If you find yourself using Amazon SES for sending outgoing emails in a PHP web app, getting everything set up is much simpler than it may seem. In my case, this was on an AWS Linux image, but it will work on any Fedora/CentOS AMI.
You can, of course, set up sendmail and use a proper MTA to send email from your web app, but in this case, I had inherited the requirement to set up an environment for code that was already written to use SES for outgoing email and Google Apps for incoming emails, so the actual mechanics weren’t up for debate.
The easiest way to handle this is to set up an SMTP client that can easily relay, such as Msmtp. Start to finish, setting this up took about 5 minutes.
When you sign up for Amazon SES, you’ll need to set up the domains you want to send from, add some DNS entries (which is nice and easy if you’re using Route 53 already for DNS)…
And then verify a few email addresses to Amazon knows you’re not trying to send email from an account you shouldn’t…
So now your SES is all set up, and you just need to set up Msmtp to handle your outgoing email.
While logged into your AWS instance via command line, do the following. Notice that your version number may be different from mine in the example:
[bash]# Grab the latest Msmtp package from SFwget http://sourceforge.net/projects/msmtp/files/latest/download?source=files
tar -xjvf msmtp-1.4.30.tar.bz2
cd msmtp-1.4.30
# Now switch to root and set up Msmtp
su root
# If you don’t have gcc, make, openssl
# and openssl-devel, install them
yum install gcc make openssl openssl-devel
./configure
make
make install
make clean
# and now create the Msmtp config file and log file
# and make sure the log file is writable
touch /usr/local/etc/msmtprc
touch /var/log/msmtp.log
chmod 666 /var/log/msmtp.log[/bash]
Next we need to find the path for the server’s CA certificate, so we can use this in the Msmtp config file.
[bash]find / -name *.crt[/bash]This was located at /etc/pki/tls/certs/ca-bundle.crt for me, but might be located somewhere else if you’re not using Amazon Linux or CentOS.
Now we need to set up Msmtp to use your SES login information:
[bash]vi /usr/local/etc/msmtprc[/bash]You can use the settings below (replacing the placeholder username and password with the one from your own SES account, of course) and paste this into your empty /usr/local/etc/msmtprc file. Also be sure to set a default “from” address in your config. You can override this value in your php scripts, but it’s still good to set a valid default.
host email-smtp.us-east-1.amazonaws.com
port 587
timeout 30
auth on
user YOUR_SES_USERNAME
password YOUR_SES_PASSWORD
auto_from off
from VALID_FROM_ADDRESS
maildomain yourdomain.com
tls on
tls_starttls on
tls_trust_file /etc/pki/tls/certs/ca-bundle.crt
logfile /var/log/msmtp.log[/plain]
Now we just need to change your php.ini file to point the sendmail_path to Msmtp executable instead of the default sendmail:
Be sure to leave the two flags -t and -i after the sendmail_path value. My updated php.ini sendmail_path looks like:
Then restart your web server – apache for me.
[bash]service httpd restart [/bash]Now let’s try a quick mail script to make sure this is working:
[php]$to = ‘YOUR_EMAIL’;$subject = ‘Test subject from amazon aws ses’;
$message = ‘this is just a test!’;
$headers = ‘From: VERIFIED_SES_EMAIL_ADDRESS’ . “\r\n” .
‘Reply-To: VERIFIED_SES_EMAIL_ADDRESS’ . “\r\n” .
‘X-Mailer: PHP/’ . phpversion();
mail($to, $subject, $message, $headers);[/php]
Hopefully, you should get your test email pretty soon after. (It was immediate for me.) And just to be thorough, let’s check the msmtp log to make sure everything looks like it went smoothly:
[bash]tail -f /var/log/msmtp.log[/bash]You should see an entry in your msmtp.log that shows a 200 OK status for the email you just sent through SES. You should also now see 1 message sent in your SES console that shows you how many messages have been sent through your system.
And that’s it!
