Forwarding Incoming Email to Gmail Using SES... Almost there with AWS Blog Directions!

You cannot do what you want to do.

In order to send from SES from a specific domain (say "brettski.net") you must validate that you own brettski.net. You can't do that unless you actually have the ability to update DNS records for brettski.net. In order to forward emails for all source domains you have to prove to SES that you own all of them. Clearly you cannot do that.

The blog post you've referenced does work though - because it forwards the email but now the from address will be whatever verified identity you have in SES. Those emails will show up at the destination but will not appear to come from the original sender.

It sounds like you've made good progress, but there are a few additional steps and checks you can make to ensure emails from any source are forwarded to your Gmail destination:

1. Verify your domain: Ensure that you have fully verified your domain with Amazon SES, not just the individual email address. This involves publishing the required DNS records (CNAME or TXT) to your DNS provider.

2. Check SES sandbox status: Make sure your AWS account has been moved out of the Amazon SES sandbox. While in the sandbox, you can only send emails to verified addresses, which could limit forwarding capabilities.

3. Review your Lambda function: Double-check that the Lambda function is correctly configured to process incoming emails and forward them to your Gmail address. Ensure it has the necessary permissions to access S3 and send emails via SES.

4. Set up proper authentication: Implement email authentication methods like SPF, DKIM, and DMARC. These help receiving email servers (like Gmail) verify that your forwarded emails are legitimate.

5. Use Mail Manager's SMTP Relay: Consider using SES Mail Manager's SMTP Relay functionality. This allows you to integrate your inbound email processing workflows more seamlessly. You can create an SMTP Relay resource within Mail Manager, specifying your Gmail SMTP server details, and then create a rule with the SMTP Relay action.

6. Check rule conditions: In your Mail Manager Rule Set, ensure that the conditions for your forwarding rule are set to capture all incoming emails, not just those from specific senders.

7. Monitor your sending reputation: Keep an eye on your bounce and complaint rates, as high rates can negatively impact your sender reputation and cause emails to be marked as spam or not delivered.

8. Gradual increase in volume: If you're expecting a high volume of emails, gradually increase your sending volume to establish a good reputation with Gmail.

By implementing these measures, you should be able to reliably forward emails from any source to your Gmail destination. If issues persist, you may need to review your entire Mail Manager configuration or contact AWS support for further assistance.
Sources
Getting "Unverified" when sending emails with AWS SES using a verified email with my company domain | AWS re:Post
Mail Manager – Amazon SES introduces new email routing and archiving features | AWS Messaging & Targeting Blog
SES Mail Manager forwarding one email address | AWS re:Post

Another option you might consider if your use case centers around onward delivery is to use Mail Manager, which has built in 'Send to internet' functionality plus the ability to configure and deliver to an SMTP relay.

Thank you for the suggestions. I do feel that the "Forward Incoming Email to an External Destination" blog should be updated. Since this was a smaller project I went ahead and used ImprovMX's free solution. I only needed 2 email accounts for forwarding. Thanks again, everyone. For my future self, this is the URL: https://app.improvmx.com/

...