AWS SES: DNS Configuration Guide for SPF, DKIM, and MX Records
Step 1: Verify Your Domain in SES
Go to the SES Console → identities.
Click Create Identity.
Enter your domain name
Enable: Use a custom MAIL FROM domain:
Add any subdomain.
Use RSA_2048_BIT DKIM key Length.
Click Create Identity.
➡️ SES will provide a set of DNS records:
3 DKIM CNAME records: Add all the records to your DNS.
Step 2: Add SPF Record (for Root Domain)
In your DNS provider, add a TXT record for the root domain:
| Name (Host) | Type | Value |
|---|---|---|
@ | TXT | "v=spf1 include:amazonses.com -all" |
➡️ This authorizes AWS SES to send on behalf of your domain.
Step 3: SES will provide 2 DNS records to add:
MX record
TXT (SPF) record
Example:
| Name | Type | Value |
|---|---|---|
events.neuailes.io | MX | 10 feedback-smtp.<region>.amazonses.com. |
events.neuailes.io | TXT | "v=spf1 include:amazonses.com -all" |
Make sure to replace <region> with your actual SES region (e.g., ap-south-1).
Step 4: Test and Verify
Wait for DNS propagation (usually 5–15 mins).
In SES, click "Verify" next to MAIL FROM and DKIM settings.
Send a test email to a Gmail address and check headers.