SES Malware Scanning Should Be Enabled
More Info:
Ensure SES malware scanning is enabledRisk Level
LowAddresses
SecurityCompliance Standards
CBPTriage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration of enabling malware scanning for AWS SES using the AWS console, follow these step-by-step instructions:
-
Sign in to the AWS Management Console:
- Go to https://aws.amazon.com/ and sign in to the AWS Management Console using your credentials.
-
Navigate to the Amazon SES Console:
- In the AWS Management Console, search for “SES” in the search bar or navigate to the “Services” dropdown menu and select “Simple Email Service” under the “Messaging” category.
-
Enable Malware Scanning:
- In the Amazon SES console, click on the “Configuration Sets” option in the left-hand menu.
- Select the configuration set that you want to enable malware scanning for, or create a new configuration set if needed.
- Click on the “Edit” button next to the configuration set.
-
Configure Malware Scanning:
- In the configuration set settings, scroll down to the “Email Sending” section.
- Look for the “Enable virus scanning” option and make sure it is toggled on.
- You can also configure other settings related to malware scanning such as the action to take when malware is detected.
-
Save Changes:
- Once you have enabled malware scanning and configured the settings, click on the “Save” or “Update” button to apply the changes to the configuration set.
-
Test the Configuration:
- To ensure that malware scanning is working correctly, send a test email that contains a known malware attachment or content.
- Check the SES logs or notifications to verify that the malware scanning feature is detecting and handling the malware appropriately.
Using CLI
Using CLI
To remediate the misconfiguration of enabling malware scanning for AWS SES using AWS CLI, follow these step-by-step instructions:Replace Ensure that the
- Open your terminal or command prompt.
- Run the following AWS CLI command to enable malware scanning for AWS SES:
YOUR_CONFIGURATION_SET_NAME with the name of your SES configuration set.- Verify that the malware scanning has been enabled successfully by running the following command:
Enabled and ScanEnabled parameters are set to true.By following these steps, you have successfully enabled malware scanning for AWS SES using AWS CLI.Using Python
Using Python
To remediate the misconfiguration of not having SES Malware Scanning enabled in AWS using Python, you can follow these steps:
-
Import the AWS SDK for Python (Boto3) by running the following command:
- Use the following Python script to enable Malware Scanning for AWS SES:
- Run the Python script to enable Malware Scanning for AWS SES. Make sure you have the necessary IAM permissions to perform this action.