Changing Flight Historian Boarding Pass Email to AWS SES

Since Version 2.1 of Flight Historian, I’ve had the ability to send an Apple Wallet digital boarding pass to a specific email address, and have Flight Historian use that pass to fill in a new flight form for me.

Initially, I accomplished this with a Gmail account that I set up exclusively for this purpose. Using Ruby’s net-imap gem, Flight Historian could connect to this Gmail account via IMAP with a username and password, extract and parse any PKPass attachments, and delete the completed email messages.

This worked, but it didn’t end up being especially reliable; the app login was often rejected as suspicious, meaning I had to manually go to Google’s security page and allow the login. I eventually switched over to a Microsoft Outlook.com email address, which more reliably allowed the net-imap gem to connect using basic authentication with a username and password. It still wasn’t ideal, though, since a personal webmail account wasn’t really designed for application use.

In June of 2024, Microsoft announced that it would no longer be supporting basic authentication by mid-September. With IMAP via username and password going away as an option, I needed to find an alternative way to receive boarding passes by email.

Alternatives Considered

Continue to use Outlook.com email, but switch to modern authentication. This may have been possible, but I’d still be relying on connecting to a webmail service that wasn’t really meant for supporting an application.

Continue to use Outlook.com email, but save attachments to a public OneDrive folder using Power Automate, and have Flight Historian download them from there. As with the above, this would still require relying on webmail, and would also be dependent on non-core Outlook functionality (especially since the Power Automate documentation already appeared to be out of date). Additionally, the boarding passes would be public (exposing PNR record locators and frequent flier numbers), and Flight Historian would not be able to delete them when done.

Use AWS Simple Email Service (SES) to put email in an S3 bucket, and have FlightHistorian fetch the email from the bucket. Flight Historian was already set up for read/write interaction with S3 when I was using it to cache map images, so this appeared to be the easiest and best option.

Use a Heroku email to POST plugin, like CloudMailIn or Mail2Webhook. With FlightHistorian being hosted on Heroku, this seemed like a reasonable strategy, but I ultimately went with AWS SES instead.

Instead of emailing boarding passes, add an upload form for screenshots of the boarding pass barcode, and decode the barcode image. I couldn’t find a Ruby library which would let me decode Aztec Codes, and I didn’t want to write an image processor. Uploading the image also would have required using AWS S3, and at that point I may as well have just used SES with it.

AWS Simple Email Service

For the reasons above, I ultimately decided on using Simple Email Service (SES) to handle my incoming boarding pass emails.

While SES is primarily set up for sending automated emails, it also has the ability to automatically process incoming emails. In particular, it can place email messages in an S3 bucket. Following AWS’s tutorial, I created a private S3 bucket, configured the bucket to allow SES to write to it, set up SES to place messages sent to a specific email address into that bucket.

On Flight Historian, I wrote a BoardingPassS3 module with a fetch_passes() method, which would connect to the S3 bucket and loop through all objects in the bucket. For each object, it would use the mail gem to parse it, extract the barcode data from any PKPass attachments, and delete the object. I used my existing PKPass model (just as my previous IMAP module had done) to process all of the collected barcode data and store in Flight Historian’s database.


All in all, I’m much more satisfied with this solution than the previous webmail option. For good reason, webmail was optimized more for end user security than reliable application access, so it’s nice to finally be working with something like SES which is explicitly designed for automation.

Tags: