Whether you're taking your first steps with Kubernetes or you're an experienced practitioner looking to sharpen your skills, our Amazon EKS workshop series delivers practical, real-world experience that moves you forward. Learn directly from AWS solutions architects and EKS specialists through hands-on sessions designed to build your confidence with Kubernetes. Register now and start building with Amazon EKS!
How do I add and verify a domain I want to use with Amazon WorkMail?
I want to add my organization's email domain to Amazon WorkMail.
Resolution
Add your domain to Amazon WorkMail
Complete the following steps:
- Open the Amazon WorkMail console.
- Choose the organization you want to add a domain to.
- In the navigation pane, choose Domains, and then choose Add domain.
- In the Domain name field, enter your fully qualified domain name (FQDN), and then choose Add domain.
For more information, see Adding a domain.
Update the DNS records in Route 53
When the following conditions are true, Amazon WorkMail can automatically configure your domain DNS records:
- You use an Amazon Route 53 domain in the same AWS account where you have your Amazon WorkMail organization.
- You registered the domain.
To configure your DNS records, choose Update all in Route 53 on the page that appears after you add your domain to Amazon WorkMail.
For information about how to add DNS records to Route 53, see Routing traffic to Amazon WorkMail.
Update the DNS records in other DNS providers
The steps to publish DNS records for your domain or add DNS records to your domain's DNS server depend on the DNS provider that you use.
To update the DNS records, note the DNS record names and values from the Amazon WorkMail console and create the DNS records in your DNS provider.
See the following documentation for commonly used DNS providers:
- For GoDaddy, see Add a Canonical Name Record (CNAME) record, Add a TXT record, and Add an MX record on the GoDaddy website.
- For DreamHost, see Adding custom DNS records on the DreamHost website.
- For Cloudflare, see Manage DNS records on the Cloudflare website
- For HostGator, see Manage DNS records with HostGator on the HostGator website.
- For Namecheap, see How do I add TXT/SPF/DKIM/DMARC records for my domain? on the Namecheap website.
- For names.co.uk, see Changing your domain's DNS settings on the names.co.uk website.
- For Wix, see Adding or updating MX records in your Wix account, Adding or updating CNAME records in your Wix account, and Adding or updating TXT Records in your Wix account on the Wix website:
Verify the domain ownership
Before you can use your domain, Amazon WorkMail must verify the domain ownership.
Complete the following steps:
- Open the Amazon WorkMail console.
- Note the TXT record name, for example _amazonses, and the value, for example Examplet1m66d11EGfsukCL7w520AaExample+TESTo=.
- Create a TXT DNS record with the name and value.
Create MX and CNAME records
Create the DNS MX record so that Amazon WorkMail can start to receive email messages from your email domain. Add the CNAME record for the client configuration.
Complete the following steps:
- Open the Amazon WorkMail console.
- Note the MX record value, for example 10 inbound-smtp.us-east-1.amazonaws.com.
- Create an MX DNS record with the MX record value.
Note: The MX record must point to the root domain that typically starts with @ or is empty depending on your DNS provider. - Note the name of the CNAME record, for example autodiscover, and the record value, for example autodiscover-service.mail.us-east-1.awsapps.com.
- Create a CNAME DNS record with the name and record value.
Improve WorkMail security
To improve your Amazon WorkMail security, configure DomainKeys Identified Mail (DKIM), Domain-based Message Authentication (DMARC), and Sender Policy Framework (SPF) records. For the SPF record, make sure to include all servers that use your domain to send emails.
Complete the following steps:
- Open the Amazon WorkMail console.
- Note the first CNAME record name, for example ex4mpl3ac7ki6clelsdbiiudpavjpsk3._domainkey, and the value, for example ex4mpl3ac7ki6clelsdbiiudpavjpsk3.dkim.amazonses.com.
- Create a CNAME DNS record with the name and value.
- Repeat the preceding steps for the DKIM and DMARC records.
- Note the TXT record value, for example v=spf1 include:amazonses.com ~all.
- Create a TXT DNS record with the TXT record value.
Note: The TXT record must point to the root domain that typically starts with @ or is empty depending on your DNS provider.
Configure the MAIL FROM domain
By default, Amazon WorkMail uses the subdomain amazonses.com as the MAIL FROM domain for all outgoing email messages. If you didn't set DKIM for your domain, then your delivery might fail. To resolve this issue, configure a custom MAIL FROM domain.
Verify that the records published
To verify that the Amazon WorkMail TXT and MX records published to your DNS server, see Verifying TXT records and MX records with your DNS service.
Note: It might take up to 72 hours for DNS records to propagate to your domain host provider.
- Topics
- Business Applications
- Tags
- Amazon WorkMail
- Language
- English
Relevant content
- asked 2 years ago
- asked 3 years ago
- asked 10 months ago
- asked 3 years ago
- AWS OFFICIALUpdated a month ago
