Set up Amazon SES
Use Amazon SES when you want AWS-native sending with full control over your sending identity, regional configuration, and bounce tracking through SNS notifications.
5 min read
Before you start
Before connecting Amazon SES to Mailrith, complete these steps in your AWS account:
- Verify your sender identity. In the Amazon SES console, verify either the domain you plan to send from (recommended) or the specific email address you will use as the From address. Both domain and email-level identities work — domain verification is more flexible.
- Create an IAM user or role with SES send permission. The IAM user needs the
ses:SendEmailandses:SendRawEmailpermissions. Generate an access key for this user — you will need the Access Key ID and Secret Access Key. - Check your SES sending limits. New AWS accounts start in the SES sandbox, which restricts sending to verified addresses only. Request production access from AWS before using SES for real campaigns.
Mailrith fields
When creating an Amazon SES connection in Mailrith, fill in the following fields:
- Region: the AWS region where your verified SES identity lives — for example,
us-east-1oreu-west-1. This must match the region where the identity is verified. - Access Key ID: the access key ID from the IAM user you created for sending.
- Secret Access Key: the matching secret key. Store this securely — it is equivalent to a password for your AWS account.
- From name: the display name that appears in the recipient's inbox — for example, "Acme Updates" or "The Team at Acme".
- From email: the email address in the From field — for example,
updates@acme.com. This must be a verified identity in the selected SES region.
AWS setup
- In the AWS Console, navigate to Amazon SES → Verified identities and confirm your sending domain or email address is verified and active.
- Navigate to IAM → Users and create a user with programmatic access. Attach a policy that includes
ses:SendEmailandses:SendRawEmailpermissions. - Generate an access key for the user and securely note both the Access Key ID and Secret Access Key.
- In Mailrith, create a new connection, select Amazon SES, enter the region and credentials, and save.
- Use the Send test email action to verify the credentials and sender identity work before using the connection in a live campaign.
SNS webhooks
Amazon SES delivers bounce and complaint notifications through Amazon SNS (Simple Notification Service). Mailrith provides two separate webhook endpoints — one for bounces and one for complaints — that you configure as SNS subscriptions.
To get these endpoints, open the connection row in Mailrith and click View webhooks. Then, in your AWS Console:
- Navigate to Amazon SES → Verified identities → Notifications for the identity you are using.
- Create or select an SNS topic for bounce notifications, then subscribe it to the Mailrith bounce webhook URL using the HTTPS protocol.
- Repeat for complaint notifications using the Mailrith complaint webhook URL.
- Confirm the SNS subscriptions — AWS sends a confirmation request to Mailrith's endpoint, which it handles automatically.
Once SNS is connected, Mailrith will automatically update subscriber statuses when bounces or spam complaints occur. Without this setup, those events will not reach Mailrith and your list will accumulate bad addresses over time.
Need help?
Reach the Mailrith team if you need help planning a workflow or troubleshooting a setup.
Related guides
Connect your email sending provider, configure sender identity, test delivery, and set up webhooks for bounce and complaint tracking.
Compose one-off email campaigns, define the audience with tags and segments, preview the result, and send immediately or schedule for later.
Build timed email series with individual delays, per-email audience filters, draft and publish controls, and step-level engagement analytics.