Setting up cPanel to use AWS SES to send emails
Setup stunnel first
yum install stunnel
Edit /etc/stunnel/stunnel.conf to look like:
[smtp-tls-wrapper]
accept = 2525
client = yes
connect = email-smtp.us-east-1.amazonaws.com:465
delay = yes
sslVersion = TLSv1.3
Setup crontab:
@reboot stunnel /etc/stunnel/stunnel.conf
Manually restart stunnel:
sudo stunnel /etc/stunnel/stunnel.conf
Set up the cPanel Exim Configuration Manager
In WHM, navigate to Home -> Service Configuration -> Exim Configuration Manager -> Advanced Editor (tab). Then add the following to each section. Once done, click save.
Section: AUTH
ses_login:
driver = plaintext
public_name = LOGIN
client_send = : <SMTP-CLIENT-ID-FROM-AWS> : <SMTP-SECRET-ID-FROM-AWS>
Section: PREROUTERS
send_via_ses:
driver = manualroute
domains = ! +local_domains
condition = ${if match_domain{$sender_address_domain}{+local_domains}}
transport = ses_smtp
self = send
route_list = * localhost
Note: the following line is needed to ensure that only local domains use SES. Forwarders on your server will not use SES as that would break the forwarding cycle.
Section: TRANSPORTSTART
ses_smtp:
driver = smtp
port = 2525
hosts_require_auth = localhost
hosts_avoid_tls = localhost
You should now be able to send a test email from an account on cPanel to someone outside and it will go through AWS SES. You can test the how well setup your server is with this service https://www.mail-tester.com/