By envelope-from (whatever @ verified with SES), do you mean the `MAIL FROM` command in SMTP protocol or do you mean the `header FROM` in the email header?
I don't know how `send_raw` work under the hood in Rust, but without a way to set `from` header. how do recipient(say an @gmail.com) address show the original from too?
Did I miss something here? It would be great if somehow the email is forward as it's in so it appear in my inbox and all the information(header) is retain.
> just wrap the original email in an 'envelope'
It would be great if you can help clear my mind on how to do that. Say I got an email as this:
FROM: original-from
DKIM: dkim sign
Return-Path: etc
Other header:
Body of email appear here
How can I use AWS SES to forward that email as-is to my @gmail.com account for example while still keep in the original header intact(so DKIM/DMARC still work. SPF will be break but it's fine for me)
That's really weird though. I'm really curious to see how did you made it work because I want to make it works too.
As I understand, an mail client, like gmail.com web UI, use FROM header to show who send this email(not the MAIL FROM, which apparently is envelop FROM address).
So my questions: without ability to changing the FROM header in email, how can your mail client display original sender? because the original sender is outside of your domain.
So I have a domain: `acme.com`. Someone, let's say from OJFord@gmail.com send an email to `acme.com`. And I want it to forward to kureikain@gmail.com using AWS SES? But obviously, and I can confirm by trying `smtp.send_raw`, I can only set "FROM: "header to a verified address. But in my case, the "From" is "OJford@gmail.com"...
> As I understand, an mail client, like gmail.com web UI, use FROM header to show who send this email(not the MAIL FROM, which apparently is envelop FROM address).
Correct.
> So my questions: without ability to changing the FROM header in email, how can your mail client display original sender? because the original sender is outside of your domain.
We don't need to change it? We leave FROM exactly as it is on the original email (if we change anything DKIM will fail, since the signature won't match).
Conceptually it's like receiving a secret sealed letter with anti-tampering mechanisms built in, leaving it alone, putting the whole thing in your own envelope and sending it on to the intended recipient who will check the anti-tampering mechanisms.
At the SMTP level I believe the way this works is you connect, say you have MAIL FROM yourself, the relayer, that is RCPT TO your destination Gmail address. After that the entire headers and contents are exactly as received to SES.
> I can only set "FROM: "header to a verified address.
That's not the case, you only need to verify the 'envelope' MAIL FROM address, e.g. relayer@acme.com
> Also, I think MAIL FROM/RCPT TO(Envelop header) rarely being used to show on a mail client.
Yes that's right, but that's what I want. In 'normal' use it looks the same in the client as if the original email had been sent straight there (i.e. in your example, your Gmail set-up to receive for acme.com). If you want to though most clients (incl. Gmail 3 time I used it) do have a menu option somewhere to show you the full raw email, or just the headers, which is helpful for debugging.
> I really hope to make it works. So anyone can send email to my domain, and I can retain their original FROM. like the example above.
Yes, that's exactly how I use it. SES receives for acme.com, dumps the raw email into S3, triggers Lambda. Lambda connects to Gmail (in your case) SMTP server, says it has mail from something-arbitrary@acme.com for kureikain@gmail.com; and then sends the email on from S3.
Are you trying to implement it at SMTP level yourself, or using some lib? I used 'lettre' (rust), and to be honest I haven't checked exactly what commands it sends, so for all I know there could be more to it, a 'I am sending on behalf of someone else' or something.
I don't know how `send_raw` work under the hood in Rust, but without a way to set `from` header. how do recipient(say an @gmail.com) address show the original from too?
Did I miss something here? It would be great if somehow the email is forward as it's in so it appear in my inbox and all the information(header) is retain.
> just wrap the original email in an 'envelope'
It would be great if you can help clear my mind on how to do that. Say I got an email as this:
How can I use AWS SES to forward that email as-is to my @gmail.com account for example while still keep in the original header intact(so DKIM/DMARC still work. SPF will be break but it's fine for me)