@wraps.dev/cli 0.1.5 → 0.3.2

package/dist/cli.js

@@ -18,6 +18,24 @@ var init_esm_shims = __esm({
   }
 });
 
+// src/infrastructure/resources/mail-manager.ts
+var mail_manager_exports = {};
+__export(mail_manager_exports, {
+  createMailManagerArchive: () => createMailManagerArchive
+});
+async function createMailManagerArchive(config) {
+  void config;
+  throw new Error(
+    "Mail Manager Archive is not yet supported in Pulumi AWS provider. Email archiving with Mail Manager is coming soon."
+  );
+}
+var init_mail_manager = __esm({
+  "src/infrastructure/resources/mail-manager.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+
 // src/utils/errors.ts
 import * as clack from "@clack/prompts";
 import pc from "picocolors";
@@ -224,11 +242,28 @@ function estimateStorageSize(emailsPerMonth, retention, numEventTypes = 8) {
     "7days": 0.25,
     "30days": 1,
     "90days": 3,
+    "6months": 6,
+    "1year": 12,
+    "18months": 18,
+    indefinite: 120
+    // Assume 10 years for cost estimation
+  }[retention];
+  const totalKB = emailsPerMonth * numEventTypes * (retentionMonths ?? 12) * avgRecordSizeKB;
+  return totalKB / 1024 / 1024;
+}
+function estimateArchiveStorageSize(emailsPerMonth, retention) {
+  const avgEmailSizeKB = 50;
+  const retentionMonths = {
+    "7days": 0.25,
+    "30days": 1,
+    "90days": 3,
+    "6months": 6,
     "1year": 12,
-    indefinite: 24
-    // Assume 2 years for cost estimation
+    "18months": 18,
+    indefinite: 120
+    // Assume 10 years for cost estimation
   }[retention];
-  const totalKB = emailsPerMonth * numEventTypes * retentionMonths * avgRecordSizeKB;
+  const totalKB = emailsPerMonth * (retentionMonths ?? 12) * avgEmailSizeKB;
   return totalKB / 1024 / 1024;
 }
 function calculateEventTrackingCost(config, emailsPerMonth) {
@@ -307,19 +342,35 @@ function calculateDedicatedIpCost(config) {
     description: "Dedicated IP address (requires 100k+ emails/day for warmup)"
   };
 }
+function calculateEmailArchivingCost(config, emailsPerMonth) {
+  if (!config.emailArchiving?.enabled) {
+    return;
+  }
+  const retention = config.emailArchiving.retention;
+  const storageGB = estimateArchiveStorageSize(emailsPerMonth, retention);
+  const monthlyDataGB = emailsPerMonth * 50 / 1024 / 1024;
+  const ingestionCost = monthlyDataGB * AWS_PRICING.MAIL_MANAGER_INGESTION_PER_GB;
+  const storageCost = storageGB * AWS_PRICING.MAIL_MANAGER_STORAGE_PER_GB;
+  return {
+    monthly: ingestionCost + storageCost,
+    description: `Email archiving (${retention}, ~${storageGB.toFixed(2)} GB at steady-state)`
+  };
+}
 function calculateCosts(config, emailsPerMonth = 1e4) {
   const tracking = calculateTrackingCost(config);
   const reputationMetrics = calculateReputationMetricsCost(config);
   const eventTracking = calculateEventTrackingCost(config, emailsPerMonth);
   const dynamoDBHistory = calculateDynamoDBCost(config, emailsPerMonth);
+  const emailArchiving = calculateEmailArchivingCost(config, emailsPerMonth);
   const dedicatedIp = calculateDedicatedIpCost(config);
   const sesEmailCost = Math.max(0, emailsPerMonth - FREE_TIER.SES_EMAILS) * AWS_PRICING.SES_PER_EMAIL;
-  const totalMonthlyCost = sesEmailCost + (tracking?.monthly || 0) + (reputationMetrics?.monthly || 0) + (eventTracking?.monthly || 0) + (dynamoDBHistory?.monthly || 0) + (dedicatedIp?.monthly || 0);
+  const totalMonthlyCost = sesEmailCost + (tracking?.monthly || 0) + (reputationMetrics?.monthly || 0) + (eventTracking?.monthly || 0) + (dynamoDBHistory?.monthly || 0) + (emailArchiving?.monthly || 0) + (dedicatedIp?.monthly || 0);
   return {
     tracking,
     reputationMetrics,
     eventTracking,
     dynamoDBHistory,
+    emailArchiving,
     dedicatedIp,
     total: {
       monthly: totalMonthlyCost,
@@ -366,6 +417,11 @@ function getCostSummary(config, emailsPerMonth = 1e4) {
       `  - ${costs.dynamoDBHistory.description}: ${formatCost(costs.dynamoDBHistory.monthly)}`
     );
   }
+  if (costs.emailArchiving) {
+    lines.push(
+      `  - ${costs.emailArchiving.description}: ${formatCost(costs.emailArchiving.monthly)}`
+    );
+  }
   if (costs.dedicatedIp) {
     lines.push(
       `  - ${costs.dedicatedIp.description}: ${formatCost(costs.dedicatedIp.monthly)}`
@@ -408,8 +464,13 @@ var init_costs = __esm({
       // CloudWatch pricing
       CLOUDWATCH_LOGS_PER_GB: 0.5,
       // $0.50 per GB ingested
-      CLOUDWATCH_LOGS_STORAGE_PER_GB: 0.03
+      CLOUDWATCH_LOGS_STORAGE_PER_GB: 0.03,
       // $0.03 per GB-month
+      // SES Mail Manager Archiving
+      MAIL_MANAGER_INGESTION_PER_GB: 2,
+      // $2.00 per GB ingested
+      MAIL_MANAGER_STORAGE_PER_GB: 0.19
+      // $0.19 per GB-month
     };
     FREE_TIER = {
       // SES: 3,000 emails/month for first 12 months (new AWS accounts only)
@@ -487,7 +548,8 @@ function getPresetInfo(preset) {
       features: [
         "Open & click tracking",
         "TLS encryption required",
-        "Automatic bounce/complaint suppression"
+        "Automatic bounce/complaint suppression",
+        "Optional: Email archiving (full content storage)"
       ]
     },
     production: {
@@ -500,6 +562,7 @@ function getPresetInfo(preset) {
         "Reputation metrics dashboard",
         "Real-time event tracking (EventBridge)",
         "90-day email history storage",
+        "Optional: Email archiving with rendered viewer",
         "Complete event visibility"
       ]
     },
@@ -512,6 +575,7 @@ function getPresetInfo(preset) {
         "Everything in Production",
         "Dedicated IP address",
         "1-year email history",
+        "Optional: 1-year+ email archiving",
         "All event types tracked",
         "Priority support eligibility"
       ]
@@ -594,6 +658,11 @@ var init_presets = __esm({
       eventTracking: {
         enabled: false
       },
+      // Email archiving disabled by default
+      emailArchiving: {
+        enabled: false,
+        retention: "30days"
+      },
       sendingEnabled: true
     };
     PRODUCTION_PRESET = {
@@ -624,6 +693,12 @@ var init_presets = __esm({
         dynamoDBHistory: true,
         archiveRetention: "90days"
       },
+      // Email archiving with 90-day retention
+      emailArchiving: {
+        enabled: false,
+        // User can opt-in
+        retention: "90days"
+      },
       sendingEnabled: true
     };
     ENTERPRISE_PRESET = {
@@ -656,6 +731,12 @@ var init_presets = __esm({
         dynamoDBHistory: true,
         archiveRetention: "1year"
       },
+      // Email archiving with 1-year retention
+      emailArchiving: {
+        enabled: false,
+        // User can opt-in
+        retention: "1year"
+      },
       dedicatedIp: true,
       sendingEnabled: true
     };
@@ -672,6 +753,7 @@ __export(prompts_exports, {
   promptConflictResolution: () => promptConflictResolution,
   promptCustomConfig: () => promptCustomConfig,
   promptDomain: () => promptDomain,
+  promptEmailArchiving: () => promptEmailArchiving,
   promptEstimatedVolume: () => promptEstimatedVolume,
   promptFeatureSelection: () => promptFeatureSelection,
   promptIntegrationLevel: () => promptIntegrationLevel,
@@ -1033,6 +1115,59 @@ async function promptEstimatedVolume() {
   }
   return volume;
 }
+async function promptEmailArchiving() {
+  const enabled = await clack3.confirm({
+    message: "Enable email archiving? (Store full email content with HTML for viewing in dashboard)",
+    initialValue: false
+  });
+  if (clack3.isCancel(enabled)) {
+    clack3.cancel("Operation cancelled.");
+    process.exit(0);
+  }
+  if (!enabled) {
+    return { enabled: false, retention: "90days" };
+  }
+  const retention = await clack3.select({
+    message: "Email archive retention period:",
+    options: [
+      { value: "7days", label: "7 days", hint: "~$1-2/mo for 10k emails" },
+      { value: "30days", label: "30 days", hint: "~$2-4/mo for 10k emails" },
+      {
+        value: "90days",
+        label: "90 days (recommended)",
+        hint: "~$5-10/mo for 10k emails"
+      },
+      {
+        value: "6months",
+        label: "6 months",
+        hint: "~$15-25/mo for 10k emails"
+      },
+      { value: "1year", label: "1 year", hint: "~$25-40/mo for 10k emails" },
+      {
+        value: "18months",
+        label: "18 months",
+        hint: "~$35-60/mo for 10k emails"
+      }
+    ],
+    initialValue: "90days"
+  });
+  if (clack3.isCancel(retention)) {
+    clack3.cancel("Operation cancelled.");
+    process.exit(0);
+  }
+  clack3.log.info(
+    pc3.dim(
+      "Archiving stores full RFC 822 emails with HTML, attachments, and headers"
+    )
+  );
+  clack3.log.info(
+    pc3.dim("Cost: $2/GB ingestion + $0.19/GB/month storage (~50KB per email)")
+  );
+  return {
+    enabled: true,
+    retention
+  };
+}
 async function promptCustomConfig() {
   clack3.log.info("Custom configuration builder");
   clack3.log.info("Configure each feature individually");
@@ -1112,6 +1247,53 @@ async function promptCustomConfig() {
     clack3.cancel("Operation cancelled.");
     process.exit(0);
   }
+  const emailArchivingEnabled = await clack3.confirm({
+    message: "Enable email archiving? (Store full email content with HTML for viewing)",
+    initialValue: false
+  });
+  if (clack3.isCancel(emailArchivingEnabled)) {
+    clack3.cancel("Operation cancelled.");
+    process.exit(0);
+  }
+  let emailArchiveRetention = "90days";
+  if (emailArchivingEnabled) {
+    emailArchiveRetention = await clack3.select({
+      message: "Email archive retention period:",
+      options: [
+        { value: "7days", label: "7 days", hint: "~$1-2/mo for 10k emails" },
+        { value: "30days", label: "30 days", hint: "~$2-4/mo for 10k emails" },
+        {
+          value: "90days",
+          label: "90 days (recommended)",
+          hint: "~$5-10/mo for 10k emails"
+        },
+        {
+          value: "6months",
+          label: "6 months",
+          hint: "~$15-25/mo for 10k emails"
+        },
+        { value: "1year", label: "1 year", hint: "~$25-40/mo for 10k emails" },
+        {
+          value: "18months",
+          label: "18 months",
+          hint: "~$35-60/mo for 10k emails"
+        }
+      ],
+      initialValue: "90days"
+    });
+    if (clack3.isCancel(emailArchiveRetention)) {
+      clack3.cancel("Operation cancelled.");
+      process.exit(0);
+    }
+    clack3.log.info(
+      pc3.dim(
+        "Note: Archiving stores full RFC 822 emails with HTML, attachments, and headers"
+      )
+    );
+    clack3.log.info(
+      pc3.dim("Cost: $2/GB ingestion + $0.19/GB/month storage (~50KB per email)")
+    );
+  }
   return {
     tracking: trackingEnabled ? {
       enabled: true,
@@ -1140,6 +1322,10 @@ async function promptCustomConfig() {
       dynamoDBHistory: Boolean(dynamoDBHistory),
       archiveRetention: typeof archiveRetention === "string" ? archiveRetention : "90days"
     } : { enabled: false },
+    emailArchiving: emailArchivingEnabled ? {
+      enabled: true,
+      retention: typeof emailArchiveRetention === "string" ? emailArchiveRetention : "90days"
+    } : { enabled: false, retention: "90days" },
     dedicatedIp,
     sendingEnabled: true
   };
@@ -1184,6 +1370,114 @@ var init_assume_role = __esm({
   }
 });
 
+// src/utils/archive.ts
+import {
+  GetArchiveMessageCommand,
+  MailManagerClient
+} from "@aws-sdk/client-mailmanager";
+import { simpleParser } from "mailparser";
+async function getArchivedEmail(_archiveId, messageId, region) {
+  const client = new MailManagerClient({ region });
+  const command2 = new GetArchiveMessageCommand({
+    ArchivedMessageId: messageId
+  });
+  const response = await client.send(command2);
+  if (!response.MessageDownloadLink) {
+    throw new Error("No download link available for archived message");
+  }
+  const emailResponse = await fetch(response.MessageDownloadLink);
+  if (!emailResponse.ok) {
+    throw new Error(`Failed to download email: ${emailResponse.statusText}`);
+  }
+  const emailRaw = await emailResponse.text();
+  const parsed = await simpleParser(emailRaw);
+  const attachments = parsed.attachments?.map((att) => ({
+    filename: att.filename,
+    contentType: att.contentType,
+    size: att.size
+  })) || [];
+  const headers = {};
+  if (parsed.headers) {
+    for (const [key, value] of parsed.headers) {
+      if (value instanceof Date) {
+        headers[key] = value.toISOString();
+      } else if (typeof value === "string") {
+        headers[key] = value;
+      } else if (Array.isArray(value) && value.every((v) => typeof v === "string")) {
+        headers[key] = value;
+      } else {
+        headers[key] = JSON.stringify(value);
+      }
+    }
+  }
+  const getAddressText = (addr) => {
+    if (!addr) return "";
+    if (Array.isArray(addr)) {
+      return addr.map((a) => a.text).join(", ");
+    }
+    return addr.text || "";
+  };
+  return {
+    messageId,
+    // Use the input messageId since response may not have MessageMetadata
+    from: getAddressText(parsed.from),
+    to: getAddressText(parsed.to),
+    subject: parsed.subject || "",
+    html: parsed.html || void 0,
+    text: parsed.text || void 0,
+    attachments,
+    headers,
+    timestamp: parsed.date || /* @__PURE__ */ new Date(),
+    // Note: MessageMetadata is not available in GetArchiveMessageCommandOutput
+    // These fields would need to be retrieved separately if needed
+    metadata: {}
+  };
+}
+var init_archive = __esm({
+  "src/utils/archive.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+
+// src/console/services/email-archive.ts
+var email_archive_exports = {};
+__export(email_archive_exports, {
+  fetchArchivedEmail: () => fetchArchivedEmail
+});
+async function fetchArchivedEmail(messageId, options) {
+  const { region, archiveArn } = options;
+  try {
+    console.log("Fetching archived email:", {
+      messageId,
+      archiveArn,
+      region
+    });
+    const email = await getArchivedEmail(archiveArn, messageId, region);
+    console.log("Archived email fetched successfully:", {
+      messageId: email.messageId,
+      hasHtml: !!email.html,
+      hasText: !!email.text,
+      attachmentCount: email.attachments.length
+    });
+    return email;
+  } catch (error) {
+    if (error instanceof Error && (error.message.includes("not found") || error.message.includes("ResourceNotFoundException"))) {
+      console.log("Archived email not found:", messageId);
+      return null;
+    }
+    console.error("Error fetching archived email:", error);
+    throw error;
+  }
+}
+var init_email_archive = __esm({
+  "src/console/services/email-archive.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_archive();
+  }
+});
+
 // src/console/services/dynamodb-metrics.ts
 var dynamodb_metrics_exports = {};
 __export(dynamodb_metrics_exports, {
@@ -1285,7 +1579,7 @@ async function findHostedZone(domain, region) {
     return null;
   }
 }
-async function createDNSRecords(hostedZoneId, domain, dkimTokens, region, customTrackingDomain) {
+async function createDNSRecords(hostedZoneId, domain, dkimTokens, region, customTrackingDomain, mailFromDomain) {
   const client = new Route53Client({ region });
   const changes = [];
   for (const token of dkimTokens) {
@@ -1330,6 +1624,28 @@ async function createDNSRecords(hostedZoneId, domain, dkimTokens, region, custom
       }
     });
   }
+  if (mailFromDomain) {
+    changes.push({
+      Action: "UPSERT",
+      ResourceRecordSet: {
+        Name: mailFromDomain,
+        Type: "MX",
+        TTL: 1800,
+        ResourceRecords: [
+          { Value: `10 feedback-smtp.${region}.amazonses.com` }
+        ]
+      }
+    });
+    changes.push({
+      Action: "UPSERT",
+      ResourceRecordSet: {
+        Name: mailFromDomain,
+        Type: "TXT",
+        TTL: 1800,
+        ResourceRecords: [{ Value: '"v=spf1 include:amazonses.com ~all"' }]
+      }
+    });
+  }
   await client.send(
     new ChangeResourceRecordSetsCommand({
       HostedZoneId: hostedZoneId,
@@ -1560,6 +1876,19 @@ async function createIAMRole(config) {
       Resource: "arn:aws:sqs:*:*:wraps-email-*"
     });
   }
+  if (config.emailConfig.emailArchiving?.enabled) {
+    statements.push({
+      Effect: "Allow",
+      Action: [
+        "ses:GetArchive",
+        "ses:GetArchiveMessage",
+        "ses:GetArchiveMessageContent",
+        "ses:SearchArchive",
+        "ses:StartArchiveExport"
+      ],
+      Resource: "arn:aws:ses:*:*:mailmanager-archive/*"
+    });
+  }
   new aws3.iam.RolePolicy("wraps-email-policy", {
     role: role.name,
     policy: JSON.stringify({
@@ -1742,8 +2071,9 @@ async function createSESResources(config) {
   if (config.trackingConfig?.customRedirectDomain) {
     configSetOptions.trackingOptions = {
       customRedirectDomain: config.trackingConfig.customRedirectDomain,
-      httpsPolicy: "REQUIRE"
-      // Always require HTTPS for security
+      // Use OPTIONAL because custom domains don't have SSL certificates by default
+      // AWS's tracking domain (r.{region}.awstrack.me) doesn't have certs for custom domains
+      httpsPolicy: "OPTIONAL"
     };
   }
   const configSet = new aws5.sesv2.ConfigurationSet(
@@ -1778,6 +2108,7 @@ async function createSESResources(config) {
   });
   let domainIdentity;
   let dkimTokens;
+  let mailFromDomain;
   if (config.domain) {
     domainIdentity = new aws5.sesv2.EmailIdentity("wraps-email-domain", {
       emailIdentity: config.domain,
@@ -1793,6 +2124,20 @@ async function createSESResources(config) {
     dkimTokens = domainIdentity.dkimSigningAttributes.apply(
       (attrs) => attrs?.tokens || []
     );
+    mailFromDomain = config.mailFromDomain || `mail.${config.domain}`;
+    new aws5.sesv2.EmailIdentityMailFromAttributes(
+      "wraps-email-mail-from",
+      {
+        emailIdentity: config.domain,
+        mailFromDomain,
+        behaviorOnMxFailure: "USE_DEFAULT_VALUE"
+        // Fallback to amazonses.com if MX record fails
+      },
+      {
+        dependsOn: [domainIdentity]
+        // Ensure domain identity exists first
+      }
+    );
   }
   return {
     configSet,
@@ -1802,7 +2147,8 @@ async function createSESResources(config) {
     dkimTokens,
     dnsAutoCreated: false,
     // Will be set after deployment
-    customTrackingDomain: config.trackingConfig?.customRedirectDomain
+    customTrackingDomain: config.trackingConfig?.customRedirectDomain,
+    mailFromDomain
   };
 }
 
@@ -1887,6 +2233,7 @@ async function deployEmailStack(config) {
   if (emailConfig.tracking?.enabled || emailConfig.eventTracking?.enabled) {
     sesResources = await createSESResources({
       domain: emailConfig.domain,
+      mailFromDomain: emailConfig.mailFromDomain,
       region: config.region,
       trackingConfig: emailConfig.tracking,
       eventTypes: emailConfig.eventTracking?.events
@@ -1918,6 +2265,15 @@ async function deployEmailStack(config) {
       accountId
     });
   }
+  let archiveResources;
+  if (emailConfig.emailArchiving?.enabled && sesResources) {
+    const { createMailManagerArchive: createMailManagerArchive2 } = await Promise.resolve().then(() => (init_mail_manager(), mail_manager_exports));
+    archiveResources = await createMailManagerArchive2({
+      name: "email",
+      retention: emailConfig.emailArchiving.retention,
+      configSetName: sesResources.configSet.configurationSetName
+    });
+  }
   return {
     roleArn: role.arn,
     configSetName: sesResources?.configSet.configurationSetName,
@@ -1930,7 +2286,11 @@ async function deployEmailStack(config) {
     eventBusName: sesResources?.eventBus.name,
     queueUrl: sqsResources?.queue.url,
     dlqUrl: sqsResources?.dlq.url,
-    customTrackingDomain: sesResources?.customTrackingDomain
+    customTrackingDomain: sesResources?.customTrackingDomain,
+    mailFromDomain: sesResources?.mailFromDomain,
+    archiveArn: archiveResources?.archive.arn,
+    archivingEnabled: emailConfig.emailArchiving?.enabled,
+    archiveRetention: emailConfig.emailArchiving?.enabled ? emailConfig.emailArchiving.retention : void 0
   };
 }
 
@@ -2149,6 +2509,14 @@ Verification should complete within a few minutes.`,
         pc2.bold("DMARC Record (TXT):"),
         `  ${pc2.cyan(`_dmarc.${domain}`)} ${pc2.dim("TXT")} "v=DMARC1; p=quarantine; rua=mailto:postmaster@${domain}"`
       );
+      if (outputs.mailFromDomain) {
+        dnsLines.push(
+          "",
+          pc2.bold("MAIL FROM Domain Records (for DMARC alignment):"),
+          `  ${pc2.cyan(outputs.mailFromDomain)} ${pc2.dim("MX")} "10 feedback-smtp.${outputs.region}.amazonses.com"`,
+          `  ${pc2.cyan(outputs.mailFromDomain)} ${pc2.dim("TXT")} "v=spf1 include:amazonses.com ~all"`
+        );
+      }
     }
     clack2.note(dnsLines.join("\n"), "DNS Records to add:");
   }
@@ -2201,7 +2569,14 @@ function displayStatus(status2) {
     const domainStrings = status2.domains.map((d) => {
       const statusIcon = d.status === "verified" ? "\u2713" : d.status === "pending" ? "\u23F1" : "\u2717";
       const statusColor = d.status === "verified" ? pc2.green : d.status === "pending" ? pc2.yellow : pc2.red;
-      return `    ${d.domain} ${statusColor(`${statusIcon} ${d.status}`)}`;
+      let domainLine = `    ${d.domain} ${statusColor(`${statusIcon} ${d.status}`)}`;
+      if (d.mailFromDomain) {
+        const mailFromStatusIcon = d.mailFromStatus === "SUCCESS" ? "\u2713" : "\u23F1";
+        const mailFromColor = d.mailFromStatus === "SUCCESS" ? pc2.green : pc2.yellow;
+        domainLine += `
+      ${pc2.dim("MAIL FROM:")} ${d.mailFromDomain} ${mailFromColor(mailFromStatusIcon)}`;
+      }
+      return domainLine;
     });
     infoLines.push(`${pc2.bold("Domains:")}
 ${domainStrings.join("\n")}`);
@@ -2227,6 +2602,23 @@ ${domainStrings.join("\n")}`);
       `  ${pc2.dim("\u25CB")} Bounce/Complaint Handling ${pc2.dim("(run 'wraps upgrade' to enable)")}`
     );
   }
+  if (status2.resources.archivingEnabled) {
+    const retentionLabel = {
+      "7days": "7 days",
+      "30days": "30 days",
+      "90days": "90 days",
+      "6months": "6 months",
+      "1year": "1 year",
+      "18months": "18 months"
+    }[status2.resources.archiveRetention || "90days"] || "90 days";
+    featureLines.push(
+      `  ${pc2.green("\u2713")} Email Archiving ${pc2.dim(`(${retentionLabel} retention)`)}`
+    );
+  } else {
+    featureLines.push(
+      `  ${pc2.dim("\u25CB")} Email Archiving ${pc2.dim("(run 'wraps upgrade' to enable)")}`
+    );
+  }
   featureLines.push(
     `  ${pc2.green("\u2713")} Console Dashboard ${pc2.dim("(run 'wraps console')")}`
   );
@@ -2259,14 +2651,20 @@ ${domainStrings.join("\n")}`);
       `  ${pc2.green("\u2713")} SNS Topics: ${pc2.cyan(`${status2.resources.snsTopics} configured`)}`
     );
   }
+  if (status2.resources.archiveArn) {
+    resourceLines.push(
+      `  ${pc2.green("\u2713")} Mail Manager Archive: ${pc2.cyan(status2.resources.archiveArn)}`
+    );
+  }
   clack2.note(resourceLines.join("\n"), "Resources");
-  const pendingDomains = status2.domains.filter(
-    (d) => d.status === "pending" && d.dkimTokens
+  const domainsNeedingDNS = status2.domains.filter(
+    (d) => d.status === "pending" && d.dkimTokens || d.mailFromDomain && d.mailFromStatus !== "SUCCESS"
   );
-  if (pendingDomains.length > 0) {
-    for (const domain of pendingDomains) {
-      if (domain.dkimTokens && domain.dkimTokens.length > 0) {
-        const dnsLines = [
+  if (domainsNeedingDNS.length > 0) {
+    for (const domain of domainsNeedingDNS) {
+      const dnsLines = [];
+      if (domain.status === "pending" && domain.dkimTokens && domain.dkimTokens.length > 0) {
+        dnsLines.push(
           pc2.bold("DKIM Records (CNAME):"),
           ...domain.dkimTokens.map(
             (token) => `  ${pc2.cyan(`${token}._domainkey.${domain.domain}`)} ${pc2.dim("CNAME")} "${token}.dkim.amazonses.com"`
@@ -2277,11 +2675,23 @@ ${domainStrings.join("\n")}`);
           "",
           pc2.bold("DMARC Record (TXT):"),
           `  ${pc2.cyan(`_dmarc.${domain.domain}`)} ${pc2.dim("TXT")} "v=DMARC1; p=quarantine; rua=mailto:postmaster@${domain.domain}"`
-        ];
+        );
+      }
+      if (domain.mailFromDomain && domain.mailFromStatus !== "SUCCESS") {
+        if (dnsLines.length > 0) {
+          dnsLines.push("");
+        }
+        dnsLines.push(
+          pc2.bold("MAIL FROM Domain Records (for DMARC alignment):"),
+          `  ${pc2.cyan(domain.mailFromDomain)} ${pc2.dim("MX")} "10 feedback-smtp.${status2.region}.amazonses.com"`,
+          `  ${pc2.cyan(domain.mailFromDomain)} ${pc2.dim("TXT")} "v=spf1 include:amazonses.com ~all"`
+        );
+      }
+      if (dnsLines.length > 0) {
         clack2.note(dnsLines.join("\n"), `DNS Records for ${domain.domain}`);
       }
     }
-    const exampleDomain = pendingDomains[0].domain;
+    const exampleDomain = domainsNeedingDNS[0].domain;
     console.log(
       `
 ${pc2.dim("Run:")} ${pc2.yellow(`wraps verify --domain ${exampleDomain}`)} ${pc2.dim(
@@ -3205,6 +3615,46 @@ function createEmailsRouter(config) {
       res.status(500).json({ error: errorMessage });
     }
   });
+  router.get("/:id/archive", async (req, res) => {
+    try {
+      const { id } = req.params;
+      console.log("Archived email request received for message ID:", id);
+      if (!config.archivingEnabled) {
+        console.log("Email archiving not enabled");
+        return res.status(400).json({
+          error: "Email archiving not enabled for this deployment."
+        });
+      }
+      if (!config.archiveArn) {
+        console.log("No archive ARN configured");
+        return res.status(400).json({
+          error: "Archive ARN not configured."
+        });
+      }
+      console.log("Fetching archived email from Mail Manager...");
+      const { fetchArchivedEmail: fetchArchivedEmail2 } = await Promise.resolve().then(() => (init_email_archive(), email_archive_exports));
+      const archivedEmail = await fetchArchivedEmail2(id, {
+        region: config.region,
+        archiveArn: config.archiveArn
+      });
+      if (!archivedEmail) {
+        console.log("Archived email not found for message ID:", id);
+        return res.status(404).json({
+          error: "Archived email not found. It may have been sent before archiving was enabled."
+        });
+      }
+      console.log("Archived email found:", archivedEmail.messageId);
+      res.json(archivedEmail);
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : "Unknown error";
+      console.error("Error fetching archived email:", error);
+      console.error(
+        "Stack trace:",
+        error instanceof Error ? error.stack : "N/A"
+      );
+      res.status(500).json({ error: errorMessage });
+    }
+  });
   return router;
 }
 
@@ -3491,7 +3941,9 @@ async function fetchEmailIdentity(roleArn, region, identityName) {
     verifiedForSendingStatus: response.VerifiedForSendingStatus ?? false,
     tags: response.Tags?.reduce(
       (acc, tag) => {
-        if (tag.Key) acc[tag.Key] = tag.Value || "";
+        if (tag.Key) {
+          acc[tag.Key] = tag.Value || "";
+        }
         return acc;
       },
       {}
@@ -3524,6 +3976,20 @@ async function fetchEmailSettings(roleArn, region, configSetName, domain) {
 // src/console/routes/settings.ts
 function createSettingsRouter(config) {
   const router = createRouter4();
+  router.get("/deployment", async (_req, res) => {
+    try {
+      res.json({
+        archivingEnabled: config.archivingEnabled ?? false,
+        archiveArn: config.archiveArn,
+        tableName: config.tableName,
+        region: config.region
+      });
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : "Unknown error";
+      console.error("Error fetching deployment config:", error);
+      res.status(500).json({ error: errorMessage });
+    }
+  });
   router.get("/", async (_req, res) => {
     try {
       const metadata = await loadConnectionMetadata(
@@ -3899,6 +4365,8 @@ async function runConsole(options) {
     process.exit(1);
   }
   const tableName = stackOutputs.tableName?.value;
+  const archiveArn = stackOutputs.archiveArn?.value;
+  const archivingEnabled = stackOutputs.archivingEnabled?.value ?? false;
   const port = options.port || await getPort({ port: [5555, 5556, 5557, 5558, 5559] });
   progress.stop();
   clack5.log.success("Starting console server...");
@@ -3912,7 +4380,9 @@ async function runConsole(options) {
     region,
     tableName,
     accountId: identity.accountId,
-    noOpen: options.noOpen ?? false
+    noOpen: options.noOpen ?? false,
+    archiveArn,
+    archivingEnabled
   });
   console.log(`\\n${pc5.bold("Console:")} ${pc5.cyan(url)}`);
   console.log(`${pc5.dim("Press Ctrl+C to stop")}\\n`);
@@ -4052,17 +4522,22 @@ async function init(options) {
     emailConfig = await promptCustomConfig();
   } else {
     emailConfig = getPreset(preset);
+    const { promptEmailArchiving: promptEmailArchiving2 } = await Promise.resolve().then(() => (init_prompts(), prompts_exports));
+    const archivingConfig = await promptEmailArchiving2();
+    emailConfig.emailArchiving = archivingConfig;
   }
   if (domain) {
     emailConfig.domain = domain;
   }
   const estimatedVolume = await promptEstimatedVolume();
-  progress.info("\n" + pc7.bold("Cost Estimate:"));
+  progress.info(`
+${pc7.bold("Cost Estimate:")}`);
   const costSummary = getCostSummary(emailConfig, estimatedVolume);
   clack7.log.info(costSummary);
   const warnings = validateConfig(emailConfig);
   if (warnings.length > 0) {
-    progress.info("\n" + pc7.yellow(pc7.bold("Configuration Warnings:")));
+    progress.info(`
+${pc7.yellow(pc7.bold("Configuration Warnings:"))}`);
     for (const warning of warnings) {
       clack7.log.warn(warning);
     }
@@ -4110,7 +4585,11 @@ async function init(options) {
                 lambdaFunctions: result.lambdaFunctions,
                 domain: result.domain,
                 dkimTokens: result.dkimTokens,
-                customTrackingDomain: result.customTrackingDomain
+                customTrackingDomain: result.customTrackingDomain,
+                mailFromDomain: result.mailFromDomain,
+                archiveArn: result.archiveArn,
+                archivingEnabled: result.archivingEnabled,
+                archiveRetention: result.archiveRetention
               };
             }
           },
@@ -4139,7 +4618,11 @@ async function init(options) {
           lambdaFunctions: pulumiOutputs.lambdaFunctions?.value,
           domain: pulumiOutputs.domain?.value,
           dkimTokens: pulumiOutputs.dkimTokens?.value,
-          customTrackingDomain: pulumiOutputs.customTrackingDomain?.value
+          customTrackingDomain: pulumiOutputs.customTrackingDomain?.value,
+          mailFromDomain: pulumiOutputs.mailFromDomain?.value,
+          archiveArn: pulumiOutputs.archiveArn?.value,
+          archivingEnabled: pulumiOutputs.archivingEnabled?.value,
+          archiveRetention: pulumiOutputs.archiveRetention?.value
         };
       }
     );
@@ -4168,7 +4651,8 @@ async function init(options) {
           outputs.domain,
           outputs.dkimTokens,
           region,
-          outputs.customTrackingDomain
+          outputs.customTrackingDomain,
+          outputs.mailFromDomain
         );
         progress.succeed("DNS records created in Route53");
         dnsAutoCreated = true;
@@ -4195,7 +4679,8 @@ async function init(options) {
     tableName: outputs.tableName,
     dnsRecords: dnsRecords.length > 0 ? dnsRecords : void 0,
     dnsAutoCreated,
-    domain: outputs.domain
+    domain: outputs.domain,
+    mailFromDomain: outputs.mailFromDomain
   });
 }
 
@@ -4345,13 +4830,17 @@ Run ${pc9.cyan("wraps init")} to deploy infrastructure.
         return {
           domain: d.domain,
           status: d.verified ? "verified" : "pending",
-          dkimTokens: identity2.DkimAttributes?.Tokens || []
+          dkimTokens: identity2.DkimAttributes?.Tokens || [],
+          mailFromDomain: identity2.MailFromAttributes?.MailFromDomain,
+          mailFromStatus: identity2.MailFromAttributes?.MailFromDomainStatus
         };
       } catch (_error) {
         return {
           domain: d.domain,
           status: d.verified ? "verified" : "pending",
-          dkimTokens: void 0
+          dkimTokens: void 0,
+          mailFromDomain: void 0,
+          mailFromStatus: void 0
         };
       }
     })
@@ -4367,7 +4856,10 @@ Run ${pc9.cyan("wraps init")} to deploy infrastructure.
       configSetName: stackOutputs.configSetName?.value,
       tableName: stackOutputs.tableName?.value,
       lambdaFunctions: stackOutputs.lambdaFunctions?.value?.length || 0,
-      snsTopics: integrationLevel === "enhanced" ? 1 : 0
+      snsTopics: integrationLevel === "enhanced" ? 1 : 0,
+      archiveArn: stackOutputs.archiveArn?.value,
+      archivingEnabled: stackOutputs.archivingEnabled?.value,
+      archiveRetention: stackOutputs.archiveRetention?.value
     }
   });
 }
@@ -4634,6 +5126,18 @@ ${pc11.bold("Current Configuration:")}
   if (config.dedicatedIp) {
     console.log(`  ${pc11.green("\u2713")} Dedicated IP Address`);
   }
+  if (config.emailArchiving?.enabled) {
+    const retentionLabel = {
+      "7days": "7 days",
+      "30days": "30 days",
+      "90days": "90 days",
+      "6months": "6 months",
+      "1year": "1 year",
+      "18months": "18 months",
+      indefinite: "indefinite"
+    }[config.emailArchiving.retention] || "90 days";
+    console.log(`  ${pc11.green("\u2713")} Email Archiving (${retentionLabel})`);
+  }
   const currentCostData = calculateCosts(config, 5e4);
   console.log(
     `
@@ -4648,6 +5152,11 @@ ${pc11.bold("Current Configuration:")}
         label: "Upgrade to a different preset",
         hint: "Starter \u2192 Production \u2192 Enterprise"
       },
+      {
+        value: "archiving",
+        label: config.emailArchiving?.enabled ? "Change email archiving settings" : "Enable email archiving",
+        hint: config.emailArchiving?.enabled ? "Update retention or disable" : "Store full email content with HTML"
+      },
       {
         value: "tracking-domain",
         label: "Add/change custom tracking domain",
@@ -4656,7 +5165,7 @@ ${pc11.bold("Current Configuration:")}
       {
         value: "retention",
         label: "Change email history retention",
-        hint: "7 days, 30 days, 90 days, 1 year, indefinite"
+        hint: "7 days, 30 days, 90 days, 6 months, 1 year, 18 months"
       },
       {
         value: "events",
@@ -4714,6 +5223,166 @@ ${pc11.bold("Current Configuration:")}
       newPreset = selectedPreset;
       break;
     }
+    case "archiving": {
+      if (config.emailArchiving?.enabled) {
+        const archivingAction = await clack11.select({
+          message: "What would you like to do with email archiving?",
+          options: [
+            {
+              value: "change-retention",
+              label: "Change retention period",
+              hint: `Current: ${config.emailArchiving.retention}`
+            },
+            {
+              value: "disable",
+              label: "Disable email archiving",
+              hint: "Stop storing full email content"
+            }
+          ]
+        });
+        if (clack11.isCancel(archivingAction)) {
+          clack11.cancel("Upgrade cancelled.");
+          process.exit(0);
+        }
+        if (archivingAction === "disable") {
+          const confirmDisable = await clack11.confirm({
+            message: "Are you sure? Existing archived emails will remain, but new emails won't be archived.",
+            initialValue: false
+          });
+          if (clack11.isCancel(confirmDisable) || !confirmDisable) {
+            clack11.cancel("Archiving not disabled.");
+            process.exit(0);
+          }
+          updatedConfig = {
+            ...config,
+            emailArchiving: {
+              enabled: false,
+              retention: config.emailArchiving.retention
+            }
+          };
+        } else {
+          const retention = await clack11.select({
+            message: "Email archive retention period:",
+            options: [
+              {
+                value: "7days",
+                label: "7 days",
+                hint: "~$1-2/mo for 10k emails"
+              },
+              {
+                value: "30days",
+                label: "30 days",
+                hint: "~$2-4/mo for 10k emails"
+              },
+              {
+                value: "90days",
+                label: "90 days (recommended)",
+                hint: "~$5-10/mo for 10k emails"
+              },
+              {
+                value: "6months",
+                label: "6 months",
+                hint: "~$15-25/mo for 10k emails"
+              },
+              {
+                value: "1year",
+                label: "1 year",
+                hint: "~$25-40/mo for 10k emails"
+              },
+              {
+                value: "18months",
+                label: "18 months",
+                hint: "~$35-60/mo for 10k emails"
+              }
+            ],
+            initialValue: config.emailArchiving.retention
+          });
+          if (clack11.isCancel(retention)) {
+            clack11.cancel("Upgrade cancelled.");
+            process.exit(0);
+          }
+          updatedConfig = {
+            ...config,
+            emailArchiving: {
+              enabled: true,
+              retention
+            }
+          };
+        }
+      } else {
+        const enableArchiving = await clack11.confirm({
+          message: "Enable email archiving? (Store full email content with HTML for viewing)",
+          initialValue: true
+        });
+        if (clack11.isCancel(enableArchiving)) {
+          clack11.cancel("Upgrade cancelled.");
+          process.exit(0);
+        }
+        if (!enableArchiving) {
+          clack11.log.info("Email archiving not enabled.");
+          process.exit(0);
+        }
+        const retention = await clack11.select({
+          message: "Email archive retention period:",
+          options: [
+            {
+              value: "7days",
+              label: "7 days",
+              hint: "~$1-2/mo for 10k emails"
+            },
+            {
+              value: "30days",
+              label: "30 days",
+              hint: "~$2-4/mo for 10k emails"
+            },
+            {
+              value: "90days",
+              label: "90 days (recommended)",
+              hint: "~$5-10/mo for 10k emails"
+            },
+            {
+              value: "6months",
+              label: "6 months",
+              hint: "~$15-25/mo for 10k emails"
+            },
+            {
+              value: "1year",
+              label: "1 year",
+              hint: "~$25-40/mo for 10k emails"
+            },
+            {
+              value: "18months",
+              label: "18 months",
+              hint: "~$35-60/mo for 10k emails"
+            }
+          ],
+          initialValue: "90days"
+        });
+        if (clack11.isCancel(retention)) {
+          clack11.cancel("Upgrade cancelled.");
+          process.exit(0);
+        }
+        clack11.log.info(
+          pc11.dim(
+            "Archiving stores full RFC 822 emails with HTML, attachments, and headers"
+          )
+        );
+        clack11.log.info(
+          pc11.dim(
+            "Cost: $2/GB ingestion + $0.19/GB/month storage (~50KB per email)"
+          )
+        );
+        updatedConfig = {
+          ...config,
+          emailArchiving: {
+            enabled: true,
+            retention
+          }
+        };
+      }
+      newPreset = void 0;
+      break;
+    }
     case "tracking-domain": {
       if (!config.domain) {
         clack11.log.error(
@@ -4772,7 +5441,7 @@ ${pc11.bold("Current Configuration:")}
     }
     case "retention": {
       const retention = await clack11.select({
-        message: "Email history retention period:",
+        message: "Email history retention period (event data in DynamoDB):",
         options: [
           { value: "7days", label: "7 days", hint: "Minimal storage cost" },
           { value: "30days", label: "30 days", hint: "Development/testing" },
@@ -4781,11 +5450,16 @@ ${pc11.bold("Current Configuration:")}
             label: "90 days (recommended)",
             hint: "Standard retention"
           },
+          {
+            value: "6months",
+            label: "6 months",
+            hint: "Extended retention"
+          },
           { value: "1year", label: "1 year", hint: "Compliance requirements" },
           {
-            value: "indefinite",
-            label: "Indefinite",
-            hint: "Higher storage cost"
+            value: "18months",
+            label: "18 months",
+            hint: "Long-term retention"
           }
         ],
         initialValue: config.eventTracking?.archiveRetention || "90days"
@@ -4794,6 +5468,16 @@ ${pc11.bold("Current Configuration:")}
         clack11.cancel("Upgrade cancelled.");
         process.exit(0);
       }
+      clack11.log.info(
+        pc11.dim(
+          "Note: This is for event data (sent, delivered, opened, etc.) stored in DynamoDB."
+        )
+      );
+      clack11.log.info(
+        pc11.dim(
+          "For full email content storage, use 'Enable email archiving' option."
+        )
+      );
       updatedConfig = {
         ...config,
         eventTracking: {
@@ -4957,7 +5641,10 @@ ${pc11.bold("Cost Impact:")}`);
                 lambdaFunctions: result.lambdaFunctions,
                 domain: result.domain,
                 dkimTokens: result.dkimTokens,
-                customTrackingDomain: result.customTrackingDomain
+                customTrackingDomain: result.customTrackingDomain,
+                archiveArn: result.archiveArn,
+                archivingEnabled: result.archivingEnabled,
+                archiveRetention: result.archiveRetention
               };
             }
           },
@@ -4984,7 +5671,10 @@ ${pc11.bold("Cost Impact:")}`);
           lambdaFunctions: pulumiOutputs.lambdaFunctions?.value,
           domain: pulumiOutputs.domain?.value,
           dkimTokens: pulumiOutputs.dkimTokens?.value,
-          customTrackingDomain: pulumiOutputs.customTrackingDomain?.value
+          customTrackingDomain: pulumiOutputs.customTrackingDomain?.value,
+          archiveArn: pulumiOutputs.archiveArn?.value,
+          archivingEnabled: pulumiOutputs.archivingEnabled?.value,
+          archiveRetention: pulumiOutputs.archiveRetention?.value
         };
       }
     );
@@ -5023,12 +5713,12 @@ ${pc11.green("\u2713")} ${pc11.bold("Upgrade complete!")}
 `);
   if (upgradeAction === "preset" && newPreset) {
     console.log(
-      `Upgraded to ${pc11.cyan(newPreset)} preset (${pc11.green(formatCost(newCostData.total.monthly) + "/mo")})
+      `Upgraded to ${pc11.cyan(newPreset)} preset (${pc11.green(`${formatCost(newCostData.total.monthly)}/mo`)})
 `
     );
   } else {
     console.log(
-      `Updated configuration (${pc11.green(formatCost(newCostData.total.monthly) + "/mo")})
+      `Updated configuration (${pc11.green(`${formatCost(newCostData.total.monthly)}/mo`)})
 `
     );
   }
@@ -5048,6 +5738,7 @@ async function verify(options) {
   const sesClient = new SESv2Client3({ region });
   let identity;
   let dkimTokens = [];
+  let mailFromDomain;
   try {
     identity = await progress.execute(
       "Checking SES verification status",
@@ -5059,6 +5750,7 @@ async function verify(options) {
       }
     );
     dkimTokens = identity.DkimAttributes?.Tokens || [];
+    mailFromDomain = identity.MailFromAttributes?.MailFromDomain;
   } catch (_error) {
     progress.stop();
     clack12.log.error(`Domain ${options.domain} not found in SES`);
@@ -5070,6 +5762,7 @@ Run ${pc12.cyan(`wraps init --domain ${options.domain}`)} to add this domain.
     process.exit(1);
   }
   const resolver = new Resolver();
+  resolver.setServers(["8.8.8.8", "1.1.1.1"]);
   const dnsResults = [];
   for (const token of dkimTokens) {
     const dkimRecord = `${token}._domainkey.${options.domain}`;
@@ -5124,17 +5817,60 @@ Run ${pc12.cyan(`wraps init --domain ${options.domain}`)} to add this domain.
       status: "missing"
     });
   }
+  if (mailFromDomain) {
+    try {
+      const mxRecords = await resolver.resolveMx(mailFromDomain);
+      const expectedMx = `feedback-smtp.${region}.amazonses.com`;
+      const hasMx = mxRecords.some(
+        (r) => r.exchange === expectedMx || r.exchange === `${expectedMx}.`
+      );
+      dnsResults.push({
+        name: mailFromDomain,
+        type: "MX",
+        status: hasMx ? "verified" : mxRecords.length > 0 ? "incorrect" : "missing",
+        records: mxRecords.map((r) => `${r.priority} ${r.exchange}`)
+      });
+    } catch (_error) {
+      dnsResults.push({
+        name: mailFromDomain,
+        type: "MX",
+        status: "missing"
+      });
+    }
+    try {
+      const records = await resolver.resolveTxt(mailFromDomain);
+      const spfRecord = records.flat().find((r) => r.startsWith("v=spf1"));
+      const hasAmazonSES = spfRecord?.includes("include:amazonses.com");
+      dnsResults.push({
+        name: mailFromDomain,
+        type: "TXT (SPF)",
+        status: hasAmazonSES ? "verified" : spfRecord ? "incorrect" : "missing",
+        records: spfRecord ? [spfRecord] : void 0
+      });
+    } catch (_error) {
+      dnsResults.push({
+        name: mailFromDomain,
+        type: "TXT (SPF)",
+        status: "missing"
+      });
+    }
+  }
   progress.stop();
   const verificationStatus = identity.VerifiedForSendingStatus ? "verified" : "pending";
   const dkimStatus = identity.DkimAttributes?.Status || "PENDING";
-  clack12.note(
-    [
-      `${pc12.bold("Domain:")} ${options.domain}`,
-      `${pc12.bold("Verification Status:")} ${verificationStatus === "verified" ? pc12.green("\u2713 Verified") : pc12.yellow("\u23F1 Pending")}`,
-      `${pc12.bold("DKIM Status:")} ${dkimStatus === "SUCCESS" ? pc12.green("\u2713 Success") : pc12.yellow(`\u23F1 ${dkimStatus}`)}`
-    ].join("\n"),
-    "SES Status"
-  );
+  const mailFromStatus = identity.MailFromAttributes?.MailFromDomainStatus || "NOT_CONFIGURED";
+  const statusLines = [
+    `${pc12.bold("Domain:")} ${options.domain}`,
+    `${pc12.bold("Verification Status:")} ${verificationStatus === "verified" ? pc12.green("\u2713 Verified") : pc12.yellow("\u23F1 Pending")}`,
+    `${pc12.bold("DKIM Status:")} ${dkimStatus === "SUCCESS" ? pc12.green("\u2713 Success") : pc12.yellow(`\u23F1 ${dkimStatus}`)}`
+  ];
+  if (mailFromDomain) {
+    statusLines.push(
+      `${pc12.bold("MAIL FROM Domain:")} ${mailFromDomain}`,
+      `${pc12.bold("MAIL FROM Status:")} ${mailFromStatus === "SUCCESS" ? pc12.green("\u2713 Success") : mailFromStatus === "NOT_CONFIGURED" ? pc12.yellow("\u23F1 Not Configured") : pc12.yellow(`\u23F1 ${mailFromStatus}`)}`
+    );
+  }
+  clack12.note(statusLines.join("\n"), "SES Status");
   const dnsLines = dnsResults.map((record) => {
     let statusIcon;
     let statusColor;