1

So in SES - there are two ways to verify identities as I can see:

  1. Email identities
  2. Domain identities

With domain identiies - it is easier to fix the "signed-by" and "mailed-by" headers in the outgoing mails. If the DKIM/SPF DNS records are set properly - it works well.

But with email identities - AWS SES adds something like "via amazonses.com". Now I am looking to fix this with my app's branding instead. So that when my clients only want to verify email identities and not whole domains - they can send emails via my app (and behind the scenes via SES) but when the emails go out - instead of saying "via amazonses.com", it should put my apps brancing like "via example.com" instead for the email identities.

How can I achieve this? :)

EDIT:

  1. Someone verifies an email identity - foobar@gmail.com - I want it to say "via mydomain.com" instead of "via amazonses.com"
  2. Someone verifies clientdomain.com - I want it to say "signed-by: clientdomain.com" and the "via...." will be removed

Number 2 is simple and I can achieve that with EasyDKIM in SES but I am having trouble figuring out how to achieve number 1

Rohan
  • 125
  • 3
  • 12

1 Answers1

1

To achieve this successfully - we had to verify the main domain which we wanted to sign with in case of email identities. Example mydomain.com is the domain, we verified that domian including setting the MAIL FROM domain in it.

Then, we went ahead and verified the single email identity we wanted to send and sign it with mydomain.com. I used my personal email but for this example we will use myemail@gmail.com.

Finally we had to tweak the FROM header like so in PHP before hitting the AWS PHP SDK for SES and call the sendRawEmail method

$message->setFrom('myemail@gmail.com via mydomain.xyz <noreply@mydomain.xyz>');

Final solution was that Gmail said from header was:

from:   myemail@gmail.com via mydomain.xyz <noreply@mydomain.xyz>
Rohan
  • 125
  • 3
  • 12