Authenticating Your Emails in Amazon SES

Amazon Simple Email Service (Amazon SES) uses SMTP (Simple Mail Transfer Protocol) to send an email.

Since SMTP itself does not provide authentication, a spammer can send emails that appear to be from someone else while hiding the actual source. By forging email headers and spoofing source IP addresses, spammers can fool recipients into believing that the email messages they receive are genuine.

Most ISPs that relay email traffic have taken steps to assess the seriousness of emails. One such measure ISPs take is to determine whether an email is authenticated. Authentication requires senders to verify that they are the owner of the sending account. Sometimes ISPs refuse to forward an email that is not authenticated. For optimal deliverability, we recommend that you authenticate your e-mail.

The following sections describe two authentication mechanisms that ISPs use - Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) - and provide instructions for using these standards with Amazon SES.



Note
See the AWSMessaging and Targeting blog for information and discussion on a range of topics related to Amazon SES. To browse and post questions, visit the Amazon SES Forum.