I've got SES set up, MX record set at GoDaddy, the domain verified, an S3 bucket is set up with proper write permissions, and a valid enabled receipt rule. And all the emails are bouncing if they are sent from Gmail account with the following message: 'The MX host does not match any MX allowed by the STS policy.' Emails sent from Yahoo mail, SendGrid etc. are coming through without any issues. What could be a reason for that?
Asked
Active
Viewed 527 times
1
-
Is it this STS? https://support.google.com/a/answer/9276511?hl=en – Petr Chloupek Dec 26 '20 at 21:44
-
Most likely, but the problem is that we do not have physical email server running at that domain to host the STS policy file. Domain has MX record pointing to AWS SES and we process emails at AWS. – Pandu Gupta Dec 27 '20 at 01:50
-
Aha. If I understand it correctly - can you put the policy to an S3 bucket with a DNS CNAME for it? That could be serverless-enough approach without too much hassle. I think all the other conditions can be met. – Petr Chloupek Dec 28 '20 at 11:53
-
1Strangely enough just adding MTA-STS version and id as TXT without actually providing the policy file itself fixed the issue. Go figure... – Pandu Gupta Dec 29 '20 at 22:46