Lambda function examples - Amazon Simple Email Service

Lambda function examples

This topic contains examples of Lambda functions that control mail flow.

Example 1: Drop spam

This example stops processing messages that have at least one spam indicator.

exports.handler = function(event, context, callback) { console.log('Spam filter'); var sesNotification = event.Records[0].ses; console.log("SES Notification:\n", JSON.stringify(sesNotification, null, 2)); // Check if any spam check failed if (sesNotification.receipt.spfVerdict.status === 'FAIL' || sesNotification.receipt.dkimVerdict.status === 'FAIL' || sesNotification.receipt.spamVerdict.status === 'FAIL' || sesNotification.receipt.virusVerdict.status === 'FAIL') { console.log('Dropping spam'); // Stop processing rule set, dropping message callback(null, {'disposition':'STOP_RULE_SET'}); } else { callback(null, null); } };

Example 2: Continue if a particular header is found

This example continues processing the current rule only if the email contains a specific header value.

exports.handler = function(event, context, callback) { console.log('Header matcher'); var sesNotification = event.Records[0].ses; console.log("SES Notification:\n", JSON.stringify(sesNotification, null, 2)); // Iterate over the headers for (var index in sesNotification.mail.headers) { var header = sesNotification.mail.headers[index]; // Examine the header values if ( === 'X-Header' && header.value === 'X-Value') { console.log('Found header with value.'); callback(null, null); return; } } // Stop processing the rule if the header value wasn't found callback(null, {'disposition':'STOP_RULE'}); };

Example 3: Retrieve email from Amazon S3

This example gets the raw email from Amazon S3 and processes it.


You must first write the email to Amazon S3 using an S3 Action.

var AWS = require('aws-sdk'); var s3 = new AWS.S3(); var bucketName = '<YOUR BUCKET GOES HERE>'; exports.handler = function(event, context, callback) { console.log('Process email'); var sesNotification = event.Records[0].ses; console.log("SES Notification:\n", JSON.stringify(sesNotification, null, 2)); // Retrieve the email from your bucket s3.getObject({ Bucket: bucketName, Key: sesNotification.mail.messageId }, function(err, data) { if (err) { console.log(err, err.stack); callback(err); } else { console.log("Raw email:\n" + data.Body); // Custom email processing goes here callback(null, null); } }); };

Example 4: Bounce messages that fail DMARC authentication

This examples sends a bounce message if an incoming email fails DMARC authentication.


When using this example, set the value of the emailDomain environment variable to your email receiving domain.

'use strict'; const AWS = require('aws-sdk'); // Assign the emailDomain environment variable to a constant. const emailDomain = process.env.emailDomain; exports.handler = (event, context, callback) => { console.log('Spam filter starting'); const sesNotification = event.Records[0].ses; const messageId = sesNotification.mail.messageId; const receipt = sesNotification.receipt; console.log('Processing message:', messageId); // If DMARC verdict is FAIL and the sending domain's policy is REJECT // (p=reject), bounce the email. if (receipt.dmarcVerdict.status === 'FAIL' && receipt.dmarcPolicy.status === 'REJECT') { // The values that make up the body of the bounce message. const sendBounceParams = { BounceSender: `mailer-daemon@${emailDomain}`, OriginalMessageId: messageId, MessageDsn: { ReportingMta: `dns; ${emailDomain}`, ArrivalDate: new Date(), ExtensionFields: [], }, // Include custom text explaining why the email was bounced. Explanation: "Unauthenticated email is not accepted due to the sending domain's DMARC policy.", BouncedRecipientInfoList: => ({ Recipient: recipient, // Bounce with 550 5.6.1 Message content rejected BounceType: 'ContentRejected', })), }; console.log('Bouncing message with parameters:'); console.log(JSON.stringify(sendBounceParams, null, 2)); // Try to send the bounce. new AWS.SES().sendBounce(sendBounceParams, (err, data) => { // If something goes wrong, log the issue. if (err) { console.log(`An error occurred while sending bounce for message: ${messageId}`, err); callback(err); // Otherwise, log the message ID for the bounce email. } else { console.log(`Bounce for message ${messageId} sent, bounce message ID: ${data.MessageId}`); // Stop processing additional receipt rules in the rule set. callback(null, { disposition: 'stop_rule_set', }); } }); // If the DMARC verdict is anything else (PASS, QUARANTINE or GRAY), accept // the message and process remaining receipt rules in the rule set. } else { console.log('Accepting message:', messageId); callback(); } };