Symfony Swiftmailer - AWS SES credentials do not work if special characters in credentials

Question

I am sending email through Symfony Swiftmailer with AWS SES. This works fine.

I have a 2nd application on the same server where I want to create a 2nd set of credentials for the purpose of limitation of risks. Ie. we had the credentials leaked before and if that happens I only want 1 application to be affected.

For my first application my credentials work fine, but the secret key is peculiar in that it only contains alphabet characters. My 2nd set of credentials contains "/" and "+".

I've been on a call with AWS support who have shown me that I can send email with

  openssl s_client -crlf -quiet -starttls smtp -connect email-smtp.ap-southeast-2.amazonaws.com:587 < SMTP.txt

where SMTP.txt contains base64 encoded credentials (this method )

Do I need to encode my credentials in my .env file?

Answer 1

The documentation on Swift Mailer warns you about special characters:

If the username, password or host contain any character considered special in a URI (such as +, @, $, #, /, :, *, !), you must encode them. See RFC 3986 for the full list of reserved characters or use the urlencode function to encode them.

Execute a command looking like this to get the encoded password

<?php
    $plainpwd = "...Your password...";
    echo urlencode($plainpwd);
?>

and use it in your .env configuration. For example,

MAILER_URL=smtp://email-smtp.us-east-1.amazonaws.com:587?encryption=tls&username=YOUR_SES_USERNAME&password=YOUR_ENCODED_SES_PASSWORD