SMTP configuration with Amazon SES

aarondowdy · September 9, 2020, 1:47am

Has anyone ever been able to use Amazon SES as an SMTP server and pass AWS generated SMTP credentials into the grafana config.ini?

I’ve tried it so many different ways but it just isn’t working for me. I thought it could take a generic SMTP server and with user/pass just start sending alert notifications on a configured alert channel.

Provisioned channel config:

notifiers:
  - name: email-channel-1
    type: email
    uid: emailnotifier1
    org_id: 1
    is_default: true
    send_reminder: false
    disable_resolve_message: false
    # See `Supported Settings` section for settings supported for each
    # alert notification type.
    settings:
      uploadImage: true
      singleEmail: true
      addresses: asdf@myrealemailaddress.com;asdf2@otherrealemailaddress.com

config.ini additions:

[smtp]
# If the password contains # or ; you have to wrap it with trippel quotes. Ex “”"#password;"""

enabled = true
host = email-smtp.us-west-2.amazonaws.com:465

# password do not contain semicolon or hash symbol
# does it expect them base64 encoded or something?

user = <got from AWS SMTP username>
password = <got from AWS SMTP password>

;skip_verify = true
from_address = myverifiedemail@mydomain.com
from_name = Grafana

grafanarocks · January 5, 2021, 11:24am

I am facing similar issue. Any documentation for steps to configure email notification through AWS SES ?

rafael14 · August 31, 2021, 7:48pm

Any solutions? I have the same problem here.

ograsl · January 8, 2022, 2:28pm

You need to create SMTP user credentials for Amazon SES - the IAM user credentials will not work (Obtaining your Amazon SES SMTP credentials - Amazon Simple Email Service Classic).

Then use port 587 and MandatoryStartTLS.

juancgomez · June 30, 2022, 11:23pm

Thanks

I saw your config and it helped resolve mine. Because of the port number.

I also verified my domain in SES. Otherwise it doesn’t let you send any emails.

Other than that you can also check if your files match grafana’s config in the UI settings.

dunge2 · February 28, 2023, 11:38pm

Facing a similar issue.

[smtp]
enabled = true
from_address = my@domain.com
from_name = myname
host = email-smtp.us-east-1.amazonaws.com:587
password = validpassword
startTLS_policy = MandatoryStartTLS
user = validuser

error “failed to send notification to email addresses: ***: gomail: could not send email 1: read tcp 100.1.220.225:35110->52.0.157.14:587: i/o timeout”

Connectivity seems fine. From another pod in the cluster:

/ # nc -vz email-smtp.us-east-1.amazonaws.com 587
email-smtp.us-east-1.amazonaws.com (52.0.157.14:587) open
/ # telnet email-smtp.us-east-1.amazonaws.com 587
Connected to email-smtp.us-east-1.amazonaws.com
220 email-smtp.amazonaws.com ESMTP SimpleEmailService-d-86SNBJ70N AgPcnOCZxSp2DRD4eHDu

I also use the same credentials and from address other apps on the same network and they work fine.

Tried port 25 and 587, with and without MandatoryStartTLS.

How can I diagnose this further?

dunge2 · March 2, 2023, 8:59pm

I tested a local SMTP server and TLS is functional. I also tested the same connection parameters from another app inside the cluster and AWS SES works properly.

I don’t know why I keep getting i/o error. I see many questions online about gomail and SES failing because of the timeout not being high enough? I don’t see a way to configure the smtp timeout via Grafana config?