I have a script that is trying to send an email by connecting to the SMTP server of AWS & sending an email (it is not using the SDK - I didn't write it initially). I have 2 Cloud9 boxes. 1 of these boxes (A) can connect to the SMTP & send emails with SES just fine. The other box (B) cannot connect to the SMTP at all & will timeout with a telnet
.
These boxes are in different VPCs. Box A is in a Sandbox VPC & Box B is in the Production VPC. Both boxes are in public subnets. The routing table for Box A is:
& the routing table for Box B is:
The difference being that local is routed to a different range of private IPs & that the latter route table has a peering connection.
Both boxes have a default Cloud9 SG which is to allow all outbound IPv4 traffic & only SSH traffic in.
The result of doing an nslookup
in Box A is:
& Box B is:
So I am not sure why Box A resolves the SMTP to a public IP but Box B resolves it to be a private IP
You may have an SES private endpoint configured in the Box B's VPC. If so, make sure that you read this doc carefully, and especially ensure that the endpoint's security group is allowing adequate access https://docs.aws.amazon.com/ses/latest/dg/send-email-set-up-vpc-endpoints.html