Get Started
Sending & Deliverability
Docs chevron_right Sending & Deliverability chevron_right Amazon SES setup

Amazon SES setup

Amazon SES is our recommended sending provider: it is the cheapest option at about $1 per 10,000 emails, it has excellent deliverability, and it works over both an API and SMTP. This guide takes you from a fresh AWS account to your first send in EmailFlow AI.

Step 1 — Create an IAM user with SES permissions

In the AWS console, open IAM › Users › Create user. Give the user programmatic access and attach a policy that allows SES sending — the managed AmazonSESFullAccess policy is the simplest, or scope it down to ses:SendRawEmail for least privilege. Avoid using your AWS root credentials; a dedicated IAM user keeps the keys revocable and auditable.

Step 2 — Get your access keys and region

After creating the user, generate an access key ID and secret access key and copy them somewhere safe (the secret is shown only once). Note the AWS region you are using SES in — for example us-east-1, us-west-2, or eu-west-1. The region matters: SES endpoints and verified identities are region-specific, so the region you pick in EmailFlow must match where you verified your domain.

Step 3 — Enter your keys in EmailFlow AI

In EmailFlow AI, open Sending › Servers, choose Add server, and select Amazon SES (it is first in the list, marked Recommended). Choose the SES API driver for the simplest setup, paste your access key ID, secret access key, and region, then save. Send the one-shot test message to confirm the connection works end to end.

Step 4 — Verify your sending domain

SES will only send from identities you have verified. In the SES console, verify your sending domain and publish the DKIM CNAME records it gives you in your DNS. Then authenticate the same domain in EmailFlow AI so your campaigns are DKIM-signed as you. Domain verification (rather than a single email address) lets you send from any address at that domain.

SMTP instead of the API

Prefer SMTP? SES also offers SMTP credentials. In the SES console, create SMTP credentials (these are different from your IAM keys), then add an Amazon SES (SMTP) server in EmailFlow AI using the SMTP endpoint for your region, port 587, and those credentials. Functionally the API and SMTP paths deliver the same mail; the API gives slightly richer feedback.

Step 5 — Leave the SES sandbox

New SES accounts start in the sandbox, which only lets you send to verified addresses and caps daily volume. To send to real recipients, open a production access request from the SES console — describe your use case, list-hygiene practices, and bounce handling. Approval is usually quick. Once you are out of the sandbox, your sending limits scale with your account.

savings
At roughly $1 per 10,000 emails, SES is dramatically cheaper than bundled-sending platforms — and because EmailFlow AI never meters your volume, those savings are yours.

Frequently asked questions

Why is my mail rejected with "Email address not verified"? You are still in the SES sandbox, or you are sending from a domain you have not verified in that region. Verify the domain and request production access.

Which region should I choose? Pick the region closest to your recipients, and make sure you verify your domain in that same region.

Can I use SES and another provider together? Yes — add multiple servers and EmailFlow AI will route across them.