Setting up Amazon SES with Route 53, Nodemailer, DMARC, and BIMI

Setting up Amazon SES with Route 53, Nodemailer, DMARC, and BIMI

In this guide, we'll walk through the steps to set up Amazon Simple Email Service (SES) with Route 53, verify email addresses, configure SMTP settings, use Nodemailer, and enhance email deliverability with DMARC and BIMI.

Step 1: Configuring Route 53 DNS for SES

To start, ensure your domain is managed by Amazon Route 53. You'll need to add DNS records to verify your domain and set up email sending.

Adding DNS Records

  1. Log in to AWS Management Console and navigate to Route 53.
  2. Select Hosted Zones and choose your domain.
  3. Create a new record set:
    • Type: TXT
    • Name: _amazonses
    • Value: The token provided by Amazon SES (e.g., DKIM token).

Verifying Your Domain

After adding the DNS records, go to the Amazon SES console and verify your domain:

  1. Navigate to Amazon SES and select Domains under the Identity Management section.
  2. Click on Verify a New Domain, enter your domain name, and follow the prompts to complete verification.

Step 2: Verifying Email Addresses

Adding Email Addresses

To send emails using SES, you need to verify the email addresses:

  1. Go to the SES console and select Email Addresses under the Identity Management section.
  2. Click on Verify a New Email Address and enter the email addresses you want to verify (e.g., info@yourdomain.com).

You will receive a verification email. Click on the link in the email to verify the address.

Step 3: Setting Up SMTP Settings

Creating SMTP Credentials

  1. In the SES console, select SMTP Settings under the Email Sending section.
  2. Click on Create My SMTP Credentials.
  3. Download the SMTP credentials (SMTP username and password).

Using Nodemailer

Nodemailer allows you to send emails through SES using these credentials.

const nodemailer = require('nodemailer');

let transporter = nodemailer.createTransport({
  host: 'email-smtp.us-east-1.amazonaws.com', // Replace with your SES SMTP endpoint
  port: 587,
  secure: false,
  auth: {
    user: 'SMTP_USERNAME', // Replace with your SMTP username
    pass: 'SMTP_PASSWORD', // Replace with your SMTP password
  },
});

let mailOptions = {
  from: 'info@yourdomain.com',
  to: 'recipient@example.com',
  subject: 'Test Email',
  text: 'Hello from SES and Nodemailer!',
};

transporter.sendMail(mailOptions, (error, info) => {
  if (error) {
    return console.log(error);
  }
  console.log('Message sent: %s', info.messageId);
});

Step 4: Improving Deliverability with DMARC and BIMI Setting Up DMARC To set up DMARC, add a TXT record to your DNS settings:

Navigate to Route 53 and select your domain. Create a new record set: Name: _dmarc Type: TXT Value:

"v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@yourdomain.com"

Setting Up BIMI To set up BIMI, you need an SVG logo and a corresponding DNS record:

Host your SVG logo at a public URL, e.g., https://www.yourdomain.com/logo.svg. Add a new DNS record: Name: default._bimi Type: TXT Value

"v=BIMI1; l=https://www.yourdomain.com/logo.svg; a=self" Monitoring and Final Steps Monitor DMARC Reports: Check reports sent to the email specified in rua. Adjust DMARC Policy: Gradually move from p=none to p=quarantine and then p=reject based on the reports. By following these steps, you'll improve your email deliverability and ensure your emails are less likely to end up in spam folders. Adding DMARC and BIMI records further enhances your domain's email security and brand visibility.

For detailed guidance, refer to the official AWS documentation:

BIMI Setup DMARC Setup