Testing Amazon SES SMTP with OpenSSLMay 14, 2017 · 4 min read
Over the last few months, we are using Amazon Simple Email Service (SES) as our default mail service at fluig Identity. AWS SES is just like any other SMTP service, it also requires a username and password for authentication, but as SES is a AWS service, those credentials are based on IAM credentials, so Access Key ID in this case will be our username, and Secret Access Key, using a HMAC-SHA256 algorithm, will be our password.
This tutorial will show you how you can simulate a communication with AWS SES SMTP interface through OpenSSL, where you can troubleshoot IAM problems before setting them up in your application.
For this example,
AKIAIOSFODNN7EXAMPLE will be our Access Key ID,
wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY our Secret Access Key and firstname.lastname@example.org the e-mail address registered and verified in AWS SES.
To create a password with HMAC-SHA256 algorithm, the first thing we need to do is to encode our Secret Access Key. You can use the Python function below to encode a string with HMAC-SHA256.
Now you can simply call the function by passing the Secret Access Key as a parameter, that you will get your password encoded in HMAC-SHA256.
To communicate with a AWS SES SMTP interface, both username and password need to be encoded in base64, as you can see below.
Also the communication needs to be done using Transport Layer Security (TLS), so we will use
openssl rather than
In the example below, we will open a SMTP connection, authenticate using our IAM credential encoded and send a simple message to myself.
This saved me time while we were implementing AWS SES, where I could test IAM credentials before setting them up in our applications. I hope this help you as well.