Best practice rules for Amazon Simple Email Service
AWS Simple Email Service (SES) is an extremely cost-effective, reliable, and scalable email service. SES allows you to send any type of high-quality content to your customers. You can also use SES to receive messages and deliver them to your S3 bucket, or to send notifications to SNS.
- DKIM Enabled
Ensure DKIM signing is enabled in AWS SES to protect email senders and receivers against phishing.
- Exposed SES Identities
Ensure that your AWS SES identities (domains and/or email addresses) are not exposed to everyone.
- Identify Cross-Account Access
Ensure that AWS SES identities (domains and/or email addresses) do not allow unknown cross-account access via authorization policies.
- Identity Verification Status
Ensure AWS SES identities (email addresses and/or domains) are verified.