Amazon SES Blog

Introducing Email Templates and Bulk Sending

by Brent Meyer | on | Permalink | Comments |  Share

(Edited October 11, 2017)—Corrected the structure of the template JSON file and the maximum template file size.

The Amazon SES team is excited to announce our latest update, which includes two related features that help you send personalized emails to large groups of customers. This post discusses these features, and provides examples that you can follow to start using these features right away.

Email templates

You can use email templates to create the structure of an email that you plan to send to multiple recipients, or that you will use again in the future. Each template contains a subject line, a text part, and an HTML part. Both the subject and the email body can contain variables that are automatically replaced with values specific to each recipient. For example, you can include a {{name}} variable in the body of your email. When you send the email, you specify the value of {{name}} for each recipient. Amazon SES then automatically replaces the {{name}} variable with the recipient’s first name.

Creating a template

To create a template, you use the CreateTemplate API operation. To use this operation, pass a JSON object with four properties: a template name (TemplateName), a subject line (SubjectPart), a plain text version of the email body (TextPart), and an HTML version of the email body (HtmlPart). You can include variables in the subject line or message body by enclosing the variable names in two sets of curly braces. The following example shows the structure of this JSON object.

  "Template": {
    "TemplateName": "MyTemplate",
    "SubjectPart": "Greetings, {{name}}!",
    "TextPart": "Dear {{name}},\r\nYour favorite animal is {{favoriteanimal}}.",
    "HtmlPart": "<h1>Hello {{name}}</h1><p>Your favorite animal is {{favoriteanimal}}.</p>"

Use this example to create your own template, and save the resulting file as mytemplate.json. You can then use the AWS Command Line Interface (AWS CLI) to create your template by running the following command: aws ses create-template --cli-input-json file://mytemplate.json

Sending an email created with a template

Now that you have created a template, you’re ready to send email that uses the template. You can use the SendTemplatedEmail API operation to send email to a single destination using a template. Like the CreateTemplate operation, this operation accepts a JSON object with four properties. For this operation, the properties are the sender’s email address (Source), the name of an existing template (Template), an object called Destination that contains the recipient addresses (and, optionally, any CC or BCC addresses) that will receive the email, and a property that refers to the values that will be replaced in the email (TemplateData). The following example shows the structure of the JSON object used by the SendTemplatedEmail operation.

  "Source": "",
  "Template": "MyTemplate",
  "Destination": {
    "ToAddresses": [ "" ]
  "TemplateData": "{ \"name\":\"Alejandro\", \"favoriteanimal\": \"zebra\" }"

Customize this example to fit your needs, and then save the resulting file as myemail.json. One important note: in the TemplateData property, you must use a blackslash (\) character to escape the quotes within this object, as shown in the preceding example.

When you’re ready to send the email, run the following command: aws ses send-templated-email --cli-input-json file://myemail.json

Bulk email sending

In most cases, you should use email templates to send personalized emails to several customers at the same time. The SendBulkTemplatedEmail API operation helps you do that. This operation also accepts a JSON object. At a minimum, you must supply a sender email address (Source), a reference to an existing template (Template), a list of recipients in an array called Destinations (within which you specify the recipient’s email address, and the variable values for that recipient), and a list of fallback values for the variables in the template (DefaultTemplateData). The following example shows the structure of this JSON object.

      "ReplacementTemplateData":"{ \"name\":\"Anaya\", \"favoriteanimal\":\"yak\" }"
      "ReplacementTemplateData":"{ \"name\":\"Liu\", \"favoriteanimal\":\"water buffalo\" }"
      "ReplacementTemplateData":"{ \"name\":\"Shirley\", \"favoriteanimal\":\"vulture\" }"
  "DefaultTemplateData":"{ \"name\":\"friend\", \"favoriteanimal\":\"unknown\" }"

This example sends unique emails to Anaya (, Liu (, Shirley (, and a fourth recipient (, whose name and favorite animal we didn’t specify. Anaya, Liu, and Shirley will see their names in place of the {{name}} tag in the template (which, in this example, is present in both the subject line and message body), as well as their favorite animals in place of the {{favoriteanimal}} tag in the message body. The DefaultTemplateData property determines what happens if you do not specify the ReplacementTemplateData property for a recipient. In this case, the fourth recipient will see the word “friend” in place of the {{name}} tag, and “unknown” in place of the {{favoriteanimal}} tag.

Use the example to create your own list of recipients, and save the resulting file as mybulkemail.json. When you’re ready to send the email, run the following command: aws ses send-bulk-templated-email --cli-input-json file://mybulkemail.json

Other considerations

There are a few limits and other considerations when using these features:

  • You can create up to 10,000 email templates per Amazon SES account.
  • Each template can be up to 500KB in size, including both the text and HTML parts.
  • You can include an unlimited number of replacement variables in each template.
  • You can send email to up to 50 destinations in each call to the SendBulkTemplatedEmail operation. A destination includes a list of recipients, as well as CC and BCC recipients. Note that the number of destinations you can contact in a single call to the API may be limited by your account’s maximum sending rate. For more information, see Managing Your Amazon SES Sending Limits in the Amazon SES Developer Guide.

We look forward to seeing the amazing things you create with these new features. If you have any questions, please leave a comment on this post, or let us know in the Amazon SES forum.

Announcing the Reputation Dashboard

by Brent Meyer | on | Permalink | Comments |  Share

The Amazon SES team is pleased to announce the addition of a reputation dashboard to the Amazon SES console. This new feature helps you track issues that could impact the sender reputation of your Amazon SES account.

What information does the reputation dashboard provide?

Amazon SES users must maintain bounce and complaint rates below a certain threshold. We put these rules in place to protect the sender reputations of all Amazon SES users, and to prevent Amazon SES from being used to deliver spam or malicious content. Users with very high rates of bounces or complaints may be put on probation. If the bounce or complaint rates are not within acceptable limits by the end of the probation period, these accounts may be shut down completely.

Previous versions of Amazon SES provided basic sending metrics, including information about bounces and complaints. However, the bounce and complaint metrics in this dashboard only included information for the past few days of email sent from your account, as opposed to an overall rate.

The new reputation dashboard provides overall bounce and complaint rates for your entire account. This enables you to more closely monitor the health of your account and adjust your email sending practices as needed.

Can’t I just calculate these values myself?

Because each Amazon SES account sends different volumes of email at different rates, we do not calculate bounce and complaint rates based on a fixed time period. Instead, we use a representative volume of email. This representative volume is the basis for the bounce and complaint rate calculations.

Why do we use representative volume in our calculations? Let’s imagine that you sent 1,000 emails one week, and 5 of them bounced. If we only considered a week of email sending, your metrics look good. Now imagine that the next week you only sent 5 emails, and one of them bounced. Suddenly, your bounce rate jumps from half a percent to 20%, and your account is automatically placed on probation. This example may be an extreme case, but it illustrates the reason that we don’t use fixed time periods when calculating bounce and complaint rates.

When you open the new reputation dashboard, you will see bounce and complaint rates calculated using the representative volume for your account. We automatically recalculate these rates every time you send email through Amazon SES.

What else can I do with these metrics?

The Bounce and Complaint Rate metrics in the reputation dashboard are automatically sent to Amazon CloudWatch. You can use CloudWatch to create dashboards that track your bounce and complaint rates over time, and to create alarms that send you notifications when these metrics cross certain thresholds. To learn more, see Creating Reputation Monitoring Alarms Using CloudWatch in the Amazon SES Developer Guide.

How can I see the reputation dashboard?

The reputation dashboard is now available to all Amazon SES users. To view the reputation dashboard, sign in to the Amazon SES console. On the left navigation menu, choose Reputation Dashboard. For more information, see Monitoring Your Sender Reputation in the Amazon SES Developer Guide.

We hope you find the information in the reputation dashboard to be useful in managing your email sending programs and campaigns. If you have any questions or comments, please leave a comment on this post, or let us know in the Amazon SES forum.

Announcing Dedicated IP Pools

The Amazon SES team is pleased to announce that you can now create groups of dedicated IP addresses, called dedicated IP pools, for your email sending activities.

Prior to the availability of this feature, if you leased several dedicated IP addresses to use with Amazon SES, there was no way to specify which dedicated IP address to use for a specific email. Dedicated IP pools solve this problem by allowing you to send emails from specific IP addresses.

This post includes information and procedures related to dedicated IP pools.

What are dedicated IP pools?

In order to understand dedicated IP pools, you should first be familiar with the concept of dedicated IP addresses. Customers who send large volumes of email will typically lease one or more dedicated IP addresses to use when sending mail from Amazon SES. To learn more, see our blog post about dedicated IP addresses.

If you lease several dedicated IP addresses for use with Amazon SES, you can organize these addresses into groups, called pools. You can then associate each pool with a configuration set. When you send an email that specifies a configuration set, that email will be sent from the IP addresses in the associated pool.

When should I use dedicated IP pools?

Dedicated IP pools are especially useful for customers who send several different types of email using Amazon SES. For example, if you use Amazon SES to send both marketing emails and transactional emails, you can create a pool for marketing emails and another for transactional emails.

By using dedicated IP pools, you can isolate the sender reputations for each of these types of communications. Using dedicated IP pools gives you complete control over the sender reputations of the dedicated IP addresses you lease from Amazon SES.

How do I create and use dedicated IP pools?

There are two basic steps for creating and using dedicated IP pools. First, create a dedicated IP pool in the Amazon SES console and associate it with a configuration set. Next, when you send email, be sure to specify the configuration set associated with the IP pool you want to use.

For step-by-step procedures, see Creating Dedicated IP Pools in the Amazon SES Developer Guide.

Will my email sending process change?

If you do not use dedicated IP addresses with Amazon SES, then your email sending process will not change.

If you use dedicated IP pools, your email sending process may change slightly. In most cases, you will need to specify a configuration set in the emails you send. To learn more about using configuration sets, see Specifying a Configuration Set When You Send Email in the Amazon SES Developer Guide.

Any dedicated IP addresses that you lease that are not part of a dedicated IP pool will automatically be added to a default pool. If you send email without specifying a configuration set that is associated with a pool, then that email will be sent from one of the addresses in the default pool.

Dedicated IP pools are now available in the following AWS Regions: us-west-2 (Oregon), us-east-1 (Virginia), and eu-west-1 (Ireland).

We hope you enjoy this feature. If you have any questions or comments, please leave a comment on this post, or let us know in the Amazon SES Forum.

Open and Click Tracking Have Arrived

We’re pleased to announce the addition of open and click tracking metrics to Amazon SES. These metrics will help you measure the effectiveness of the email campaigns you send using Amazon SES.

We’re also adding the ability to publish email sending metrics to Amazon Simple Notification Service (Amazon SNS) using event publishing. This feature gives you greater control over the sending notifications you receive through Amazon SNS.

What’s new in this release?

When you send an email using Amazon SES, we now collect metrics related to opens and clicks. Opens, in this sense, refers to the number of users who successfully received your email and opened it in their email clients; clicks refers to the number of users who received an email and clicked one or more links in it.

Additionally, you can now use event publishing to push email sending notifications—including open and click notifications—using Amazon SNS. Previously, you could send account-level notifications through Amazon SNS. These notifications were pretty limited: you could only receive notifications about bounces, complaints, and deliveries, and you would receive notifications about all of these events across your entire Amazon SES account. Now you can use event publishing to send notifications about deliveries, opens, clicks, bounces, and complaints. Furthermore, you can set up event publishing so that you only receive notifications about emails sent using the configuration sets you specify in those emails.

Why should I use open and click tracking?

Whether you are sending marketing emails, transactional emails, or notifications, you need to know how effective your communications are. The email sending metrics feature of Amazon SES gives you data about entire email response funnel—the total number of emails that were sent, bounced, viewed, and clicked. You can then transform those insights into action.

For example, the open and click tracking feature can help you identify the customers who are most interested in receiving the messages you send. By narrowing down your list of recipients and focusing on your most engaged customers, you can save money (by sending fewer messages), improve the response rates of your marketing campaigns (by targeting only the customers who are most interested in what you have to say), and protect your sender reputation (by reducing the number of bounces and complaints against your sending domain).

How do I enable open and click tracking?

If you’ve set up Sending Metrics in the past, then you can easily add open and click tracking to your existing configuration sets. On the Configuration Sets page, choose the configuration set that contains your sending event destination; edit the event destination, check the boxes for Open and Click (as shown in the image below), and then choose Save.

How does open and click tracking work?

Amazon SES makes very minor changes to your emails in order to make open and click tracking work. At the bottom of each message, we insert a 1 pixel by 1 pixel transparent GIF image. Each email includes a unique link to this image file; when the image is opened, we can tell exactly which message was opened and by whom.

To track clicks, we set up a redirect for each link in the message. When a recipient clicks a link, they are sent to an Amazon SES server, and are immediately forwarded to the destination address. As with open tracking, each of these redirect links is unique, allowing us to easily determine which recipient clicked the link, when they clicked it, and the email from which they arrived at the link.

Can I disable click tracking?

You can disable click tracking by adding a special tag to the anchor tags in your HTML. For example, if you were linking to the AWS home page, a normal anchor link would look something like this:

<a href="">Amazon Web Services</a>

To disable click tracking for that same link, you would modify to look like this:

<a ses:no-track href="">Amazon Web Services</a>

Because the ses:no-track attribute is non-standard HTML, we automatically remove it from the version of the email that arrives in your recipients’ inboxes.

How do I use event publishing with Amazon SNS?

If you’ve set up event destinations in the past, then the process of setting up an Amazon SNS event destination will be very familiar. You can add an Amazon SNS destination to an existing configuration set, or create a new configuration set that uses Amazon SNS as its event destination. To learn more, see “Set Up an Amazon SNS Event Destination for Amazon SES Event Publishing” in our Developer Guide.

We’re excited about this release. Let us know what you think of these new features in the SES Forum, or in the comments for this post.

Guest post: How EmailOctopus built an email marketing platform using Amazon SES

The following guest post was written by Tom Evans, COO of EmailOctopus.

Our product, EmailOctopus, grew from a personal need. We were working on another business venture, and as our email subscriber base grew, the costs of using the larger email service providers became prohibitively expensive for an early-stage startup.

At this point we were already using Amazon SES to send sign up confirmations to our users. We loved Amazon SES’ low pricing and high deliverability, but being a transactional email service, we missed some tracking features offered by our marketing provider. We decided to develop a simple interface to make it easier for us to build and track the performance of marketing emails on top of the Amazon SES platform.

After sharing our accomplishments with other founders, and with no other SaaS solutions on the market that met the same need, we began to turn our basic script into a polished email marketing application. We named our application EmailOctopus. Over 4 years later, and with over 1.5 billion emails delivered through Amazon SES, our mission remains the same: to make contacting your customers as easy and inexpensive as possible.

EmailOctopus is now a fully fledged platform, with thousands of users sending marketing campaigns every day. Our platform integrates directly with our customers’ AWS accounts and provides them with an easy-to-use front end on top of the SES platform. EmailOctopus users can upload or register subscribers who have opted into their correspondence (through an import or one of our many integrations), then send a one-off campaign or an automated marketing series, all while closely tracking the performance of those emails and allowing the recipients to opt-out.

Scaling EmailOctopus to handle millions of emails per day

Building an email marketing platform from scratch has presented a number of challenges, both technical and operational. EmailOctopus has quickly grown from a side project to a mature business that has sent over 1.5 billion emails through Amazon SES.

One of the biggest challenges of our growth has been dealing with a rapidly expanding database. Email marketing generates a huge amount of data. We log every view, bounce, click, spam report, open and unsubscribe for every email sent through our platform. A single campaign can easily generate over 1 million of these events.

Our event processing system sits on a number of microservices spread over EC2 and Lambda, which allows us to selectively scale our services based on demand. Figure 1, below, demonstrates just how irregular this demand is. We save over $500 a month using an on-demand serverless model.

Figure 1. Number of events processed over time.

This model helps us manage our costs and ensures we only pay for the computing power we need.  We rely heavily on CloudFormation scripts to edit that infrastructure; these scripts allow every change to be version-controlled and propagated across all of our environments. In preparing for this blog post, we took a look at how that template had changed over the years—we’d forgotten just how much it had evolved. As our user base grew from 1 customer to 10,000, a single EC2 instance writing to a MySQL database just didn’t cut it. We now rely on a large portion of the AWS suite to reliably consume our event data, as illustrated in Figure 2, below.

Figure 2. Our current event processing infrastructure.

Operationally, our business has needed to make changes to scale too. Processes that worked fine with a handful of clients do not work so well with 10,000 users. We pride ourselves on providing our customers with a superior and personal service; to maintain that commitment, we dedicate 10% of our development time to improving our internal tools. One of these projects resulted in a dashboard which quickly provides us with detailed information on each user and their journey through the platform. The days of asking our support team to assemble database queries are long gone!

What makes EmailOctopus + SES different from the competition?

Amazon SES uses proprietary content filtering technologies and monitors the status of its services rigorously. This means that you’re likely to see increased deliverability on your communication, while saving up to 10x on your current email marketing costs. EmailOctopus pricing plans range from $0 to $109 per month (depending on the number of recipients you need to store), and the cost of sending email through Amazon SES is also very low: you pay nothing for the first 62,000 emails you send through Amazon SES each month, and $0.10 per 1,000 emails after that. Need to send a million emails in a month? You can do it for less than $100 with EmailOctopus + Amazon SES.

Our easy-to-use interface and integrations make it easy to add new subscribers, and our email templates help you create trackable, beautiful, responsive emails. We even offer trigger-based automated email delivery—perfect for onboarding new customers.

I’m ready to get started!

Great! We’ve made it easy to start using EmailOctopus with Amazon SES. First, if you don’t already have one, create an Amazon Web Services account. Once you’ve done that, head over to our website and create an EmailOctopus account. From there, we’ll walk you through the quick and easy process of linking the two services together.

If you’ve never used Amazon SES before, you will also need to provide some information about the types of communication you plan to send. This important step in the process ensures that all new Amazon SES users are reputable, and that they will not have a negative impact on other users who send email through Amazon SES. Once you’ve finished that step, you’ll be ready to start sending emails using EmailOctopus and Amazon SES.

To learn more about what EmailOctopus can do for your business, visit our website at


Creating a Daily Dashboard to Track Bounces and Complaints

(Edited July 11, 2017)—We added a link to a CloudFormation stack in the “Building a Daily Dashboard” section. You can use the CloudFormation stack to create the daily dashboard in a few simple steps.

Bounce and complaint rates can have a negative impact on your sender reputation, and a bad sender reputation makes it less likely that the emails you send will reach your recipients’ inboxes. Further, if your bounce or complaint rate is too high, we may have to suspend your Amazon SES account to protect other users. For these reasons, it is very important that you have a process in place to remove email addresses that have bounced or complained from your recipient list.

This article includes background information about bounces and complaints. It also discusses a sample solution that you can use to keep track of the bounce and complaint notifications that you receive.

What is a Bounce?

A bounce occurs when a message cannot be delivered to the intended recipient. There are two types of bounces:

  • A hard bounce occurs when a persistent issue prevents the message from being delivered. Hard bounces can occur when the recipient’s email address does not exist or the receiving domain does not exist. When an email hard bounces, it means that the recipient did not receive the message, and Amazon SES will no longer attempt to deliver the message.
  • A soft bounce occurs when a temporary issue prevents a message from being delivered. Soft bounces can occur when the recipient’s mailbox is full, when the connection to the receiving email server times out, or when there are too many simultaneous connections to the receiving mail server. When an email soft bounces, Amazon will attempt to redeliver it. If the issue persists, Amazon SES will stop trying to deliver the message, and the soft bounce will be converted to a hard bounce.

To learn more about bounces, see the Amazon SES Bounce FAQ in the Amazon SES Developer Guide.

What is a Complaint?

When an email recipient clicks the Mark as Spam (or similar) button in his or her email client, the ISP records the event as a complaint. If the emails that you send generate too many of these complaint events, the ISP may conclude that you’re sending spam. Many ISPs provide feedback loops, in which the ISP provides you with information about the message that generated the complaint event.

For more information about complaints, see the Amazon SES Complaint FAQ in the Amazon SES Developer Guide.

Building a Daily Dashboard

We recently added a section to the Amazon SES Developer Guide that documents the process of creating a daily bounce and complaint tracking dashboard. You can find the procedures for creating this daily dashboard at

Alternatively, you can download our CloudFormation stack to implement this solution with just a few clicks. To learn more about deploying CloudFormation stacks, see “Get Started” in the AWS CloudFormation User Guide.

This solution uses several AWS components—including Simple Notification Service (SNS), Simple Queue Service (SQS), Identity and Access Management (IAM), Simple Storage Service (S3), Lambda, and CloudWatch—to create a dashboard that is emailed to you every day. The daily dashboard, illustrated in the following image, contains a list of the messages that generated bounces and complaints over the past 24 hours.

This solution uses SNS to track bounce and complaint notifications. Those notifications are then collected in an SQS queue. A CloudWatch trigger initiates a Lambda function, which collects the notification events from SQS, processes them, publishes a dashboard to an S3 bucket, and sends you an email when the dashboard is ready to view. The following image illustrates the architecture of this solution.

When you receive the daily dashboard, you should use it to remove the addresses that hard bounced or complained from your recipient list. This measure will help protect your deliverability and inbox placement rates.

This solution is just one method of tracking the bounces and complaints that you receive when sending email using Amazon SES. We hope you find this sample solution useful. If you have any questions about this solution, please leave a comment below, or start a discussion in the Amazon SES forum.

Amazon SES Can Now Automatically Warm Up Your Dedicated IP Addresses

The SES team is pleased to announce that, starting today, Amazon SES can automatically warm up your new dedicated IP addresses. Before the automatic warm-up feature was available, Amazon SES customers who leased dedicated IPs implemented their own warm-up mechanisms. Customers gradually increased email sending through a new dedicated IP before using the dedicated IP to its full capacity. This blog post explains how Amazon SES warms up your dedicated IPs, and how to enable the warm-up feature.

Why do I have to warm up my dedicated IPs?

You must warm up your dedicated IPs before you send a high volume of emails. Many receiving ISPs do not accept emails from an IP that suddenly sends a large volume of email. ISPs perceive this behavior as an indicator of abuse and a possible source of spam. To avoid emails getting dropped or having your sending severely throttled, warm up your IPs by gradually increasing the volume of emails you send through a new IP address. You can find more guidance about the warm up process in the developer guide.

How does Amazon SES warm up my dedicated IPs?

After you enable automatic warm-up, Amazon SES limits the maximum number of emails that you send daily through your new dedicated IP addresses according to a predefined warm-up plan. This automated warm-up process takes up to 45 days. The process ensures that traffic through the newly leased dedicated IP address is gradually increased to establish a positive reputation with receiving ISPs. The maximum daily amount of mail increases from the first day until a maximum of 50,000 emails can be sent from an IP.

When do I have to enable the automatic warm-up?

By default, automatic warm-up is enabled for your account. All newly leased dedicated IP addresses are placed in the automatic warm-up plan. You can disable the automatic warm-up from the Dedicated IPs page in the Amazon SES console. If you are already using dedicated IPs to send emails, go to the Amazon SES console to turn this feature on to take advantage of automatic warm-up.


Note: disabling automatic warm-up stops the warm-up process. All of your IP addresses will be considered fully warmed up. Re-enabling automatic warm-up does not start the warm-up for the dedicated IPs already allocated to your Amazon SES account.

What happens with the emails sent beyond the daily maximum limit from the warm-up plan?

If you enabled automatic warm-up and you are leasing dedicated IPs for the first time, then all emails that you send beyond the pre-planned daily warm-up plan are sent through shared IPs instead. This means that during the warm-up period, Amazon SES uses your dedicated and shared IPs from the Amazon SES IP pools to send your emails. After the warm-up is complete, Amazon SES sends emails only through your dedicated IPs, and the maximum number of emails you can send is limited by your daily email sending quota. For more information, see Managing Your Amazon SES Sending Limits in the Amazon SES Developer Guide.

If you are an existing dedicated IP customer requesting additional dedicated IPs, emails beyond the daily maximum limit per dedicated IP in the warm-up plan are sent only through dedicated IPs already allocated to your account.

Does automatic warm-up incur extra cost?

No. See the Amazon SES pricing page for dedicated IP pricing information.

We hope you find this feature useful! If you have any questions or comments, let us know in the SES Forum or in the comment section of the blog.

Amazon SES Now Offers Dedicated IP Addresses

Edited September, 2017: Since this article was published, we have made several changes that impact the dedicated IP address feature:

  • This post states that the only way to use both dedicated IP addresses and shared IP addresses is to create two separate AWS accounts. This statement is no longer true; you can now use dedicated IP pools to create pools of dedicated IP addresses, as well as pools that use shared IP addresses, all from a single account. See Managing Dedicated IP Pools in the Amazon SES Developer Guide for more information.
  • This post also states that you must send an average of 175,000 or more emails per day in order to use dedicated IP addresses. We no longer enforce this minimum volume requirement; instead, we consider your use case and sending practices when deciding whether or not to grant a request for dedicated IP addresses. See Requesting Dedicated IP Addresses for more information.

Edited March, 2017: You can now warm up your leased dedicated IPs with the Amazon SES automatic warm-up feature. See this blog post for details.

The SES team is pleased to announce that, starting today, you can lease IP addresses dedicated exclusively to your email sending. Prior to the availability of dedicated IPs, all Amazon SES customers sent their email through IP addresses shared by other Amazon SES customers. Although shared IPs remain the best fit for many of our customers, dedicated IPs offer several benefits that might be a great fit for your use case. This blog post explains the use cases that benefit from dedicated IPs, how to request them, and the considerations you need to take when you use them.

Why should I use dedicated IPs?

You might choose to lease dedicated IPs so that you can fully control the email coming from your IPs. Because you know exactly what mail is being sent from those IP addresses, it can make troubleshooting deliverability issues simpler.

Also, most email certification programs require you to have dedicated IPs because they demonstrate your commitment to managing your email reputation.

You might also choose dedicated IPs if you send multiple types of mail, such as marketing and transactional mail, and you want to isolate the reputation of your mail streams to improve your visibility and control over your email deliverability.

Dedicated IPs also address whitelisting and security requirements, because they are an unchanging set of IP addresses. For example, you might use SES to send yourself operational notifications such as alarms. Knowing that all mail originating from your dedicated IPs is safe, you can whitelist the dedicated IPs with your incoming mail servers to ensure that they always accept mail from those IP addresses.

Am I a good candidate for dedicated IPs?

To be a good candidate for dedicated IPs, we typically recommend a sustained and consistent sending pattern and a minimum daily sending volume of 175,000 emails per day (on average). However, if you need dedicated IPs for whitelisting or security purposes and your sending does not meet the minimum volume requirement, feel free to apply anyway, and we will evaluate your request.

SES provides extensive documentation on email-sending best practices as well as guidelines regarding IP-blocking events, but with dedicated IPs the onus is on you to ensure that you send high-quality email that your recipients expect, want, and engage with. Even though you control the email coming from your dedicated IP addresses, SES will continue to monitor SES’s entire IP space to ensure a high deliverability bar for all SES customers.

To learn more about the requirements and whether dedicated IPs are right for you, see Trade-offs Between Dedicated IPs and Shared IPs in the developer guide.

How can I request dedicated IPs?

To request dedicated IPs, open an SES Sending Limits Increase case in Support Center. You can also reach the limit increase form from the Amazon SES console. First, however, be sure to read Requesting Dedicated IPs in the developer guide for instructions on how to use an SES Sending Limits Increase case to request dedicated IPs.

How will my sending process change?

If your request for dedicated IPs is granted, you have to warm up your dedicated IPs before you continue to send emails in the usual way. Warming up your dedicated IPs before you start sending large amounts of email is needed because many receiving ISPs will not accept email from IPs that suddenly send a large volume of email. You warm up your IPs by gradually increasing the volume of emails you send through a new IP address. Each IP address needs some time to build a positive reputation. ISPs determine an IP address’s reputation in part based on the quality and the volume of email sent through that IP address. If you’re not sending a lot of email, a dedicated IP can actually hurt your deliverability because receiving servers aren’t seeing enough email to know whether to trust the IP address or not. Also, your traffic might be rejected by ISPs if you don’t warm up your IPs before sending. You can find more guidance about the warm-up process in the developer guide.

Do dedicated IPs incur an extra cost?

Yes. See the Amazon SES pricing page for dedicated IP pricing information.

Why would I choose to continue using the shared IP model instead of moving to dedicated IPs?

With SES, shared IPs are commitment-free, enable you to send with arbitrary email volume, and there is no cost beyond the regular SES email sending price. Shared IPs are also pre-warmed, which means that you can start sending a large volume of emails through them right away. With shared IPs, it is easier to maintain a good reputation with irregular sending spikes and there is no minimum usage required.

Can I use both shared IPs and dedicated IPs for my sending?

Yes. You can do this by using two different AWS accounts. Request dedicated IPs for one account, and leave the other account at its default option, which is the shared IP model. For example, you could send your transactional mail, which has a steadier sending cadence, through dedicated IPs. For large bursts of mail, you could use shared IPs instead. More guidance about sending from multiple AWS accounts can be found here.

We hope you find this feature useful! If you have any questions or comments, let us know in the SES Forum or here in the comment section of the blog.

Introducing Sending Metrics

The SES team is pleased to announce sending metrics. You will now be able to segment your sending statistics and publish them to CloudWatch or Kinesis Firehose. We want to help you improve your deliverability, and this new feature makes it easier to pinpoint problems hidden by aggregate account-level statistics.

Why use sending metrics?

With the launch of sending metrics, SES enables you to better segment your send statistics, so that you can see how specific types of emails perform. You will find it easier to diagnose problems quickly before they threaten the reputation of your whole domain.

For example, you may want to see if a specific email campaign is targeting the right people by tracking the bounce and complaint rates separately from your other campaigns and transactional email. Alternatively, you may manage sending for a larger company and may want to get statistics on the email that each team sends to make sure they all uphold the same standards.

For what types of events can I see metrics?

Five types of events are available through this feature:

  • Send – The API call to SES was successful and SES will attempt to deliver the email.
  • Reject – SES rejected the email after the initial send API call was successful. This typically happens when we detect that the email contains a virus.
  • Delivery – The remote server accepted the email from SES. It is still possible that the remote server will send an asynchronous bounce or that the recipient will complain later on.
  • Bounce – The remote server rejected the email. Note that SES automatically retries when getting a “soft” bounce. Only permanent failures to deliver the email will show up in this statistic.
  • Complaint – The recipient marked the incoming email as spam.

For best practices in dealing with bounces and complaints, please see the Amazon SES Best Practices.

How can I see my sending metrics?

SES supports publishing to Kinesis Firehose and CloudWatch.

CloudWatch is best suited for situations where you want aggregate metrics. SES will publish metrics to your account in CloudWatch. Your metrics will be aggregate event counts segmented based on dimensions you specify in your setup in SES. You can see event counts by type and combination of specified dimensions. For example, if you have a dimension called Campaign, you could tag your emails with a message tag called Campaign and see the sending metrics for each individual campaign separately in CloudWatch.

Firehose enables you to see individual events sent by SES published as records to a stream that will save it to S3, feed it into Kinesis Analytics, make it available in an Elasticsearch Service cluster, or push it to Redshift. The event will include information like the type, message tags, time stamp, and message ID associated with the message.

How do I enable sending metrics?

With the release of this feature, SES will begin publishing basic account-level metrics to CloudWatch on your behalf. In order to start getting more detailed metrics, you must first create a configuration set, which will contain event destinations that specify where to publish the events. You can use either the SES console or APIs.

To get started with sending metrics using the console:

  1. Click on the Configuration Sets link from the navigation pane on the left, and then on the Create Configuration Set button. Name your new configuration set.
  2. After creating the configuration set, click on your new configuration to go to a page where you can add event destinations to define where your events should be published. You can select either CloudWatch or Firehose.
  3. Give your new destination a name and select which event types SES will send to this destination. You can send a particular type of event to multiple destinations if you want.
  4. Configure destination-specific info:
  • For CloudWatch, this means adding the dimensions. The values of the message tags or email headers with names that match your dimensions will be associated with that event. (See the Amazon CloudWatch Concepts documentation for more information about how this will work in CloudWatch.) If the tag or header is not present for a given message, SES will use the default value you specify instead.
  • For Firehose, specify the name of the stream and the role SES will assume to publish the events to your Firehose stream. SES will put a record containing a JSON representation of each event to that stream. You can have SES create a role with permissions to publish to Firehose on your behalf, select an existing role, or create the role yourself. SES will verify that it can assume the specified role and use it to publish to the specified stream before allowing you to save your Firehose destination.

When you are finished with the definition, you can start setting the new optional parameter called ConfigurationSetName on the SendEmail and SendRawEmail APIs or passing in the optional X-SES-CONFIGURATION-SET header when using SendRawEmail and the SMTP endpoint. If both the parameter and header are specified, the configuration set from the parameter will take precedence. Emails sent with a configuration set specified will trigger events, which will be published to the event destinations associated with that configuration set.

How do message tags work?

Like headers, message tags are message-specific key-value pairs, but you specify them as a parameter to the SendEmail/SendRawEmail API call. They will be used as value for a CloudWatch dimension or show up in the record for the event published to Firehose.

For example, you could tag your emails with a tag called Type and use values like Transactional, Marketing, Customer_Support, etc. Then, you could add a Type dimension in your CloudWatch event destination and see metrics broken down by each of those email types.

To help you get started, SES will automatically tag all emails with:

  • configuration set name (ses:configuration-set)
  • caller identity (ses:caller-identity)
  • MAIL FROM domain (ses:from-domain)
  • source IP (ses:source-ip)
  • outgoing IP (ses:outgoing-ip)

Additional SES-provided tags may be available in the future. See our documentation for an up to date list of auto-tags.

These auto-tags will be present when appropriate (for example, the source IP will be available when you use the SMTP interface) and you can use them the same way you would use any custom tags you add.

For example, if you manage an AWS account to send email on behalf of multiple users, you could set up a configuration set with a CloudWatch destination that has a ses:caller-identity dimension. You could then add this configuration set as a parameter to all outgoing email sending calls and get a detailed breakdown by the IAM user that was used to send the email for the various event metrics. Alternatively, if you use multiple domains to send emails, you could use the ses:from-domain tag instead to get sending statistics by domain.

How do these events look at the various event destinations?

In CloudWatch, you will find new choices inside the SES namespace based on your event destinations as well as a new Account Metrics option. The Account Metrics option contains basic, account-wide metrics equivalent to the ones currently available in the Sending Statistics section of the SES Console or the GetSendStatistics API. If you choose one of the options based on your configuration sets, you will see a metric per unique combination of tag values, which you can graph or set alarms on.

With Firehose, you can configure your stream to put events to various services.

You can consume the events directly from S3. If you choose this option, you should see files containing one JSON object per line representing an individual event. The file contains an aggregation of events based on a time interval which you can configure in the stream setup. The format looks like:


Alternatively, you can have Redshift load the data from your S3 bucket. You can specify a schema that will convert the JSON objects into rows in a relational database that you can query using SQL. For more information on how to set this up, see our Redshift event publishing tutorial.

You can also feed the data into Amazon Elasticsearch Service, which is a managed service that makes it easy to create a domain and deploy, operate, and scale Elasticsearch clusters in the AWS Cloud. Elasticsearch is a popular open-source search and analytics engine. To learn more, see the Amazon Elasticsearch Service documentation.

One example of a tool built on top of Elasticsearch is Kibana, which you can use to visualize data. Here’s a simple example:


For more details on how to set up Elasticsearch and Kibana, see our tutorial.

This is not an exhaustive list, and there may be additional options for consuming and analyzing data pushed through Firehose.

How much will this cost me?

Although you can now access basic account-level email sending statistics in CloudWatch for free, normal CloudWatch prices apply for any metrics you collect using configuration sets. You may also incur additional costs by using other AWS services. For example, if you use a Firehose stream to push event data to an S3 bucket, standard S3 charges will apply. SES itself will not charge for this feature beyond current SES pricing.

What if I don’t specify a configuration set on my outgoing emails?

You can still get the usual metrics from the GetSendStatistics API and CloudWatch at the account level, but none of the new, more granular metrics will be available. SES will ignore any tags on an email with no configuration set specified.

We hope that you enjoy this feature! As always, please leave any comments and questions you may have in the SES Forum or here in the comments section of the blog.

Do Your Recipients Know Who You Are?

When you send an email for your organization, you want your recipients to read it. For that to happen, your email needs to be delivered, and your recipients need to identify the mail as valuable and worth reading. Of course, you need to provide valuable content in the email itself, but there is more to it: If the email is not clearly branded and identifiable as being from the entity that the recipient signed up to get email from, recipients are likely to ignore your mail, or, worse, hit the “this is spam” button.

As such, SES requires that you clearly align the emails you send with your organization by following the best practices outlined in this blog post.

Before we begin…

First make sure that you are only sending mail to people who signed up to receive email from you directly, not addresses you acquired in any other way. For example, do not send mail to bought or rented lists, addresses collected by your partners, or recipients who signed up with another brand that you own. See the Amazon SES Developer Guide for guidelines on how to obtain and maintain your recipient list.

Clearly aligning your emails with your organization

If you are sending an email to people who signed up to receive mail from, then the following should always be true: 

  1. The "From" address of the email should be The "From" address is the address from which you send the emails. This is the email address or domain you verified with SES.
  2. The "Friendly From" name should clearly be associated with The "Friendly From" name is the name that displays as the sender of the email in the recipient’s email inbox.
  3. The email itself should clearly be branded as a message from Small text in a footer is not sufficient. A good example of branding is to prominently display the logo of in the email.
  4. The email should include a reminder of why the user is getting the message. For instance, you could include a sentence such as "You signed up to get mail from on March 24, 2015."

Example 1: Promotional mail for partners

One example we have seen a lot is that users sign up with a site that promotes deals of some sort, with the expectation that the site will send them mail about deals, special promotions, etc. However, the mail they actually receive is branded as the product with the deal (the partner’s brand) rather than the brand of the site they signed up with. As far as users can tell, they’re getting messages from the partner company – a company they did not sign up with – marketing a variety of products and services. 

There is no easy way for users to see that these messages are actually coming from the deal site that they signed up with. Perhaps this information is visible if they look closely at the small print in the footer of the email, but generally speaking, this isn’t good enough. In these cases, users can easily end up getting annoyed by this mail and hitting the spam button. They may have signed up with the deal site, but they did not sign up with the individual companies that they appear to be getting mail from.

The solution is simple. Make sure the promotions are sent from the deal site. Make sure the mail itself is branded prominently with the deal site’s logo. Include an introductory statement like, “Here is today’s deal from the deal site.” Underneath that, include the promotion for the third party. Then it is absolutely clear to the recipient that the message from the third party is a service of the deal site that the recipient actually signed up with.

Example 2: Election mail

Here is a similar example in another sphere:  It is election season, and someone signs up with a political party to get mail from that party. The party wants to promote candidates that are running for a variety of offices. The party sends mail that looks like it is from Candidate X to people who live in the right geographic area to vote for Candidate X. Candidate X is from the party that these people signed up to get email from, so this is no problem, right? Wrong. If people signed up with the political party, it is okay to send mail from the party, but unless they specifically signed up to get mail from Candidate X, it is not okay for Candidate X to send them mail.

The solution is the same as for the deal site: The party can send the mail, but the mail has to clearly be from the party itself. The party can indicate this with the "From" domain, the "Friendly From" name, and the branding in the mail. The party should also begin with a quick message that says “We thought you would be interested in this message from Candidate X…” Once again, things are aligned: Users only get email from the organization they signed up with, and this is absolutely clear just by glancing at the email they receive.

This is about best practices, not the law

In both of the cases above, there may well be language at the original site indicating that by signing up with the site, recipients are giving permission for partners, affiliates, or third parties to email them. By including this sort of language, this kind of sending may well be legal, and the recipient may have technically given permission for it.

However, this kind of sending is still problematic and may cause us to revoke your ability to send mail with SES. Unless a user explicitly and directly signed up with the organization that, on casual inspection, appears to be sending them mail, there is a high likelihood that the message will be identified as spam either explicitly by the user or by automated algorithms that track engagement. To protect our ability to deliver high quality mail for all senders, SES requires that senders on our platform make it obvious to the recipient that messages are from an organization the recipient signed up with. If this is not obvious, then we consider the message to be unsolicited.


The important thing here is alignment. If a user signs up with a particular organization, then that organization — and only that organization — should send the user email: no partners, no other brands, no affiliates, no third parties. To avoid confusion, the mail itself has to make its connection to the organization the recipient signed up with absolutely clear. Obscuring that connection can confuse users and make your mail look unsolicited, even if the user did in fact sign up for your mail. Mail without a clear connection to the original organization the recipient signed up with is not allowed on SES.

Keep your sign-ups, "From" addresses, and the branding of your messages aligned, and you should be in good shape!