Using Amazon SES with Postfix without stunnel
May 11, 2012 Uncategorized No CommentsA client recently decided to use Amazon’s Simple Email Service to send email from their website. All the articles I found to set that up involved configuring an stunnel connection to port 465 of the amazon relay host. That seems totally unnecessary to me. So here is what I did:
I added the following to /etc/postfix/main.cf
elayhost = email-smtp.us-east-1.amazonaws.com:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/password
smtp_sasl_security_options =
smtpd_sasl_path = smtpd
smtp_sasl_type = cyrus
smtp_tls_security_level = may
Next you need to create the password file (/etc/postfix/password) to enable authentication, the format is:
email-smtp.us-east-1.amazonaws.com:587 SMTP_USERNAME:SMTP_PASSWORD
The SMTP_USERNAME and PASSWORD can be obtained by creating them in The AWS console under SES/SMTP.
then create a hash out of it with:
postmap hash /etc/postfix/password < /etc/postfix/password
restart postfix and your mail should now relay through SES