Setup WordPress To Use AWS SES

Amazon SES is a very robust service for sending and receiving email within the AWS ecosystem (most people use it for sending outbound). If you’re a new AWS customer, you can use it for free for one year under their free tier. Configuring your site to use AWS SES to send email to the outside world can sometimes be difficult though and that is why this post exists. Any competent system administrator will already know that you should not simply setup a web server and expect it to be able to send email to the outside world without issues. That’s what email servers are for, obviously.  This was a huge problem at a job despite them having an abundance of technical knowledge. We had sites in Prod actually using localhost smtpd to send email to the company’s clients, then had people wondering why there was a problem with users not receiving email, or being flagged as spam. Settings up WordPress to use SES is actually a lot easier than you think and you don’t even need to touch your DNS SPF record. As a matter of fact you don’t even need to think about reverse DNS (rDNS) or DKIM. This is because you will be allowing the domain amazonses.com to send on behalf of your domain and amzonses.com has SPF and DKIM setup correctly. So you will be delegating the burden of managing the more technical aspect of email servers to Amazon SES and using their massive infrastructure for practically nothing. Most things that are too good to be true usually are, but not this time.

After signing up for an account at aws.amazon.com, you will need to open a support case to move your account out of the SES sandbox. Once you’ve done that, navigate to SES and verify your domain which will require you to create a DNS TXT record called “_amazonses” without the quotes with a certain value you are provided by AWS SES. Once you’ve done that you should see a status of verified.

After your domain is verified, go to SMTP Settings on the left. Note the Server Name, you will need this later. For the US-East region this will be email-smtp.us-east-1.amazonaws.com.  Click on the Create my SMTP Credentials button. You could change the name to make it reflect its purpose. An example is ses-smtp-user.contosocom. Click Create and download the credentials on the next page by clicking the button in the bottom right of the screen. You will need both values of SMTP Username and SMTP Password

Go to your WordPress Admin dashboard and install the plug-in called WP Mail SMTP and go to the settings for email.Fill in your From Email and From Name fields. Make sure Send all email through SMTP is checked instead of the PHP mail() function. Set the SMTP Host field to whatever server name was provided to you on the SES Settings page of SES.

SMTP Port: 587 (if that doesn’t work try 25 or 465

Use TLS encryption. This is not the same as STARTTLS. For most servers SSL is the recommended option.

Check the box Yes: Use SMTP authentication.

Username: Enter the username of the user you created under SMTP Settings in SES. It’s the weird-looking one with a long alphanumeric string of letters and numbers and not the clean one like ses-smtp-user.

Password: This is the long string of random characters.

Click on Save Changes and then send yourself a test email with the button below save. This will provide a verbose log to help you troubleshoot if any errors occur.

A Couple of things to think about are:

  1. are any ports blocked outbound from your host?
  2. is a firewall enabled?
  3. could your ISP be blocking port 25 outbound?
  4. are you underqualified to be messing around with these types of things?
  5. email headers are read bottom to top, not top to bottom


When you receive the test email you should notice that it is being sent via amazonses.com. This is hardly noticeable to end users but if you wanted both the FROM and MAIL FROM fields to be set to your domain, additional configuration will be required.

 Delivered-To: travisrunyard@gmail.com
 Received: by with SMTP id g73csp545051vke;
 Sat, 3 Sep 2016 18:04:03 -0700 (PDT)
 X-Received: by with SMTP id z32mr32385280qtc.69.1472951043619;
 Sat, 03 Sep 2016 18:04:03 -0700 (PDT)
 Return-Path: <01000156f2b94199-6a48db87-7e42-463d-a21e-9d933f44f77f-000000@amazonses.com>
 Received: from a8-39.smtp-out.amazonses.com (a8-39.smtp-out.amazonses.com. [])
 by mx.google.com with ESMTPS id 87si10830184qks.19.2016.
 for <travisrunyard@gmail.com>
 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Sat, 03 Sep 2016 18:04:03 -0700 (PDT)
 Received-SPF: pass (google.com: domain of 01000156f2b94199-6a48db87-7e42-463d-a21e-9d933f44f77f-000000@amazonses.com designates as permitted sender) client-ip=;
 Authentication-Results: mx.google.com;
 dkim=pass header.i=@amazonses.com;
 spf=pass (google.com: domain of 01000156f2b94199-6a48db87-7e42-463d-a21e-9d933f44f77f-000000@amazonses.com designates as permitted sender) smtp.mailfrom=01000156f2b94199-6a48db87-7e42-463d-a21e-9d933f44f77f-000000@amazonses.com
 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
 s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1472951042;
 Date: Sun, 4 Sep 2016 01:04:02 +0000
 To: travisrunyard@gmail.com
 From: Travis Runyard <admin@sysinfo.io>
 Subject: WP Mail SMTP: Test mail to travisrunyard@gmail.com
 Message-ID: <01000156f2b94199-6a48db87-7e42-463d-a21e-9d933f44f77f-000000@email.amazonses.com>
 X-Mailer: PHPMailer 5.2.14 (https://github.com/PHPMailer/PHPMailer)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 X-SES-Outgoing: 2016.09.04-
 Feedback-ID: 1.us-east-1.tVHugpZRoeHUfyZCgNVONDGagq81+As3rbP6j7DFKx4=:AmazonSES
This is a test email generated by the WP Mail SMTP WordPress plugin.
Categories: AWSSES
Disqus Comments Loading...
All Rights ReservedRegular Version