kolodiy
commented
3 years ago @markstos can you please look into this? It may affect lots of users soon, including us, so would be great to have this fix as soon as possible.
Closed henhan closed 3 years ago
kolodiy
commented
3 years ago @markstos can you please look into this? It may affect lots of users soon, including us, so would be great to have this fix as soon as possible.
markstos
commented
3 years ago Thanks for the report and the PR. I ddid a quick search on the topic and didn't find an official post about this. Is there a public URL you can link to which discusses this change?
kolodiy
commented
3 years ago @markstos I also did not found any public info regarding this change, just can confirm that received the same email and notification in personal health dashboard.
There are also two links mentioned there: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/using-ses-api-authentication.html https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html
markstos
commented
3 years ago Thanks. I'll check my dashboard and possibly confirm with Premium Support as well.
markstos
commented
3 years ago I found it in my Personal Health Dashboard. I'll merge and release.
kolodiy
commented
3 years ago @markstos thanks a lot for the quick reply!
markstos
commented
3 years ago Published in 3.0.3.
Received the following from AWS which caused me to create this PR:
"SES is working on an infrastructure upgrade with improved security controls. As part of this improvement, we monitored SIGv4 requests and determined that our Simple Email Service endpoints are currently receiving SIGv4 requests using the Connection header from your AWS account. Please note that SIGv4 signed requests using this header will start to fail progressively after 10/29 and you will be required to remove this header from signed headers."