February 10, 2021

Using Amazon SES with Node.js

Prabhsimran Singhprabhsimran

DURATION

19min

What is Amazon SES?

As the name and the one-liner under it says, Amazon SES is for receiving and sending emails. We will cover the sending part of it in this article.

There was an age when we used to spend so much time and resources setting up our SMTP servers for sending that one congratulatory email to the user who newly signed up to our website. AWS’ SES makes it all simple (relatively).

Benefits

Saved resources and no developer’s time wasted in setting up that SMTP server which is used only when the user forgets the password for their account.
No hundred lines of code to call your SMTP server.
Fast and simple!

Steps

Set up SES/ verify email
Set up credentials
Set up your email application.
Move out of Sandbox.
Use your own domain (optional).

Setup SES/ Verify Your Email

Set up SES on your AWS account.

E8UQavv

Log in to your AWS account at aws.amazon.com or create one if you haven’t yet.
ii. Search for Simple Email Service in your preferred AWS region (normally the one near to you or your user base).
iii. On the SES homepage, click on the “Email Addresses” option from the sidebar on the left.
Add the email you want to use for sending an email. You will receive an email from no-reply-aws@amazon.com to verify the email. Click on the URL in the mail to verify (your verified email address will be used as the ‘from’ address for the emails you send using AWS-SES).

NObuohw

9mj6o0T

Set Up Credentials

To allow AWS-SDK to send emails on your behalf, we need to create credentials.

On the top right corner of AWS Console, open the accounts menu and click on ‘My Security Credentials’. On the page that opened, go to access keys (access key ID and secret access key) and click on ‘Create New Access Key’.

4IKdLWj

Download the KeyFile or save the Access Key ID and Secret.
We need to set these credentials in our machine for the AWS-SDK to use.
- In your user home directory create a folder named aws
- Create a file named credentials
- Paste the access key and secret to the file (the one we created in the previous step).

[default]

1
2
aws_access_key_id = AKISQJEUHDSBQNDKO
aws_secret_access_key = 456789 ijhVFGTYHji987yTGFR % TY & ^ YTGHJH

Your new credentials file will look something like this👆

Don’t worry! These are dummy credentials ✌️

[default] : is a tag for the pair of credentials. We can save multiple credentials in the same file and use the tags to differentiate. AWS-SDK will use the credentials with the default tag if nothing is specified in your code.

Set Up Your Email Application

Initialize a node.js app with npm init -y in a folder or npm init and enter all the required details.
Create the main file named index.js as mentioned in our package.json which was created with the help of npm init .
Install AWS-SDK which calls the email service on our behalf. Write yarn add aws-sdk or npm install aws-sdk –save in the command line.
import aws-sdk in your index.js (main) file.
const AWS = require(‘aws-sdk’);

Set region for your AWS- SES service. (for example, I verified by email in the N. Virginia region) → (us-east-1).

AWS.config.update({ region: ‘us-east-1’ });
Set credentials for your AWS-SDK to use.

1
2
3
4
var credentials = new AWS.SharedIniFileCredentials({
  profile: ‘work - account’
});
AWS.config.credentials = credentials;

In our case, we are using the credentials for the default tag. Hence, we are skipping the above step.

Set up your message, from-address, to-address, subject, etc., in params object, which will look something like this 👇

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
let params = {
  Destination: {
    /* required */
    ToAddresses: [email, /* more items */ ]
  },
  Message: {
    /* required */
    Body: {
      /* required */
      Html: {
        Charset: "UTF-8",
        Data: `<h3>Hi $\{name\}!</h3><br/>
<p>Your OTP for Something Something Service Hub is:<em> $\{otp\}</em>
</p><br/>
<p>Regards,<br/>
Something Something Service Hub Team</p>
`
      },
      Text: {
        Charset: "UTF-8",
        Data: `Hi  $\{name\}!Your Login OTP is $\{otp\}`
      }
    },
    Subject: {
      Charset: 'UTF-8',
      Data: `$\{otp\} is the  OTP for Something Something Service Hub!`
    }
  },
  Source: fromEmail,
  /* required */
  ReplyToAddresses: [fromEmail, /* more items */ ],
};

We can write either HTML or text in the body. HTML has higher precedence amongst the two.

Call SES service using AWS.SES package and pass the parameters.

1
2
3
4
5
var sendPromise = new AWS.SES({
    apiVersion: ‘2010– 12– 01’
  })
  .sendEmail(params)
  .promise();

Capture the response.

1
2
3
4
5
6
7
8
sendPromise.then(
    function (data) {
      console.log(data.MessageId);
    })
  .catch(
    function (err) {
      console.error(err, err.stack);
    });

Problem!!

Yeah! I know I didn’t talk about it earlier. Although we have done everything correctly, there’s one problem we didn’t talk about. SES only allows you to send emails to verified email accounts. What does that mean? Well….I verified our email, we can send as many emails to that address as we want, but not somewhere else.

Solution??

SES assigns us a Sandbox’d email account service which only sends the email to our verified email addresses. But why? All I need is an email service to generate a login OTP and send it.

With great power comes great responsibility — Someone from
Marvel Comics

bzdH3op

Why this? Well… all you need to do is remember the unread email count on your Gmail box which is growing day-by-day because of all the spam you receive. AWS doesn’t want people to use it as a spam generator. Then, what should be done?

Move Out of the Sandbox

In SES Console, go to ‘Sending Statistics’ on the menu on the left.
You’ll see you have a Sandbox account with an info-box mentioning the same. Click on “Edit your account details”.
Fill out the details required, your use case, etc.

W7beydr

Once you fill in all the details, submit your application for review, wait for a few hours for the team to respond and approve your request, and you are good to go.
But wait! No hurries! We know we got the approval, but that doesn’t mean we can use this for any kind of email we want to send. SES has a dashboard called, “Reputation Dashboard”, which keeps track of all the stats related to your email delivery and complaints. Do take care of it and avoid generating any spam.

KyBtTZx

pE3bLPo

Now you can send emails to your application users.

Problem?

Another problem! Who trusts an OTP email sent from some random and very common domain, Gmail, Yahoo mail, etc.?

Use Your Own Domain (Optional)

Purchase a domain from Amazon Registry using Amazon S3.
Go back to AWS-SES now and click on ‘Domains’ from the menu on the left.
Click on ‘Verify a New Domain’, follow the steps.
Done.

Now you can write any email address with @yourdomain.com as the from email in your application.

You can check out the codebase for this at github.com/psharneja.

Note: Using AWS-SDK is not the only way of using SES Service. SES supports SMTP options as well as REST.

We used shared credentials to authenticate. AWS gives us many other options. You can check those at docs.aws.

You can add Cc & Bcc address to your email. You can also use callbacks instead of using promise.

Until next time! Bye!

Chat on Discord