It looks like you're new here. If you want to get involved, click one of these buttons!
I've searched the forums and unfortunately I think I've covered all the bases. I'm using the same exact credentials in the app I wrote. It would be helpful if there was a page in Sendy for debugging the response from SES. It looks like my credentials are being used just fine since it's pulling the right stats about my quota. My email is verified and is a simple email@example.com, all lowercase.
I put a print_r($rest) after the call to SES in ses.php for ListIndentities. The result:
stdClass Object ( [error] => Array ( [curl] => [Error] => Array ( [Type] => Sender [Code] => AccessDenied [Message] => User: arn:aws:iam::xxxxxxxxxxxxxxxx:user/xxxxx.dev is not authorized to perform: ses:ListIdentities ) [RequestId] => 026daf5c-b9c3-11e2-8737-2f28b5576cca ) [code] => 403 )
Now I'm reminded that I'm using a lower privileged user. I think it's useful for you to also return the raw response from AWS. Maybe a Detail link in the error message that when clicked can show what AWS thinks the problem is (the raw response). I think you may be rolling up errors.
It may also be sufficient for you to add a setting so that Power users can say, yes this account is verified; ListIdentities is a security hole for production use.
Maybe you can override this in config.php as well. My quick fix was to manually add my sender inside of the ListIndentities which is an uber bad short term fix since I had to suppress the error logging and return of false in the method. .Thoughts?
Eh, to be on the safe side I just relaxed my permissions for SES. I can't tell what other calls you are leveraging without seeing the full source. Mail was delivered after that.
Are you using IAM for AWS creds?
Yes. Changed specific actions to just ses:*
Ok. Did you attach user policy for full ses and sns access like so: