AWS - SES Not send e-mail - SUBNET

Question

I currently have a backend running in a container (ECS), this backend has a SES service for sending e-mail (user password recovery).

I implemented this same scenario using SUBNET for my backend, but sending e-mail is no longer working.

In both my old scenario (without using a subnet) and localhost, sending the email works perfectly.

I did a ping test from the container and got a timeout answer:

Answer 1

In this case it looks like you have the wrong address, you have email-smtp.us-east-1.amazonaws.com ( email-smtp ) defined on your endpoint, and email.us-east-1.amazonaws.com ( email ) in your ping. Remember that a Ping may not respond if ICMP is not allowed through.

For a wider answer to this question, you have 2 options:

1. Make sure that you have an Internet Gateway configured correctly on your Subnet, and the security group added to your ECS host allows outgoing traffic to port 25 (this is throttled by AWS), 587 or 2587 depending on what you are using to talk to SES: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-connect.html

2. Create an SES VPC Endpoint on your subnet, then direct all of your SES requests to this new endpoint/IP Address: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-email-set-up-vpc-endpoints.html

If any of these are not working, check:

• You are not in SES Sandbox mode (raise a support request)
• You are not being throttled on port 25 from your host (use port 587 or raise a support request)
• You can connect to the internet from your EC2/ECS instance
• Port 587 is enabled on your security group
• The URL Address is correct (email-smtp.us-east-1.amazonaws.com)
• The IAM Role on your EC2/ECS Host (or IAM User) is enabled for SES Sending.