I did get a response from Amazon:
At the moment, the Amazon SES SMTP interface supports connections wrapped with TLS. This means that the telnet command won't work as a troubleshooting mechanism. With OpenSSL installed, try the following:
openssl s_client -quiet -crlf -connect email-smtp.us-east-1.amazonaws.com:465
After establishing a TLS connection, we will provide the typical SMTP banner.
So, I gave that a shot and:
# openssl s_client -quiet -crlf -connect email-smtp.us-east-1.amazonaws.com:465
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
220 email-smtp.amazonaws.com ESMTP SimpleEmailService-200596653
I need to do a little bit of investigation, not sure if that issue is on my end or theirs. I also tried another package (Net::SMTP::TLS). But it too just hangs on connect.
Let me know if you have any ideas, otherwise I will post what I find here.