Verify email "from" address using AWS/SES

Question

I'm setting up an email service with AWS SES (Simple Email Service).

When SES receives an email sent to, e.g. launch.nukes@my-domain.com, it will perform some action.

To prevent anyone from triggering the action, I check the from address is a known user.

However, anyone could create their own email server and send emails using a fake from account.

Is there anyway that I can verify that the from address is actually a known user? If not, what work arounds might exist?

Note: the actual action taken will be to forward the received email to a list of many other people. It doesn't need super secure.

score 0 · Accepted Answer · answered Apr 16 '23 at 10:17

After some more research, here are several approaches I've found

Send a reply email back to the email sender, with a link requesting to confirm the action.
Make the user digitally sign the email.
Check the domain/IP/MX records as per this question.

1 Answers1