2 replies to this topic

[James]

Morning,

 

I did a few searches here for amazon ses but I only found people asking it to be removed from zero hour intent.

 

We have some legitimate email getting blocked coming from randomnumber@amazonses.com that we need to allow and I was wondering how others handle these.

 

Do you whitelist the domain? I'm not sure I want to do that. Curious what others are doing.

 

Thanks

[Paladin IT taff]

James,

 

Did you ever figure this out?  We ended up whitelisting the entire amazonses.com domain, which is not ideal.  

 

Nelson M

[Chris Olesch]

James,

 

I too am looking for a good solution to this. After reading what amazon says, it looks to boil down to this: "If you want to comply with DMARC using SPF, you have to set up Amazon SES to use your own MAIL FROM domain and publish an SPF record." See the AWS SES FAQ for more info.

 

 

I'm currently testing my solution:

Content Rule to whitelist if found in the header: (?i)(\w|^)(DKIM-Signature\[^"]+d=(zerto\.com|myworkboard\.com|adobe\.com|amazon\.com)

 

Regex101.com Verified to match the following examples:

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=eaxkvsyelrnxjh4cicqyjjmtjpetuwjx; d=amazon.com

or

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=a5rqqfynqptdeegy7zn55uol6nemnabp; d=myworkboard.com;

or

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=fdvdxe5ofj4v47yx4t4275clv7bhlfrz; d=zerto.com;

or

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=u2eo3bxsv5kuml2bgbuudbwzuawyzw55; d=adobe.com;

 

 

 

Chris O.