Amazon Web API Verification

Dan O'Shea

Member
I copied the first Amazon SES credentials to create another delivery server for another email address which is verified in Amazon SES.

This email address is also set up for bounces and complaints.

When I put in info@***.com in the verification field, I get the following error:

  • Cannot send the confirmation email using the data you provided.
  • Here is a transcript of the error message:
  • The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
    The Canonical String for this request should have been
    'POST
    /
    content-type:application/x-www-form-urlencoded; charset=utf-8
    host:email.us-east-1.amazonaws.com
    x-amz-date:20150107T181631Z
    content-type;host;x-amz-date
    f2acb04d1abd45432c2894c5626df2e35c36c4dc5a8f3606cfade72afe43ebcd'
    The String-to-Sign should have been
    'AWS4-HMAC-SHA256
    20150107T181631Z
    20150107/us-east-1/ses/aws4_request
    a618aef4bcc53d3e6ece5f47f2301fd45bbf2d481f2e9d05b47f0d6cb1b90511'
 
You'll have to create your amazon user as specified in this video:
and then use the newly generated keys into mailwizz.
This is because mailwizz also handles the SNS topic for you so it needs that access to do so.
 
I saw that and applied it. However, it appears the critical component is in the procedural steps. I deleted and started over, seeing that the credentials SHOULD NOT be created before applying the Poweruser policy. Once I followed the video and created the policy FIRST, then the credentials, it then worked.

Posting this for others.

Thanks Serban for making me look at it again!
 
No worries, glad you've sorted it out after all.

Indeed seems that you should apply permissions first then generate new keys to inherit the permissions, i remember that from when i tried myself and didn't know why it doesn't work and the amazon error isn't really something from where you can see what you're doing wrong.

Thanks ;)
 
Wow, this was driving me nuts. In my previous usage of SES on another platform I had just allowed user access to SES. So creating as per the video, and also verifying the particular From domain I wanted to use as an email address in the SES console and not simply as a domain, as I had been using, got me past all the errors I was having in mailwizz attempting to verify the delivery server. Voila.
 
I saw that and applied it. However, it appears the critical component is in the procedural steps. I deleted and started over, seeing that the credentials SHOULD NOT be created before applying the Poweruser policy. Once I followed the video and created the policy FIRST, then the credentials, it then worked.

Posting this for others.

Thanks Serban for making me look at it again!

@twisted1919 I think this could address the issue with my ses account not able to deliver despite all the correct configuration on mailwizz, you remember my case in your private mail when you said they may be blocking my account for whatever which I argued when I said that there are not notification in my mail about restriction and I can also send test mails from my console.

I think I should try what this person did also, but the video is no longer available.

Regards

Sam
 
Yeah! worked for me. I've been able to validate the delivery server.

Perhaps something changed between the time that I was able to validate the server using only the SMTP credentials before it stopped, since then I was not able to revalidate using the SMTP credentials except for using the AWS Key credentials. That appeared to be a changed in the authentication procedure one that there is currently no documentation for from AWS.
 
Back
Top