behalf? send_email() api sends a new email. You cannot send a email using from_address which is not verified in your aws account.