Using Amazon SES as a mail relay for outbound mail?

Good evening,

I’ve been running HestiaCP for over a year now and it works great for many of my smaller websites, open-source projects and email accounts that I generally don’t care about much about mail deliverability (as their smaller websites and generally offer “free services” to the community and asking user’s to check their SPAM folders isn’t that much of a big deal for me).

In the past I’ve used a few premium email providers (Google Apps for you domain and more recently, Microsoft 365 small business) to host my more important mail accounts - this has been due to not wanting to combat endless SPAM but more importantly and to ensure emails are delivered to other mail servers - I know that Gmail and Office 365 can be super strict with what they will class as “SPAM” and, despite setting up DMARC, DKIM, SPF on HestiacP etc, in the past (it’s probably due to IP reputation - something that I nor HestiaCP can really control) I have found that emails sent from my Hestia server have been identified as SPAM by some of the bigger providers for some of my lesser-important mail accounts/domains (that I host on my HestiaCP server).

I am however now thinking about moving my more important (company and personal) mail domains on to my Hestia server and, to be honest, the only thing that has been holding me back for a while now is the deliverability of emails - I certainly don’t want “professional” emails that I send to be marked as SPAM by the bigger email providers (Gmail, Office 365 etc.)

My plan to handle this, assuming that it works (I’m ultimately hoping that people reading this might already be doing this and can confirm their experience?) is to add my more important mail domains and mailboxes to my Hestia server - add MX records for the domain(s) that will point to my Hestia server and then, set up the domain to “SMTP Relay” outbound mail to Amazon SES, my domains would then use the SPF, DMARC, DKIM details provided by Amazon SES)

So, assuming that others have done this before, I just wondered if anyone could answer/confirm the following any (ideally all) of the following questions/concerns that I have at the moment:

  • My proposed setup above will actually work (assuming I set up the DNS records correctly -eg. MX records point to my HestiaCP server, SPF, DKIM, DMARC all point to the Amazon SES service) - eg. Amazon SES doesn’t impose some strict rules whereby inbound emails to my domain must go through their server too (eg. I cannot, therefore, set the MX record on my domain to deliver emails directly to my Hestia server but send email only through Amazon SES)?

  • Using this kind of setup isn’t against the Amazon SES terms of service (eg. I’ll be using it to send low-volume personal, “individual emails” as opposed to bulk marketing emails)?

  • Did you find it easier to configure Postfix/EXIM to send server-wide emails directly to Amazon SES or did you simply set it per-domain on the Mail Domain settings panel (where you can enter an SMTP relay host, port, username and password)

  • What is your experience with mail delivery - have you had many reports of emails, despite being sent through Amazon SES being delivered to a user’s SPAM folder (I assume this wouldn’t be the case as Amazon is massive and would have the ability to easily “warm-up” their IP addresses)?

  • Is the Amazon SES pricing really as good as it sounds (~$0.12 per 1000 emails sent) or is (more specifically) there any nasty billing surprises eg. a minimum of $10 a month?

I have honestly tried to find the answers to the above questions so this isn’t a forum post to get answers because I’m too lazy to research myself :slight_smile:

I’d love to hear back from anyone that has done the same or similar (even if they have used another SMTP relay service to combat deliverability issues or recommend another similarly priced, SMTP relay service)…

Thanks in advance,

If you set a global SMTP relay account you still need to make sure that you add each of the domains otherwise it will not work.

  • Using this kind of setup isn’t against the Amazon SES terms of service (eg. I’ll be using it to send low-volume personal, “individual emails” as opposed to bulk marketing emails)?

I know somebody who has used it for this use case without any issues.

I don’t use SES my self so have no experience with delivery with it…

I am also still using Gmail…

1 Like

That’s good news - I really appreciate the reply @eris :+1:

…I’ll give this a go in the next few days!

Hello, I use a different server for email and I don’t have deliverability problems.

The main thing is that WordPress gets hacked from time to time. If you put an email server where you put the websites that is the recipe for disaster.

Just have 1 server for DNS + email, and N servers for web.

You can have SES as a backup plan. In case you ger deliverability problems, you can switch it on

I have no experience with Amazon SES, so it will be interesting if you write and share about it after implementing SES.

For now, I’m using SES just for specific critical websites, but I never thought about install it at the server side.
I will follow your experience :slight_smile:

I plan to setup my new server(s) tomorrow - I’ll post back my experiences and how I achieved it :+1:

Thank you for all of your replies guys - I appreciate it!

Also, You should be aware about aws bounce rate restriction…in this, You should ensuring that Your server will not do any spamming or have good mail bounce rate, otherwise Your aws account will get suspended.