Receiving Email using SES, S3 and Route53

When you use ACM with API Gateway, you need to receive an email from ACM. This article shows how to receive an email from ACM(and everyone) without EC2 mail server.

When you create your own custom domain SSL certificate using ACM, you need to receive email using your own domain. In this situation, I want to recommend to use Amazon SES, S3 and Route 53 architecture. Yes, you don’t need to use that kind of services if you have an existing your own email server. But if you start from scratch, you need to setup EC2. It requires additional costs and preparing time. And if you want to develop server-less architecture, you don’t need all EC2 instances. And SES, S3 and Route53are extremely low cost. So, I want highly recommend to use this.

In this article, let’s create simple and minimal email receiving environment. Steps are following:

  1. Create your own domain zone using Route53
  2. Setup S3 bucket
  3. Connect SES with Route53
  4. Connect SES with S3

Let’s see step by step.

Create Your own Domain Zone using Route53

First of all, you need to create a zone on Route53. If you already created, you can pass this step.

Press Create Hosted Zone button.
Please input your domain name is here

Setup S3 bucket

Secondly, we have to create bucket to store email data. If you want to use an existing S3 bucket to store, you don’t need to create new one.

Press the Create bucket button

Connect SES with Route53

Next, we connect SES and your domain.

Press the Verify New Domain button

And then, you need to register those record on Route53 in the zone of you registered. Just copy and paste.

After you registered your domain on SES, you can see “pending verification” status.

After you register record on Route53, it will be changed to “verified”.

Connect SES with S3

Finally, we create a rule-set to receive email.

In this case, all email to your domain is saved on S3

Set your rule name. And review it and register.

That’s all you have to do.


Once you send email from everywhere, you can see email data in the bucket. When you create SSL Certificate using ACM, you have a step to proof domain using email. That verification email also comes here.

Wrapping up

Today I introduced how to receive email using SES and S3(and Route53). You can use it to receive ACM certification email. In addition, if you make an combination with Lambda, you can do anything every email which is received. If you want to use email more effectively and easy, you can use Amazon WorkMail. It costs more than this architecture, but it’s more simple and light. Let me introduce next time.