SES
π§ What Is AWS SES?¶
Amazon SES (Simple Email Service) is a scalable, cost-effective, and flexible email service that supports:
-
β Email Sending (transactional, marketing, bulk)
-
β Email Receiving (store or process inbound mail)
-
β Email Notifications (delivery, bounce, complaints)
SES integrates seamlessly with applications, services (like Lambda), and SMTP clients.
π¦ Key Use Cases¶
| Use Case | Example |
|---|---|
| Transactional Emails | Password reset, order confirmations, alerts |
| Marketing Emails | Campaign newsletters, promotions |
| Application Alerts | Notify users of system status |
| Inbound Email Processing | Automatically process incoming emails via Lambda |
𧱠How It Works¶
You can:
-
Send emails via SMTP or SES API
-
Monitor delivery via SNS notifications
-
Verify domains or email addresses
-
Process incoming emails using Lambda or S3
π Key Concepts¶
| Concept | Description |
|---|---|
| Identity | Domain or email verified to send/receive |
| Sandbox Mode | Default state β only verified senders/recipients |
| Production Mode | After approval, unrestricted sending to all recipients |
| SES Sending Limits | Rate & quota depend on region and usage history |
| SMTP Credentials | Separate credentials generated for SMTP usage |
| Email Feedback | Bounce, delivery, and complaint notifications via SNS |
β Setup Overview¶
-
Verify your domain or email address
- Add DNS records (TXT, CNAME, MX) for verification and DKIM
-
Request Production Access (move out of sandbox)
-
Create IAM user/credentials or SMTP credentials
-
Integrate SES via API, SDK, SMTP, or CLI
-
(Optional) Set up SNS for bounce/complaint tracking
π» Sending Email via CLI¶
aws ses send-email \
--from "your@email.com" \
--destination "ToAddresses=someone@domain.com" \
--message "Subject={Data=Hello},Body={Text={Data=This is a test email}}"
π¨ Receiving Emails with SES¶
| Step | Description |
|---|---|
| 1. Domain setup | Set MX record to route mail to SES |
| 2. Create Rule Set | Define how to handle incoming messages |
| 3. Action | Store in S3, trigger Lambda, or send to SNS |
π DKIM, SPF, and DMARC¶
| Record | Purpose | Sample DNS Entry |
|---|---|---|
| SPF | Authorize SES to send on your behalf | v=spf1 include:amazonses.com ~all |
| DKIM | Sign emails to prevent spoofing | TXT/CNAME records generated by SES |
| DMARC | Policy for handling unauthorized emails | v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com |
π Monitoring and Metrics¶
| Method | Description |
|---|---|
| CloudWatch | Metrics: delivery, bounce, complaint rates |
| SNS Topics | Real-time events (bounce, delivery, complaint) |
| Delivery Reports | Enable in configuration set for detailed logs |
π§ͺ Sample Terraform: Sending Setup¶
resource "aws_ses_domain_identity" "domain" {
domain = "yourdomain.com"
}
resource "aws_ses_domain_dkim" "dkim" {
domain = aws_ses_domain_identity.domain.domain
}
resource "aws_ses_email_identity" "email" {
email = "your@yourdomain.com"
}
π° Pricing (as of 2024)¶
| Feature | Cost |
|---|---|
| Send Email via SES | $0.10 per 1,000 emails |
| Receiving Emails | $0.10 per 1,000 emails received |
| Data Out (outside AWS) | Standard AWS data transfer costs |
| 25,000 free emails/day | β When sent from EC2 within the same region |
π SES Sandbox Limitations¶
| Limitation | Sandbox Mode |
|---|---|
| Unverified recipients | β Not allowed |
| Sending volume | Very low (200/day) |
| Email subject line | No marketing allowed |
π You must request production access via AWS Support.
βοΈ API vs SMTP¶
| Mode | Use When⦠|
|---|---|
| SMTP | Using 3rd-party SMTP clients like Outlook |
| API/SDK | Integrating in web apps or backend systems |
π§ Common Pitfalls¶
| Issue | Fix |
|---|---|
| Emails going to spam | Ensure SPF/DKIM/DMARC setup is correct |
| SES "Address Not Verified" | Add recipient or request production access |
| Bounces from major providers | Monitor bounce/complaint rates via SNS |
| Attachments not supported (API) | Use raw email with MIME format (send-raw-email) |
β TL;DR Summary¶
| Feature | AWS SES Value |
|---|---|
| Email Sending | β Transactional, bulk, marketing |
| Email Receiving | β Store in S3, process with Lambda |
| Setup Required | Domain/email verification, SPF/DKIM, IAM config |
| Access Modes | SMTP, CLI, SDK, API |
| Monitoring | β CloudWatch + SNS |
| Price | $0.10/1,000 emails (first 25k free on EC2) |