Simple email forwarding with AWS

Did I say simple? Ok, it’s taken a lot longer than anticipated, but after some serious troubleshooting at odd hours of the night, my domain email address now works with Amazon Web Services (AWS).


Why use AWS?

With all the buzz around AWS, the cloud and scalable computing, I was eager to give it a try. Amazon offer free web hosting for 12 months —so nothing to loose (and of course after a year I’ll be too lazy to switch, they’ve got me already). The two components that handle hosting and domain registration are Amazon’s Simple Storage Service (S3) and Route 53. It’s really nice to have all that web stuff in one place.

AWS is a convenient one stop shop. It’s the Tesco of the web.

Introducing Amazon’s Simple Email Service — SES

But what about receiving emails sent to my domain? Amazon now offer their simple email service (SES). But either someone forgot, no one spoke to any users or the developers just hacked it together — but out of the box you can’t get emails from your domain forwarded to your inbox of choice (i.e. Gmail). Perhaps it’s a bit too simple?

Luckily, Joe Turgeon has written a function to do this; you’ll need to configure it in AWS Lambda, their serverless compute service. It’s quite involved for the non-geek — you’ll need to:

  1. Create an S3 bucket to store your emails
  2. Copy some code to Lambda to handle the forwarding
  3. Set up a role in AWS Identity and Access Management (IAM) to allow the code to access the bucket
  4. Configure a forwarding rule in SES so it all magically works

Joe’s readme is on GitHub, it’s well documented with precise steps:


Unfortunately, the process didn’t go super smooth for me. I got a couple of errors:

“AccessDenied: Access Denied” — a permission issue. I fixed this by making the Resource field in the Role policy less strict:

"Resource": "arn:aws:s3:::BUCKET_NAME/*" 
// becomes...
"Resource": "arn:aws:s3:::*"

“NoSuchKey: The specified key does not exist” — again an access issue. I fixed this by removing the object key prefix (emails/) in the SES forwarding rule, so any received emails would sit in the top level of the bucket.