amazon-web-servicesplayframeworkapache-commons-email

Amazon AWS Simple Email Service: some email addresses NEVER receive emails


I have posted this question on the Amazon AWS Forums, but figured I might get a quicker, better answer here. I apologize if you see it twice.

My company uses an Amazon AWS SMTP server to send emails via a Java-based web interface. This is just a small part of our application, intended to allow users to invite other users to our application.

We have discovered on a very few number of occasions that certain email addresses are not receiving the invitations. Initially we thought it was related to hyphens in the email addresses, but now I've determined that this isn't necessarily the case. I have been troubleshooting this for some time using my own email domains, and I have determined that the following two email addresses NEVER receive any emails sent using the AWS SMTP server (email-smtp.us-east-1.amazonaws.com), but there are no errors reported during the sending process -- the emails just never arrive. The second list shows similar email addresses that always DO receive invitations sent using our system. Note that the addresses on the first list NEVER receive emails, I have tried from all of our deployed instances many, many times.

ADDRESSES THAT DO NOT RECEIVE EMAIL:

ADDRESSES THAT DO RECEIVE EMAIL:

There are very, very few email addresses that end up with this problem. I was somewhat lucky to find two in my own domain that are exhibiting the problem. I have of course verified that this has nothing to do with spam filtering.

The application is written in Java using the play framework. Play uses Apache Commons Email library under the hood. You can read more about this here: http://www.playframework.com/documentation/1.1/emails.

Here are some of the steps I have taken during my troubleshooting efforts:

1) Try with a different SMTP server (using my personal ISP SMTP -- smtp.gvtc.com) -- ALL addresses DO receive emails when I use this SMTP server. This would seem to isolate the problem as being specific to the AWS SMTP server.

2) Set up my own AWS account and use the SMTP settings for this account (after verifying the addresses in question) -- I have the exact same issues using my own AWS SMTP account settings. This would seem to indicate that the problem is not specific to our company's AWS account.

3) Turn on the play email debug setting (mail.debug=true in the configuration file). A great deal of information is shown in the console for each email sent by the system, but there is absolutely no difference between emails sent to good addresses and those sent to bad addresses. There is no indication whatsoever of any errors.

Here is the contents of the log for one of the emails that never arrived. Note that this is using the AWS server I set up for myself. It looks exactly the same when I use our company's AWS SMTP server except that the from email address is different. I have removed the actual email content, since it's in HTML, somewhat confidential, and not relevant to the problem.

May 15, 2013 8:44:47 AM play.Logger info
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems,
 Inc]
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "email-smtp.us-east-1.amazonaws.com", port 465, isSSL false
220 email-smtp.amazonaws.com ESMTP SimpleEmailService-376766033
DEBUG SMTP: connected to host "email-smtp.us-east-1.amazonaws.com", port: 465

EHLO 0.1.0.5
250-email-smtp.amazonaws.com
250-8BITMIME
250-SIZE 10485760
250-AUTH PLAIN LOGIN
250 Ok
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Found extension "SIZE", arg "10485760"
DEBUG SMTP: Found extension "AUTH", arg "PLAIN LOGIN"
DEBUG SMTP: Found extension "Ok", arg ""
DEBUG SMTP: Attempt to authenticate
DEBUG SMTP: check mechanisms: LOGIN PLAIN DIGEST-MD5 NTLM
AUTH LOGIN
334 VXNlcm5hbWU6
QUtJQUk3WDNURUI0NEVKNlRSU1E=
334 UGFzc3dvcmQ6
QXJwZjl4eU1FTVc1WFNFR3ZxVXVPODNhRjFkcG8xMFpSeURXY0ZsNGVHQXM=
235 Authentication successful.
DEBUG SMTP: use8bit false
MAIL FROM:<jeremy-goodell@hotmail.com>
250 Ok
RCPT TO:<jeremygoodell@jeremygoodell.com>
250 Ok
DEBUG SMTP: Verified Addresses
DEBUG SMTP:   "jeremygoodell@jeremygoodell.com" <jeremygoodell@jeremygoodell.com>
DATA
354 End data with <CR><LF>.<CR><LF>
Date: Wed, 15 May 2013 08:44:47 -0500 (CDT)
From: "jeremy-goodell@hotmail.com" <jeremy-goodell@hotmail.com>
Reply-To: "jeremy-goodell@hotmail.com" <jeremy-goodell@hotmail.com>
To: "jeremygoodell@jeremygoodell.com" <jeremygoodell@jeremygoodell.com>
Message-ID: <2322287.7.1368625487826.JavaMail.UGOODJ3@SAOTXWL-9X913M1>
Subject: Please join the ACT Aspire Hari AV test delivery portal
MIME-Version: 1.0
Content-Type: multipart/mixed;
        boundary="----=_Part_6_16196755.1368625487826"

------=_Part_6_16196755.1368625487826
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

    >>>> HTML EMAIL BODY REMOVED <<<<

------=_Part_6_16196755.1368625487826--
.
250 Ok 0000013ea86fb2de-0bd70205-8e9a-4042-972f-ad94b28c3101-000000
QUIT
221 Bye

Solution

  • I'm going to follow up here with what turned out to be the solution to the problem. The Amazon AWS SMTP service maintains a "14-Day Suppression List" which is a list of email addresses that have bounced during the last 14 days. Any email sent via the Amazon SMTP service will fail when attempting to send to an address on the Suppression List. Unfortunately, they don't report the error, but instead, send an "Undeliverable" reply to the sender. So, if you have an automating sending service, you'll never know.

    I happened to find it because when I set up my own AWS SMTP server, I put in one of my own email addresses as the sender of the automated email. When I logged into that email account, I saw the Undeliverable messages, which explained that the target email is on the Supression List.

    Amazon does allow you to log into your Email Service Console and remove email addresses from the Suppression List. You just put in the email address, click Remove, and the address is immediately removed from the list. You have no way to see which email addresses are on the Suppression List, but you can remove any address you want.

    So, in the case of my email failures, I believe what happened was that I tried to email to them before the email creation was complete, resulting in a bounce. Once the email address bounces, it goes on the Supression List. For the next 14 days any email sent via ANY AWS SMTP server (not just mine) would fail. After 14 days (apparently) the email address is removed from the Suppression List until the next bounce is encountered.

    This Amazon software is very new, they actually just announced this Suppression List service in early May. So they may still need to work out a few kinks. This particular issue seems to present a somewhat serious issue for automated senders like ours. After all bounces do occur on occasion for reasons beyond our control.