In this tutorial, we will accomplish the following tasks:
(i) Set up a virtual server with AWS EC2;
(ii) Configure the DNS management with Route 53 by setting up name servers through AWS;
(iii) Configure the VPS with VirtualMin and PhPList to send emails;
(iv) Configure AWS Simple Email Service (SES) to accept the mails from the EC2 server and forward it to the recipients.
Advantage of sending mail through SES via EC2
There are two big advantages to setting up an Amazon EC2 server to send email through Amazon’s Simple Email Service (SES).
The first advantage is that AWS SES offers a generous Free Usage Tier.
When you call Amazon SES from an application hosted in Amazon EC2, you can send 62,000 messages per month at no charge. This Free Usage Tier benefit does not expire.
Note: You pay for outgoing mail data, incoming mail chunks, and EC2 data transfer fees, even if your usage of Amazon SES qualifies for the AWS Free Usage Tier.
This is explained in clear terms in the official page:
If you are… | You pay… | Plus the following additional charges… |
Sending email from an application hosted in Amazon EC2 | $0 for the first 62,000 emails you send each month, and $0.10 for every 1,000 emails you send after that. | $0.12 for each GB of attachments you send, and any additional charges for using EC2. |
Sending email from an email client or other software package | $0.10 for every 1,000 emails you send. | $0.12 for each GB of attachments you send. |
Receiving email | $0 for the first 1,000 emails you receive, and $0.10 for every 1,000 emails you receive after that. | $0.09 for every 1,000 incoming email chunks (see Pricing details for more information). |
Obviously, being able to send 62,000 emails per month for free is a big advantage.
The cost per 1000 emails sent thereafter is also cheap at only $0.10.
The second advantage is that the delivery problems are solved when emails are sent through AWS SES.
It is virtually impossible to configure a server to send emails which are not junked as spam by the ISPs.
Despite best practices of DKIM, SPF and DMARC, the emails land up in the spam box of the recipient, frustrating the sender.
However, Amazon SES enjoys such high reputation with the ISPs, that emails sent through its servers and IP Addresses get delivered into the inbox.
Step 1: Set up a EC2 server
Login to the AWS Console and click the ‘Launch instance’ button.
Under the ‘Choose an Amazon Machine Image (AMI)’ option, choose “Ubuntu Server 14.04 LTS (HVM), SSD Volume Type,
64-bit (x86)”.
There is a Free tier eligible for this option.
Under the ‘Choose an Instance Type’ choose the t2 micro server.
It has 1 GB RAM which we will need to install VirtualMin and PHPList.
This option is also eligible for the free tier.
The rest of the options relating to ‘configure instance details’, ‘add storage’ and ‘add tags’ can be accepted at their default values.
In the configure security group, care should be taken to ensure that ports 80 and 22 are open.
For purposes of this demo (and to ensure that there are no glitches due to the firewall), we can leave all ports open in the manner shown in the image.
This is obviously a security hazard. We can rectify it later once we are certain everything works as it should.
Click the ‘Review and Launch’ to confirm everything is okay.
Then, when you click the ‘Launch’ button, you can select an existing key pair or create an existing key pair.
After this step, the EC2 server is created.
Step 2: Change the DNS to point to Amazon’s Route 53 DNS Management
Click the ‘Route 53’ link in the AWS Console.
Go to ‘Hosted Zone’ > ‘Create Hosted Zone’.
Enter the domain name.
Note the values of the name servers.
In my case, it is the following:
ns-1806.awsdns-33.co.uk ns-1396.awsdns-46.org ns-139.awsdns-17.com ns-824.awsdns-39.net
Click the create record set and create ‘A’ record and ‘CNAME’ records.
There is an official video from Amazon AWS which explains the position very well.
Thereafter, go to the domain registrar (Namecheap in our example).
Under the ‘nameservers’ option, choose ‘custom DNS’ and enter the names of the four nameservers that we got from the ‘Hosted Zone’ records in Route 53.
The propogation of the DNS servers across the internet takes time.
In the meanwhile, you can check whether the DNS of the domain is properly configured to point to the EC2 server by using tools like intodns.com and others.
Step 3: Configure Amazon Simple Email Service (SES)
In the AWS console, click the SES link.
Thereafter, follow the steps to verify the new domain.
A domain whose DNS is managed by Route 53 is automatically verified.
The DKIM settings are also automatically generated.
You have to manually add a SPF record in the record set.
Create a txt record with the value
"v=spf1 include:amazonses.com ~all"
Follow the steps to verify your own email addresses (of the sender and the recipient).
Send a test mail to verify that emails are being sent from, and received by, the domain without any problem.
Then, click the SMTP settings link to create a user and password to use the Amazon’s SMTP settings.
Install VirtualMin
VirtualMin is a free control panel. It is the open source version of cPanel.
VirtualMin makes managing the VPS server very easy in terms of setting up websites, securing them through Free Let’s Encrypt SSL Certificates, creating email accounts etc.
You should also install Roundcube to be able to send and receive emails.
A detailed tutorial on how to set up VirtualMin and create a WordPress website with Roundcube is given here and here.
Install PhPList
PhPList is an excellent free email software program which makes the task of sending bulk emails very simple.
There is an excellent tutorial at the official website of phplist which explains how the installation is to be made.
Configure phplist to send mails through Amazon’s SMTP servers
In the AWS console, you would have created a user and password to use the SMPT sever of Amazon.
Now, go to
/home/domainname/public_html/config
and edit the config.php file to enter the SMTP settings.
It looks like this:
$define("PHPMAILERHOST",'email-smtp.us-east-1.amazonaws.com'); $phpmailer_smtpuser = 'Enter Username'; $phpmailer_smtppassword = 'Enter Password'; define('PHPMAILERPORT',25); define("PHPMAILER_SECURE",'tls');
You can create a couple of confirmed users in phplist using your own email accounts with gmail, yahoo and hotmail and send a test mail through phplist to ensure that the emails are landing in the inbox and not being junked as spam.
You must configure phplist to throttle the limits for sending of the emails so that the ISPs are more tolerant.
You must also set up a bounce email so that hard bounces are automatically unsubscribed by phplist.
You can also set up a cron job to automate the sending of emails in small batches, after a defined interval.
This ensures more deliverability of the emails.
Request increase in sending limits
Amazon SES puts all new users in a “sandbox“. With sandbox access you can only send email to the Amazon SES mailbox simulator and to email addresses or domains that you have verified.
To be moved out of the sandbox, a sending limit increase has to be made.
Conclusion
With these steps, you will have accomplished the task of setting up a EC2 VPS and using it to send emails through SES.
However, you must be careful to ensure that the recipients do not complain of abuse or mark the emails as spam.
If there is a high ratio of complaints, Amazon AWS will not hesitate to ban the account so as to protect their IP reputation.
Hi, I write here cause I don’t know what else to do,
Recently few days ago we move our WordPress website https://caknowledge.com/ from siteground to AWS Ec2 Server, we setup everything and our website is running fine on AWS server.
We also install postfix for email sending but when new users signup on our website or if anyone wants to reset the password then all verification mails are going to the spam folder, we already talk to aws premium support but not getting any help from them.
Please can anyone help us, how we resolve this issue, we use PHP mailer service inbuilt in WordPress for sending mails and we already verified our domain on AWS SES.
Are you using SES to send emails? If you are using the inbuilt wordpress functionality for sending mails, it will never work. The bare minimum required for an email to be treated as legit is the DKIM and SPF.
If you want to send emails yourself, you must have a control panel installed (such as VirtualMin) which will help you to configure DKIM and SPF for your domain.
Also check whetter your domain or the IP address has been flagged and blacklisted. If so, you will have to request for them to be whitelisted.
If you only want to send transactional mails or newsletters to small groups of subscribers, you can consider mail services like Mail Chimp and others