Question:
We have recently got an email from Amazon.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
Hello, Amazon Web Services currently supports Amazon SES API requests that are signed using Signature Version 3 and Signature Version 4 processes. Signature Version 4 further enhances the security around authentication and authorization of Amazon SES customers by using a signing key instead of your secret access key. To improve the security for our customers, beginning October 1, 2020, Amazon Signature Version 3 will be turned off (deprecated) in Amazon SES in favor of Signature Version 4. Amazon SES customers who are still using Signature Version 3 must migrate to Signature Version 4 by September 30, 2020. After that, Amazon SES will only accept requests that are signed using Signature Version 4. For more information, see Signature Version 4 signing process [1]. What Happens if I Don't Make Updates? Requests signed with Signature Version 3 that are made after September 30, 2020 will fail to authenticate with Amazon SES. Requesters will see errors stating that the request must be signed with Signature Version 4. References: [1] https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Sincerely, Amazon Web Services Amazon Web Services, Inc. is a subsidiary of Amazon.com, Inc. Amazon.com is a registered trademark of Amazon.com, Inc. This message was produced and distributed by Amazon Web Services Inc., 410 Terry Ave. North, Seattle, WA 98109-5210 |
We have several PHP Codeigniter applications where we use Amazon SES SMTP credentials to send email. we don’t use AWS Access Key & Secret Key to send email. So I assume this migration to Signature Version 4 wont affect on our application. Can anyone assure me that if my assumption is correct ?
Answer:
If you’re using SMTP to send emails using SES, sigv4 shouldn’t affect you, it’s only for sendemail or sendrawemail api calls.