I'm running the postfix mail server on my AWS box. My domain is mydomain.com.
I have set up virtual mapping such that emails sent myuser@mydomain.com should be forwarded to target-user@gmail.com.com.
I have used Amazon SES to verify certain email addresses. When emails from those verified addresses are sent to myuser@mydomain.com, it properly forwards them to target-user@gmail.com.com. However, when emails from non-verified addresses try to do the same, it fails. It fails even though I have been granted production access to Amazon SES.
Below are the logs from my postfix during this failure. You can clearly it says Message rejected: Email address is not verified. Why? And how can this be resolved?
Oct 24 01:25:49 ip-172-XX-XX-XX postfix/smtpd[20215]: connect from mail-yh0-f50.google.com[209.85.213.50]
Oct 24 01:25:49 ip-172-XX-XX-XX postfix/smtpd[20215]: CCC61FA93: client=mail-yh0-f50.google.com[209.85.213.50]
Oct 24 01:25:49 ip-172-XX-XX-XX postfix/cleanup[20236]: CCC61FA93: message-id=<CAN+z9YGrkNunh9ueJ-i=9eNpV5QAK97Z9muVHATfACbG7gWgYw@mail.gmail.com>
Oct 24 01:25:49 ip-172-XX-XX-XX postfix/qmgr[20120]: CCC61FA93: from=<random@gmail.com>, size=2295, nrcpt=1 (queue active)
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/smtpd[20215]: disconnect from mail-yh0-f50.google.com[209.85.213.50]
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/smtp[20237]: CCC61FA93: to=<target-user@gmail.com>, orig_to=<myuser@mydomain.com>, relay=ses-smtp-us-west-2-prod-14896026.us-west-2.elb.amazonaws.com[54.69.13.41]:25, delay=0.47, delays=0.21/0.01/0.12/0.13, dsn=5.0.0, status=bounced (host ses-smtp-us-west-2-prod-14896026.us-west-2.elb.amazonaws.com[54.69.13.41] said: 554 Message rejected: Email address is not verified. (in reply to end of DATA command))
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/cleanup[20236]: 3D156FA95: message-id=<20141024012550.3D156FA95@mydomain.com>
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/qmgr[20120]: 3D156FA95: from=<>, size=4332, nrcpt=1 (queue active)
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/bounce[20238]: CCC61FA93: sender non-delivery notification: 3D156FA95
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/qmgr[20120]: CCC61FA93: removed
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/smtp[20237]: 3D156FA95: to=<random@gmail.com>, relay=ses-smtp-us-west-2-prod-14896026.us-west-2.elb.amazonaws.com[54.187.176.120]:25, delay=0.11, delays=0/0/0.1/0, dsn=5.0.0, status=bounced (host ses-smtp-us-west-2-prod-14896026.us-west-2.elb.amazonaws.com[54.187.176.120] said: 501 Invalid MAIL FROM address provided (in reply to MAIL FROM command))
Oct 24 01:25:50 ip-172-XX-XX-XX postfix/qmgr[20120]: 3D156FA95: removed
Best Answer
Production SES access doesn't give you unrestricted ability to send mail from any address. It only raises limits on the number of e-mails you can send, etc., as per Limits in Amazon SES.
Maybe you were confused by this page, which states "Emails can be sent only from verified email addresses or domains." This is also true for Production SES access; maybe it wasn't in the past. See the "Sender and Recipient Limits" section of Limits in Amazon SES.