About SES DKIM records

There are 3 CNAME records in the SES DKIM settings, why do I need 3 settings? Is it ok to set only one of the three CNAME records to the domain's DNS settings?

Topics

Front-End Web & Mobile Business Applications

Tags

Amazon Simple Email Service

Language

English

AWS-User-5263734

asked 2 years ago1042 views

1 Answer

Newest
Most votes
Most comments

SES requires 3 CNAME records for DKIM. When sending email only one of the DKIM keys are active and used for sending messages SES will rotate the key in use for you

https://docs.aws.amazon.com/ses/latest/dg/send-email-authentication-dkim-easy.html#send-email-authentication-dkim-easy-setup-domain

If you would like to use just one record you can use BYODKIM and create just one record https://docs.aws.amazon.com/ses/latest/dg/send-email-authentication-dkim-bring-your-own.html

SUPPORT ENGINEER

Richard W

answered 2 years ago

Relevant content

2 of 3 Easy DKIM SES TXT records where p tag has no value. "p="
Accepted Answer
Nicolas
asked 9 months ago
DKIM: CNAME records not advertising
Jtech
asked 9 months ago
SES DKIM CNAME Record in Route53 Hosted Zone won't Propagate - others will
OJLMS
asked a day ago
Correctly enter the CNAME records provided during domain verification
moreno
asked 3 months ago
Why can’t I create a CNAME record in Route 53?
AWS OFFICIALUpdated a year ago
How do I turn on DKIM for Amazon SES?
AWS OFFICIALUpdated 6 months ago
Why is the CNAME record not resolving for my ACM issued certificate and the DNS validation status is still pending validation?
AWS OFFICIALUpdated a year ago
Why is my DKIM domain failing to verify on Amazon SES?
AWS OFFICIALUpdated 2 years ago
Why doesn't S3 respect the TLS settings in my IAM policy?
EXPERT
Brettski-AWS
published 2 years ago
Workaround for CNAME to external web sites at the zone apex
EXPERT
slope roll
published 2 months ago