When sending emails from Amazon SES, gmail shows "sent via amazonses.com". How do I remove this?

According to Google,

I'm a sender and I don't want my recipients to see the "via" link. What can I do? Gmail checks whether emails are correctly authenticated. If your messages are sent by a bulk mailing vendor or by third-party affiliates, please publish an SPF record2 that includes the IPs of the vendor or affiliates which send your messages and sign your messages with a DKIM3 signature that is associated with your domain.

I have added both SPF and DKIM records. When looking at the original email, it shows both passed.

Received-SPF: pass
Authentication-Results: mx.google.com; spf=pass ...; dkim=pass ...

Any ideas?

  • 1,555
  • 7
  • 23
  • 42
  • the addition of DKIM should remove the 'via' link. Does the SES console https://console.aws.amazon.com/ses/home#verified-senders:domain show the verified domain as having verified DKIM settings? – Paul D'Ambra Jan 03 '13 at 16:38
  • Thanks @PaulD'Ambra. The console shows verified and active. The authentication tests even show dkim=pass. Still can't remove it for the life of me. Any other ideas? – csi Jan 03 '13 at 16:45
  • Coincidentally I've a domain that should have verified DKIM by Monday in SES. Let's see if via disappears for that and then... – Paul D'Ambra Jan 04 '13 at 19:04

3 Answers3


Once DKIM was setup (for help, see this guide) and verified successfully on my domain I still had to enable it in the AWS console at SES -> Domains -> DKIM

dkim enabled

Once that was done mails to Gmail no longer show up with the via bounces address.

dkim sending result

You can see it still shows as mailed by: amazonses.com when you view details of the sender but that's OK since it's true.

Importantly, it shows as signed by our domain.

Hope that it's as simple as enabling DKIM for you.

Jeff Ward
  • 173
  • 1
  • 8
Paul D'Ambra
  • 1,082
  • 1
  • 13
  • 22
  • I think the DNS just hadn't fully updated. While it was enabled, it still showed "via". It now just shows "mailed-by". So for the future, perhaps waiting 72 hours is also a good consideration. – csi Jan 08 '13 at 23:14
  • 1
    Brilliant thanks. I had to go to the DKIM settings even though it said verified and enable it just as you said. – Shawn Vader Jul 21 '14 at 09:18

Along with verifying the domain and enabling DKIM on the domain, I also had to enable DKIM on the verified email address I was sending from.

Paul Brick
  • 241
  • 2
  • 2

If your 'from' description contains certain special characters it can fail even with everything set up correctly.

eg. having a registered trademark in my 'from' screwed everything up

var toAddress = new System.Net.Mail.MailAddress("support@example.com",
                                                "Example.com® Customer Support");

This gave me headers of :

 Authentication-Results: mx.google.com;
      dkim=fail header.i=@example.com;
      dkim=fail header.i=@amazonses.com;

I'm not sure exactly why - but probably related to character encoding or something like that. So I would expect this may fail for accented characters or other special symbols.

(Where example.com is my own domain that I am sending from, and support@example.com is the address enabled for DKIM in Amazon SES)

  • 1,361
  • 2
  • 15
  • 20