Are you a fan of the Gmail email client and unwilling to let go even though your Google Domain accounts have now transitioned to Squarespace?
Do you prefer using Amazon SES for handling WordPress transactional emails?
To configure Amazon SES for transactional emails from your website, while keeping Google Workspace as the primary email client with its MX records, you need to set your DNS settings appropriately. Also, set up CNAME records for Amazon SES and ensure your SPF record includes both Google Workspace and Amazon SES.
Here’s how to do it:
1. MX Records for Google Workspace
- Maintain the MX records pointing to Google.
- This approach ensures Google Workspace handles all incoming emails.
2. CNAME Records for Amazon SES
- Insert the CNAME records provided by Amazon SES into your DNS settings.
- These are crucial for DomainKeys Identified Mail (DKIM) authentication, helping to prevent your emails from being flagged as spam.
- The CNAME records will not disrupt your MX records, keeping your email reception via Google Workspace unaffected.
3. SPF Record for Both Services
- Update your SPF record to include both Google Workspace and Amazon SES.
- This modification notifies email servers that both services are authorized to send emails on behalf of your domain.
- An example of an SPF record might be:
v=spf1 include:_spf.google.com include:amazonses.com ~all - In this record, ‘include:_spf.google.com’ pertains to Google Workspace, and ‘include:amazonses.com’ relates to Amazon SES.
4. Update DNS Settings
- Apply these changes to your domain’s DNS settings.
- The location for these modifications depends on where your domain is hosted (such as your web hosting service or domain registrar).
5. Check and Validate DNS Settings
- After updating your DNS settings, utilize online tools like mxtoolbox.com to confirm that your SPF record is valid and the CNAME records for Amazon SES are correctly configured.
- Note that DNS changes may take up to 48 hours to fully propagate.
6. Configure API and/or SMTP Settings
- Use WP Mail SMTP or another plugin to set up the Amazon SES for WordPress transactional emails.
- You can use the Amazon SES API (access key ID/secret) or a less secure approach through SMTP (host/port/username/password).
- Google/Gmail can also serve as a backup connection with WP Mail SMTP.
7. Use Subdomains (Optional)
- Consider assigning one service, like Google Workspace, to the main domain (e.g., info@example.com), and use the MAIL FROM option when adding a verified identity for Amazon SES to send WordPress transactional emails from a subdomain (e.g., hello@mail.example.com).
8. Forwarding (Optional)
- If numerous specific email addresses do not require separate inboxes, consider setting up email forwarding. For instance, if Google Workspace is primary, you can create specific email addresses in Google Workspace and also establish it as a catch-all email account.
9. Test Email Functionality
- After the DNS changes have taken effect, test both your transactional emails (sent via Amazon SES) and regular email functionality (managed by Google Workspace) to verify correct operation.
10. Monitor Email Deliverability
- Consistently monitor the deliverability of your emails, checking for issues such as emails being marked as spam, to ensure the effectiveness of your setup.
- As for email protection, AWS Shield Standard is automatically included with all AWS services at no additional cost. It provides basic DDoS protection, which can help to safeguard your applications running on AWS, including those hosted on Amazon Lightsail.
- If you want a third-party service, Barracuda has the best email protection and monitoring plans.
By adhering to these steps, you can effectively use Amazon SES for transactional emails while Google Workspace remains your primary email client solution. This strategy enables you to capitalize on the strengths of both services.
Note: If in the end you no longer want to use Google Workspace/Gmail (Squarespace), AWS does have their own business managed email and calendaring service Amazon WorkMail
