Why no DKIM for single AWS SES email identity?

Asked Sep 08 '22 at 18:36

Active Sep 08 '22 at 19:23

Viewed 18 times

I'm trying to prevent the possibility of AWS SES sending out emails as a potentially dangerous sender while keeping the DKIM option.

So desired functionality is to only allow "anna@example.com" as email sender, but prevent "cfo@example.com" and still use the DKIM option on the example.com domain.

I've setup and verified my whole domain example.com in AWS SES and I've added SPF and DKIP entries to my DNS. Test emails from SES and my apps are going through fine. I've verified my domain and SES provided me with needed DKIP data.

Since the whole domain is verified there seems to be nothing blocking "ceo@example.com" emails.

To achieve this restriction I've removed the domain as verified identity and added only "anna@example.com" as email address identity type. But now there doesn't seem to be a way of getting the DKIP data.

edited Sep 08 '22 at 19:23

asked Sep 08 '22 at 18:36

Tadija Bagarić

Can you use IAM policies to limit the "From" address used when sending through SES? It should work for both API and SMTP sending methods. The biggest problem I've encountered is resolving credential vs from address problems when people are trying to use the service with these restrictions. – Tim P Sep 12 '22 at 13:18

Why no DKIM for single AWS SES email identity?

0 Answers0