One challenge I have encountered with Amazon Ec2 is the sending of email from our web applications. If you try to send directly from sendmail or postfix then you might as well forget about guranteed delivery. A large amount of your email will end up in spam folders if it is even delivered at all.
There are a few problems with delivering email from Ec2
- MX record will not map to your IP and you are using dynamic IPs (you can address this with elastic IP's) adding a SPF DNS record can help as well
- Reverse DNS will map back to Amazon and not back to your Hostname
- Many of the Ec2 IP's have been blacklisted due to abusers of the service sending spam.
There are a few solutions to this problem and I will propose two of them.
Using a google apps account:
If you are using a solution like Google Apps and have them host your email accounts then you can use gmail as your SMTP server. You will need to create an account firstname.lastname@example.org and use authentication in your applications to send the email. With Google apps you cannot override the "from" address when you send email it wil always become whatever you account you are sending from. For example if you create the account email@example.com and attempt to set the "from" in your code to send from firstname.lastname@example.org google will override it and send from donotreply. The only option is to set "replyto" in your code and when a user replys they will send to your replyto account. With google apps you are limited to a maximum amount of 500 emails a day per account as well and if you are sending a lot of emails this can quickly become a problem. This is a great solution for small volumes of email and you delivery rates are very good.
Relay from localhost through a third party:
This blog post outlines a set of steps to relay through a local Postfix instance to a third party SMTP service. The great thing about this solution is that you can send email from your application to localhost without storing the authentication parameters in your applications code and have Postfix handle it all. If you have many applications sending email this can greatly simplify things. Also it allows your application to hand off the emails quickly to another service that can handle queuing in case the third party email service is down at any time. You could combine the approach above with this one but you would still have the 500 email limitation. I am searching for a good third party SMTP service that is reliable, the author of the blog post recommends AuthSMP. I have not tried them and their prices are not too high but not cheap either. I am going to do a little more digging and test some of the options and will report back to this posting.
You could also add an SPF record that lists Amazon as an authorized sender for your domain. That's not a 100% solution, but for just a few minutes of work you'd be surprised at how effective it is.
I've used DNSMadeEasy.com for both DNS management and SMTP service. They have a 500 e-mails per day limit by default, but you can buy more -- not super cheap, but very reliable: http://www.dnsmadeeasy.com/pages/mail.html
Can you upgrade to a premium Google Apps account and get more email quota per day?
Thanks for the post. I've been thinking about this issue also since we use EC2.
@Darren is correct...see this link http://mail.google.com/support/bin/answer.py?hl=en&answer=59797
I did what Rick O recommended (adding an SPF string to the DNS records) and now http://tools.bevhost.com/spf/ checks ok. The record I added is "v=spf1 a=ec2-...compute-1.amazonaws.com -all".
That is great that people can receive the <a href="http://goodfinance-blog.com/topics/credit-loans">credit loans</a> moreover, this opens new possibilities.