554 Message rejected error

When calling the endpoint /passwordless/start, I see on the logs that Code/Link Sent is sent successfully but Failed Sending Notification type, failed with:

Message failed: 554 Message rejected: Email address is not verified. The following identities failed the check in region US-WEST-2: root@auth0.com, <MY_APPLLICATION> <root@auth0.com>

And I’m not able to get the email with the link. Also, not sure why could be working when triggering from the Email Templates try button and not from the API.

Thanks!

1 Like

Hi @gotarola,

Welcome and thank you for posting in the Auth0 Community!

Are you using SES? If you say that it is triggering from the dashboard, do you get the email with the link?

Have you made sure that the From address that you have configured in Auth0 is verified in SES?

1 Like

Hi @lily.wisecarver,

Are you using SES?

Yes.

If you say that it is triggering from the dashboard, do you get the email with the link?

Yes, I’m able to get the email with the link, and the logs looks ok

Have you made sure that the From address that you have configured in Auth0 is verified in SES?

Yes, the From address is verified (AWS SES screenshot)

And still seeing Failed Sending Notification with the same error message already posted:

1 Like

Hi @gotarola,

I did a little bit more research on this.

The error message is originating from AWS SES. This happens if you are using AWS SES sandbox. According to AWS documentation:

Email address is not verified. The following identities failed the check in region region : identity1 , identity2 , identity3 —You are trying to send email from an email address or domain that you have not verified with Amazon SES. This error could apply to the “From”, “Source”, “Sender”, or “Return-Path” address. If your account is still in the Amazon SES sandbox, you also must verify every recipient email address except for the recipients provided by the Amazon SES mailbox simulator. If Amazon SES is not able to show all of the failed identities, the error message ends with an ellipsis. https://docs.aws.amazon.com/ses/latest/DeveloperGuide/ses-errors.html

In the background, Auth0 just makes API calls to the SES endpoint to send email through custom email provider configuration. Auth0 does not check the email domain is verified or not. Then, if SES endpoints return an error, Auth0 just logs the message. As far as I know, moving from sandbox should solve the issue.

To avoid this, you need to contact AWS support and request to move your SES provider from sandbox.

1 Like

Hi @lily.wisecarver,

Thanks for the response but we already checked if we are using AWS SES sandbox, and we don’t, AWS SES Production Access is already enabled:

Screen Shot 2021-01-27 at 15.47.20

Something that is still confusing for me is the error message that says:

Email address is not verified. The following identities failed the check in region US-WEST-2: root@auth0.com, MY_APPLICATION_NAME <root@auth0.com>

why it is trying with root@auth0.com? should not be the from address that we set on email template section?

@lily.wisecarver The issue is already resolved.

I was setting the email template and from address just in Emails > Email Template and those weren’t set on Connections > Passwordless > Email > Settings.

Anyways, thanks for the help!

2 Likes

Glad you have found it and it’s working now!

1 Like