{"id":266,"date":"2020-01-20T19:24:17","date_gmt":"2020-01-20T19:24:17","guid":{"rendered":"https:\/\/www.antpace.com\/blog\/?p=266"},"modified":"2025-08-25T14:01:16","modified_gmt":"2025-08-25T14:01:16","slug":"sending-email-from-your-app-using-aws-ses","status":"publish","type":"post","link":"https:\/\/www.antpace.com\/blog\/sending-email-from-your-app-using-aws-ses\/","title":{"rendered":"Sending email from your app using AWS SES"},"content":{"rendered":"

Simple Email Service (SES) from AWS<\/h2>\n

Email is the best way that we can communicate with our users; still better than SMS or app notifications. An effective messaging strategy can enhance the journey our products offer.<\/p>\n

This post is about sending email from the website or app you’re developing. We will use SES to send transactional emails. AWS\u00a0documentation<\/a> describes\u00a0Simple Email Service (SES) as “an\u00a0email sending and receiving service that provides an easy, cost-effective way for you to send email.” It abstracts away managing a mail server.<\/p>\n

Identity verification<\/h2>\n

When you first get set up, SES will be in sandbox mode. That means you can only send email to verified receivers. To get production access and start sending emails to the public, you will need to verify an email address and a sending domain.<\/p>\n

Configuring your domain name<\/h3>\n

Sending email through SES requires us to verify the domain name that messages will be coming from. We can do this from the “Domains” dashboard.<\/p>\n

\"Verify
Verify a new domain name<\/figcaption><\/figure>\n

This will generate a list of record sets that will need to be added to our domain as DNS records. I use Route 53, another Amazon service, to manage my domains – so that’s where I’ll need to enter this info. If this is a new domain that you are working with, you will need to create a “hosted zone”in AWS for it first.<\/p>\n

\"AWS<\/p>\n

As of this update, Amazon recommends using CNAME DKIM (DomainKeys Identified Mail) records instead of TXT records to authenticate your domain. These signatures enhance the deliverability of your mail with DKIM-compliant email providers. If your domain name is in Route 53, SES will automatically import the CNAME records for you.<\/p>\n

\"warning<\/p>\n

Understand deliverability<\/h3>\n

We want to be confident that intended recipients are actually getting the messages that are sent.\u00a0 Email service providers, and ISPs, want to prevent being abused by spammers. Following best practices, and understanding deliverability, can ensure that emails won’t be blocked.<\/p>\n

Verify any email addresses that you are sending messages from: “To maintain trust between email providers and Amazon SES, Amazon SES needs to ensure that its senders are who they say they are.”<\/p>\n

You should use an email address that is at the domain you verified. To host business email, I suggest AWS WorkMail or Google Workspace<\/p>\n

\"verify<\/p>\n

Make sure DKIM has been verified for your domain: \u00a0“DomainKeys Identified Mail (DKIM) provides proof that the email you send originates from your domain and is authentic”. If you’re already using Route 53 to manage your DNS records, SES will present an option to automatically create the necessary records.<\/p>\n

\"Route<\/p>\n

Be reputable. Send high quality emails and make opt-out easy. You don’t want to be marked as spam. Respect sending quotas. If you’re plan on sending bulk email to a list-serve, I suggest using an Email Service Provider such as MailChimp (SES could be used for that too, but is outside the scope of this writing).<\/p>\n

Sending email<\/h2>\n

SES can be used three ways: either by API, the SMTP interface, or the console. Each method lists different ways to authenticate. “To interact with [Amazon SES], you use security credentials to verify who you are and whether you have permission to interact with Amazon SES.<\/a>” Next, we will use the API credentials – an access key ID and secret access key.<\/p>\n

Create an access key pair<\/h3>\n

An access key can be created using\u00a0Identity and Access Management (IAM).\u00a0<\/span>You use access keys to sign programmatic requests that you make to AWS<\/a>.” This requires creating a user, and setting its permissions policies to include “AmazonSESSendingAccess”. We can create an access key in the “security credentials” for this user.<\/span><\/p>\n

\"Permission
Permission policy for IAM user<\/figcaption><\/figure>\n

Integrating with WordPress<\/h3>\n

Sending email from WordPress is made easy with plugins. They can be used to easily create forms<\/a>. Those forms can be wired to use the outbound mail server of our choice using\u00a0WP Mail SMTP Pro<\/a>. All we’ll need to do is enter the access key details. If we try to send email without specifying a mail server, forms will default to sending messages directly from the LAMP box hosting the website. That would result in low-to-no deliverability.<\/p>\n

\"Screenshot
Screenshot of WP Mail SMTP Pro<\/figcaption><\/figure>\n

As of this update, the above plugin now only provides the “Amazon SES” option with a premium (not free) monthly subscription. That’s OK, because we can still use Amazon SES through the “Other SMTP” option. You can read about how I used this choice to send emails from a WordPress site’s contact form<\/a>.<\/p>\n

SMTP Username and Password<\/h3>\n

The “Other SMTP” option asks for a username and password. You can create those credentials from Amazon SES by going to “SMTP Settings”. When you click “Create SMTP credentials<\/span><\/a>” you will be redirected to the IAM service to create a user with the details already filled<\/p>\n

\"creating<\/p>\n

It will give you the SMTP user name (different than the IAM user name) and password on the following screen. After you add these details to the plugin, any emails sent from this WordPress instance will use SES as the mail server. As a use case, I create forms with another plugin called “Contact Form 7”. Any emails sent through these forms will use the above set up.<\/p>\n

Integrating with custom code<\/h3>\n

Although the WordPress option is simple, the necessary plugin has an annual cost. Alternatively, SES can integrate with custom code we’ve written. We can use\u00a0PHPMailer<\/a> to abstract away the details of sending email programmatically. Just include the necessary files, configure some variables, and call a send() method.<\/p>\n

\"Contact
Contact form powered by SES<\/figcaption><\/figure>\n

The contact forms on my\u00a0r\u00e9sum\u00e9<\/a>\u00a0 and portfolio<\/a>\u00a0webpages use this technique. I submit the form data to a PHP file that uses PHPMailer to interact with SES. The front-end uses a UI notification widget to give the user alerts. It’s available on my GitHub, so check it out<\/a>.<\/p>\n

Front-end, client-side:<\/p>\n

<form id=\"contactForm\">\n    <div class=\"outer-box\">\n\n        <input type=\"text\" placeholder=\"Name\" name=\"name\" value=\"\" class=\"input-block-level bordered-input\">\n        <input type=\"email\" placeholder=\"Email\" value=\"\" name=\"email\" class=\"input-block-level bordered-input\">\n        <input type=\"text\" placeholder=\"Phone\" value=\"\" name=\"phone\" class=\"input-block-level bordered-input\">\n\n        <textarea placeholder=\"Message\" rows=\"3\" name=\"message\" id=\"contactMessage\" class=\"input-block-level bordered-input\"><\/textarea>\n        <button type=\"button\" id=\"contactSubmit\" class=\"btn transparent btn-large pull-right\">Contact Me<\/button>\n    <\/div>\n<\/form>\n<link rel=\"stylesheet\" type=\"text\/css\" href=\"\/ui-messages\/css\/ui-notifications.css\">\n<script src=\"\/ui-messages\/js\/ui-notifications.js\"><\/script>\n<script type=\"text\/javascript\">\n$(function(){\n\tvar notifications = new UINotifications();\n\t$(\"#contactSubmit\").click(function(){\n\t\tvar contactMessage = $(\"#contactMessage\").val();\n\t\tif(contactMessage < 1){\n\t\t\tnotifications.showStatusMessage(\"Don't leave the message area empty.\");\n\t\t\treturn;\n\t\t}\n\t\tvar data = $(\"#contactForm\").serialize();\n\t\t$.ajax({\n\t\t\ttype:\"POST\",\n\t\t\tdata:data,\n\t\t\turl:\"assets\/contact.php\",\n\t\t\tsuccess:function(response){\n\t\t\t\tconsole.log(response);\n\t\t\t\tnotifications.showStatusMessage(\"Thanks for your message. I'll get back to you soon.\");\n\t\t\t\t$(\"form input, form textarea\").val(\"\");\n\t\t\t}\n\n\t\t});\n\t});\n});\n<\/script>\n<\/pre>\n
In the PHP file,\u00a0 we set the username and password as the access key ID and access key secret. Make sure the region variable matches what you’re using in AWS. #TODO<\/strong>: It would be best practice to record the message to a database. (The WordPress plugin from earlier handles that out-of-the-box). We might also send an additional email to the user, letting them know their note was received.<\/p>\n
Back-end, server-side:<\/p>\n
<?php\n\/\/send email via amazon ses\nuse PHPMailer\\PHPMailer\\PHPMailer;\nuse PHPMailer\\PHPMailer\\Exception;\n\n$name = \"\";\n$email = \"\";\n$phone = \"\";\n$message = \"\";\n\nif(isset($_POST[\"name\"])){\n\t$name = $_POST[\"name\"];\n}\nif(isset($_POST[\"email\"])){\n\t$email = $_POST[\"email\"];\n}\nif(isset($_POST[\"phone\"])){\n\t$phone = $_POST[\"phone\"];\n}\nif(isset($_POST[\"message\"])){\n\t$message = $_POST[\"message\"];\n}\n\n$region = \"us-east-1\"\n$aws_key_id = \"xxx\"\n$aws_key_secret = \"xxx\"\n\nrequire '\/var\/www\/html\/PHPMailer\/src\/Exception.php';\nrequire '\/var\/www\/html\/PHPMailer\/src\/PHPMailer.php';\nrequire '\/var\/www\/html\/PHPMailer\/src\/SMTP.php';\n\/\/ \/\/ Instantiation and passing `true` enables exceptions\n$mail = new PHPMailer(true);\ntry {\n\tif(strlen($message) > 1){\n    \/\/Server settings\n\t    $mail->SMTPDebug = 2;                                       \/\/ Enable verbose debug output\n\t    $mail->isSMTP();                                            \/\/ Set mailer to use SMTP\n\t    $mail->Host       = 'email-smtp.' . $region . '.amazonaws.com';  \/\/ Specify main and backup SMTP servers\n\t    $mail->SMTPAuth   = true;                                   \/\/ Enable SMTP authentication\n\t    $mail->Username   = $aws_key_id;                     \/\/ access key ID\n\t    $mail->Password   = $aws_key_secret;                               \/\/ AWS Key Secret\n\t    $mail->SMTPSecure = 'tls';                                  \/\/ Enable TLS encryption, `ssl` also accepted\n\t    $mail->Port       = 587;                                    \/\/ TCP port to connect to\n\n\t    \/\/Recipients\n\t    $mail->setFrom('XXX@antpace.com', 'Portfolio');\n\t    $mail->addAddress(\"XXX@antpace.com\");     \/\/ Add a recipient\n\t    $mail->addReplyTo('XXX@antpace.com', 'Portfolio');\n\n\t    \/\/ Content\n\t    $mail->isHTML(true);                                  \/\/ Set email format to HTML\n\n\t    $mail->Subject = 'New message from your portfolio page.';\n\t    $mail->Body    = \"This message was sent from: $name - $email - $phone \\n Message: $message\";\n\t    $mail->AltBody = \"This message was sent from: $name - $email - $phone \\n Message: $message\";\n\n\t    $mail->send();\n\t    echo 'Message has been sent';\n\t}\n\n} catch (Exception $e) {\n    echo \"Message could not be sent. Mailer Error: {$mail->ErrorInfo}\";\n}\n\n?>\n<\/pre>\n
The\u00a0technical side of sending email from software is straight-forward. The\u00a0strategy can be fuzzy and requires planning. Transactional emails have an advantage over marketing emails. Since they are triggered by a user’s action, they have more meaning. They have higher open rates, and in that way afford an opportunity.<\/p>\n
How can we optimize the usefulness of these emails? Be sure to create a recognizable voice in your communication that resonates your brand. Provide additional useful information, resources, or offers. These kind of emails are an essential part of the user experience and your product’s development.<\/p>\n
You can find the code for sending emails this way on my GitHub<\/a>.<\/p>\n
Alternative to SES<\/h2>\n
In a recent project, a client had WordPress set up through AWS lightsail. By default, email sending for WP users’ new accounts and password reseting is not configured out-of-the-box (Unlike using WordPress.com, where it just works). They already were using Google Workspace for their email, so we decided to leverage that instead.<\/p>\n
We decided to use ‘app passwords’. We needed to make sure two-factor authentication was set up. This allowed us to generate a password that can be used as the SMTP password.<\/p>\n","protected":false},"excerpt":{"rendered":"
Simple Email Service (SES) from AWS Email is the best way that we can communicate with our users; still better than SMS or app notifications. An effective messaging strategy can enhance the journey our products offer. This post is about sending email from the website or app you’re developing. We will use SES to send … <\/p>\n
Continue reading “Sending email from your app using AWS SES”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":3161,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[12,23,70,110,115],"class_list":["post-266","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-web-development","tag-aws","tag-cloud","tag-iam","tag-route-53","tag-ses"],"_links":{"self":[{"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/posts\/266","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/comments?post=266"}],"version-history":[{"count":1,"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/posts\/266\/revisions"}],"predecessor-version":[{"id":3162,"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/posts\/266\/revisions\/3162"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/media\/3161"}],"wp:attachment":[{"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/media?parent=266"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/categories?post=266"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.antpace.com\/blog\/wp-json\/wp\/v2\/tags?post=266"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}