The biggest problem with sending email from AWS EC2 instances is that -sooner or later- your instance’s IP will be added to a blacklist. It doesn’t matter how secure your MTA is. It doesn’t matter if it’s not reachable from the internet. And it doesn’t matter if you are not sending spam at all.
Sooner or later one of your neighbors using an IP on the same IP range your instance is, will send spam, Then one of the blacklists (such as Trendmicro’s) will add the whole range as spam sender.
In theory you could try setting up rDNS but that’s not always a warranty of staying out of the lists. And obviously what AWS recommends is using (and paying) Simple Email Service or SES. It’s pretty easy to setup and pretty easy to use (you can setup IAM accounts to use SMTP).
For some services the configuration will be easy: add the SES endpoint as SMTP server hostname, enable SSL, select TCP port 465, add your credentials, and ready to go.
But how to do it for Nagios or Icinga (version 1)? (more…)