Hello,
I believe I've found a bug in the user interface of the domain identity verification feature of the AWS SES email relay service.
I was able to verify my domain correctly, but I had trouble configuring the custom MAIL FROM feature the first time. When setting up this feature, the user interface gives you two DNS records to add; one MX record for the bounce mail server and one TXT record with SPF policy.
The bug is in the MX record (both the displayed value and the value in the downloadable CSV file).
In my case, the suggested value for this MX record is:
10 feedback-smtp.us-east-1.amazonses.com
Note that there is no final '.' after the '.com' portion of the domain name. Without a trailing dot, most (all?) DNS servers will append the domain of the zone containing the record to the result (eg, my local domain gets append to the amazonses.com domain).
The feature remained in the 'pending' state until I fixed this DNS record.
Let me know if I can provide more info.