Menu
Amazon Simple Email Service
Developer Guide

Using the Command Line to Send Email Through the Amazon SES SMTP Interface

You can use a command line utility to interact directly with the Amazon SES SMTP interface. The command line interface can be helpful for testing purposes or for writing software that must communicate directly using the SMTP protocol.

To protect our customers, all communication with the SMTP interface must take place using TLS (Transport Layer Security). For SMTP command line usage, we recommend that you use OpenSSL. OpenSSL, which is available at https://www.openssl.org, includes a command line utility for communicating over a TLS-secured connection.

Using OpenSSL to Send Email Using Amazon SES

This example shows how to connect to the Amazon SES SMTP endpoint in the US West (Oregon) region and use standard SMTP commands to send an email message. Some of the output in the example is omitted for brevity.

Using TLS Wrapper:

Copy
openssl s_client -crlf -quiet -connect email-smtp.us-west-2.amazonaws.com:465
  • s_client—Specifies that this connection will use TLS (SSL).

  • -crlf—Translates line feed characters (LF) to CR+LF (carriage return and line feed).

  • -quiet—Inhibits printing of session and certificate information. This implicitly turns on -ign_eof as well.

  • -connect—Specifies the SMTP host and port.

After you make the connection using the preceding command, the Amazon SES SMTP interface identifies itself by presenting its certificate chain.

depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
verify return:1
depth=1 C = US, O = Symantec Corporation, OU = Symantec Trust Network, CN = Symantec Class 3 Secure Server CA - G4
verify return:1
depth=0 C = US, ST = Washington, L = Seattle, O = "Amazon.com, Inc.", CN = email-smtp.us-west-2.amazonaws.com
verify return:1
220 email-smtp.amazonaws.com ESMTP SimpleEmailService-2370111491 ndnW7f68410QVBEXAMPLE

You can now use the AUTH LOGIN command to supply your SMTP credentials. You must base64-encode your SMTP username and password. The prompts that the server provides ("Username:" and "Password:") are also base64 encoded, and are preceded by the SMTP response code 334.

Note

To base64-encode a string in Linux or macOS, use the following command, replacing TextToEncode with your SMTP username: echo -n "TextToEncode" | base64

For example, if your SMTP username is c2VzLXNtdHAtdXNlcEXAMPLE and your password is SkFYTVpaM3k0U2paVEYwOFpLEXAMPLE, supply your base64-encoded credentials as follows:

AUTH LOGIN

334 VXNlcm5hbWU6
YzJWekxYTnRkSEF0ZFhObGNFWEFNUExF
334 UGFzc3dvcmQ6
U2tGWVRWcGFNM2swVTJwYVZFWXdPRnBMRVhBTVBMRQ==
235 Authentication successful.

Specify the sender and recipient by using the MAIL FROM and RCPT TO commands. For MAIL FROM, you must use an email address that you have already verified with Amazon SES. For more information about verification, see Verifying Email Addresses and Domains in Amazon SES.

MAIL FROM:sender@example.com

250 Ok

RCPT TO:recipient@example.com
250 Ok

Next, issue the DATA command to specify the email headers and the body of the message. The headers and the body must be separated by at least one blank line. A period (.) on a line by itself signifies the end of the message body.

DATA

354 End data with <CR><LF>.<CR><LF>
Subject:Hello from Amazon SES!

This email was sent using the Amazon SES SMTP interface.
.

When the message has been sent, you will receive a 250 Ok message, followed by a unique message identifier.

250 Ok 0101015e16355562-eed017ac-4c5f-44fc-a912-EXAMPLE756f17-000000

Now that the message has been sent, issue the QUIT command to close the SMTP connection.

QUIT

221 Bye
closed

Note

To learn more about the commands that can be issued in an SMTP conversation, see RFC5321 from the Internet Engineering Task Force.