Why Route Amazon SES Emails to a Webhook?
Amazon SES is a scalable cloud email service used for sending and receiving transactional and marketing email within the AWS ecosystem. While Amazon SES is a capable email platform, its native tooling for programmatic automation was not built for developers who need structured, reliable data delivery to backend systems.
The native approach — SES Receipt Rules + SNS — introduces significant operational overhead. You need to manage credentials, poll or maintain persistent connections, and write custom parsing logic for every message field you care about. When your team is moving fast, that friction adds up to hours of maintenance per integration.
JsonHook eliminates that overhead by accepting inbound mail on your behalf and immediately firing a structured JSON payload to any HTTPS endpoint you specify. The email is parsed, attachments are base64-encoded, and headers are normalised — so your webhook handler can focus entirely on business logic rather than MIME parsing.
Below are the core benefits of routing your Amazon SES messages through JsonHook instead of relying on the native alternative:
- Limitation avoided: SES receipt rule actions deliver raw RFC 2822 MIME via SNS or S3 — your code must parse the full MIME envelope, handle multipart messages, and decode base64 attachments manually.
- Limitation avoided: SNS subscriptions require HTTP endpoint confirmation and do not include retry logic beyond SNS's own delivery policy, which is not configurable per message.
- Limitation avoided: Setting up SES inbound processing requires MX records, a verified sending domain, a receipt rule set, SNS topics, and IAM permissions — significant AWS-specific configuration.
- Zero-polling architecture: JsonHook pushes to your endpoint the moment mail arrives — no long-running background jobs needed.
- Automatic attachment handling: PDFs, images, and other file types are extracted, base64-encoded, and included in the JSON payload with their original MIME type.
- Retry with exponential back-off: If your endpoint is temporarily unavailable, JsonHook retries automatically — something the SES Receipt Rules + SNS does not do natively.
- Webhook signatures for security: Every delivery includes an HMAC-SHA256 signature header so you can verify the payload originated from JsonHook.
Whether you are building a support-ticket ingestion pipeline, a lead-capture workflow, or an automated document processor, JsonHook gives you a consistent, typed interface to Amazon SES messages without the fragility of raw SMTP or polling-based API integrations.
How to Forward Amazon SES to JsonHook
Getting Amazon SES emails delivered to your webhook takes about five minutes. The process has two parts: creating a JsonHook address via the API, and configuring Amazon SES to forward a copy of each incoming message to that address.
- In the AWS Console, open Amazon SES › Email Receiving › Rule Sets and create or edit an active receipt rule set.
- Add a receipt rule for your verified domain and set the Action to Send to S3 or Invoke SNS topic. Alternatively, add an SNS action that publishes to a topic with an HTTP subscription pointing at your JsonHook address.
- For the simplest path, add an Add header action followed by a Bounce or Stop action and an SNS notification action so that each inbound message fires an SNS notification to your JsonHook endpoint.
- Alternatively, configure SES to forward to an email address that itself forwards to your JsonHook inbound address, bypassing SES receipt rules entirely.
Once forwarding is active, every email that arrives in your Amazon SES inbox (or matches your filter) will be relayed to your JsonHook address, parsed, and delivered to your endpoint as a JSON payload within seconds.
You can create your JsonHook inbound address with a single curl command. Replace YOUR_API_KEY with the key from your dashboard and set webhookUrl to your endpoint:
curl -X POST https://jsonhook.com/api/addresses \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"label": "Amazon SES inbound",
"webhookUrl": "https://your-app.example.com/webhooks/email",
"secret": "a-random-signing-secret"
}'The response includes your unique @in.jsonhook.com address. Copy that address and paste it into the forwarding field in your Amazon SES settings. That is all the infrastructure you need to stand up.
Start Receiving Amazon SES Webhooks in 5 Minutes
Free tier: 100 emails/month, 1 address. No credit card required.
Get Free API KeyAmazon SES vs SES Receipt Rules + SNS
When developers first explore email-to-webhook automation they typically discover SES Receipt Rules + SNS — the official programmatic route provided by Amazon Web Services. The table below shows how it compares to using JsonHook as an intermediary.
| Feature | Amazon SES Native (SES Receipt Rules + SNS) | JsonHook |
|---|---|---|
| Structured JSON payload | ✗ | ✓ |
| Attachment parsing | ✗ | ✓ |
| Retry logic | ✗ | ✓ |
| Webhook signatures | ✗ | ✓ |
| Setup time | Hours to days | Under 5 minutes |
The native approach through SES Receipt Rules + SNS requires you to set up OAuth credentials or API keys, maintain a long-running listener or polling job, write your own MIME parser, and implement your own retry queue. Any one of those steps can become a reliability bottleneck in production.
JsonHook handles all of that infrastructure on your behalf. You get a single HTTPS webhook call with a predictable JSON schema every time a Amazon SES email arrives — no polling, no credential rotation, no MIME parsing, and no bespoke retry code to maintain.
JSON Payload Example
When a Amazon SES email is forwarded to your JsonHook address and delivered to your endpoint, the request body looks like the following. All fields are consistently present; optional fields such as htmlBody and attachments are included when the source message contains them.
{
"id": "msg_01j8xkr4p2vn3q7w",
"receivedAt": "2026-03-15T14:32:07.412Z",
"from": {
"name": "Alice Smith",
"address": "[email protected]"
},
"to": [
{
"name": "",
"address": "[email protected]"
}
],
"subject": "Your Amazon SES message subject here",
"textBody": "Plain-text content of the email body.",
"htmlBody": "<div>HTML version of the email body.</div>",
"headers": {
"message-id": "<[email protected]>",
"x-mailer": "Amazon Web Services",
"mime-version": "1.0"
},
"attachments": [
{
"filename": "document.pdf",
"contentType": "application/pdf",
"size": 84234,
"content": "JVBERi0xLjQK..."
}
],
"spf": "pass",
"dkim": "pass"
}The id field is a unique, stable identifier you can use for idempotent processing. The spf and dkim fields reflect the authentication results JsonHook observed when receiving the message, which you can use to enforce additional trust policies in your handler.
Attachment content is standard base64. Decode it with a single call in any language — Buffer.from(att.content, 'base64') in Node.js, base64.b64decode(att.content) in Python, and so on.
Node.js handler for SES emails forwarded through JsonHook:
import express from 'express';
import crypto from 'crypto';
const app = express();
app.use(express.json());
app.post('/webhooks/ses', (req, res) => {
const sig = req.headers['x-jsonhook-signature'] as string;
const raw = JSON.stringify(req.body);
const hmac = crypto.createHmac('sha256', process.env.JSONHOOK_SECRET!);
if (hmac.update(raw).digest('hex') !== sig) {
return res.status(401).send('Invalid signature');
}
const { from, subject, attachments } = req.body;
// Handle SES bounce notifications, replies, etc.
if (subject.startsWith('Delivery Status Notification')) {
// process bounce...
}
console.log(`SES: ${from.address} → ${subject}`);
res.sendStatus(200);
});
app.listen(3000);Common Amazon SES to Webhook Use Cases
Amazon SES is a high-volume transactional and marketing email service used by thousands of applications running on AWS. Its inbound mail processing feature is powerful but requires SNS topic subscriptions, S3 bucket policies, and Lambda function plumbing. JsonHook replaces all of that with a single webhook endpoint.
- Bounce and complaint handling: Forward SES bounce and complaint notification emails to a webhook that automatically suppresses bad addresses in your sending list, keeping your sender reputation healthy.
- Inbound reply threading: SaaS applications that send emails from SES can forward replies to a JsonHook address, enabling a lightweight reply-tracking system without building a full mail server.
- Multi-region alert aggregation: Forwarding SES receipt rule notifications from multiple AWS regions through a single JsonHook address gives you a unified event stream for cross-region monitoring dashboards.
- Customer support auto-responders: When customers reply to SES-sent emails, intercept the replies via webhook to classify intent with an LLM and route them to the correct support queue before a human reviews them.