How to send email to AWS SES from GCP vm instance
Question
I have a requirement where GCP VM instance which is behind a squid proxy and NAT gateway should be able to send emails to AWS SES.
SES: email-smtp.eu-west-1.amazonaws.com
as far as I know, GCP has port 25 blocked and after referring to few articles on stackoverflow, it seems squid does not support SMTP as well.
can someone please help if they have worked on similar thing before?.
Thanks Max
2 answers
solution1
0 2021-05-04 07:58:54
solution2
0 2021-06-05 12:25:26
Option 1, AWS SES HTTP API:
If the email sending application could support sending emails via AWS SES with the use of their HTTP API instead of the SMTP protocol, you could allow that regional HTTPS endpoint in the outbound firewall (Squid in your case.)
The advantages of this approach address your concerns on bypassing the proxy by going through Cloud NAT directly, and maintaining restrictions on traffic originating from the source subnet.
Option 2, AWS SES SMTP over TLS:
Configure the application to connect with AWS SES SMTP endpoints on port 465 or 2465 while using TLS. This is also called SMTP S (where the trailing S stands for SSL/TLS, just like in HTTP S .) This is documented under TLS Wrapper in AWS' documentation.
Since Squid is primarily a proxy for HTTP, you will be better of replacing it with an outbound firewall that supports filtering traffic by FQDNs for SSL/TLS connections wrapping any protocol within. (In this case, SMTP wrapped in TLS.) These are typically called NGFW and available from the GCP marketplace on a free trial. One advantage of using these is the applications don't need explicit proxy settings for connecting to the Internet as the operation is completely transparent.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.