← Blog

How to Migrate From Amazon SES to Mailer To Go

Guide Migration, Amazon SES, SMTP, Deliverability July 9, 2026 by Mailer To Go Team
A step-by-step guide to migrating transactional email from Amazon SES to Mailer To Go: sending-domain setup, SPF/DKIM/DMARC, swapping SES SMTP/SESv2 credentials, exporting your SES suppression list, and a safe parallel-run cutover with rollback.

Amazon SES is powerful and cheap, but it pushes a lot of undifferentiated work onto you: IAM policies, region choices, configuration sets, sandbox limits, and your own reputation monitoring. Moving your transactional mail to Mailer To Go is a controlled swap of DNS and credentials — the care goes into carrying your suppression list across and cutting over without losing reputation. Here’s the whole migration in order, with real config and a reversible rollout.

Still weighing it up? The Amazon SES alternatives comparison covers the why. This guide is the how.

Before you start: inventory what SES is doing for you

SES spreads configuration across several AWS surfaces. Capture all of it before you touch anything:

Step 1 — Create your Mailer To Go sending domain

Sign up at mailertogo.com and add a sending subdomain — we recommend mtg.yourdomain.com — rather than your root domain. It isolates reputation and, if you delegate it, lets us manage the DNS. See Why Mailer To Go sends from mtg.yourdomain.com.

Step 2 — Authenticate (SPF, DKIM, DMARC)

Publish the SPF and DKIM records from your dashboard, and a DMARC policy at your root. You already did the DKIM dance in SES (it generates CNAMEs per identity), so this is familiar territory — just new values. Keep both SES and Mailer To Go authorized on the domain during the overlap. Full walkthrough with real records and dig verification: Email authentication, end to end.

Step 3 — Swap your credentials

SMTP. The SES giveaway is a host like email-smtp.us-east-1.amazonaws.com and SMTP credentials that are IAM-derived (generated from a user, not your AWS access key). Point the same mailer at Mailer To Go instead:

# Before — Amazon SES
host: email-smtp.us-east-1.amazonaws.com   port: 587
username: <SES SMTP username>   (IAM-derived — not your AWS access key)
password: <SES SMTP password>

# After — Mailer To Go
host: smtp.mailertogo.com   port: 587   (or 465 for SSL)
username: <MAILERTOGO_SMTP_USER>
password: <MAILERTOGO_SMTP_PASSWORD>

In Rails, that’s just new environment values — no code change:

# config/environments/production.rb
config.action_mailer.smtp_settings = {
  address:         ENV["MAILERTOGO_SMTP_HOST"],   # smtp.mailertogo.com
  port:            587,
  user_name:       ENV["MAILERTOGO_SMTP_USER"],
  password:        ENV["MAILERTOGO_SMTP_PASSWORD"],
  authentication:  :plain,
  enable_starttls: true
}

API. If you call the SESv2 API or SDK, you can either point your mailer at Mailer To Go over SMTP (least code) or switch to the Mailer To Go REST API:

# Before — Amazon SES v2 (AWS CLI)
aws sesv2 send-email \
  --from-email-address you@yourdomain.com \
  --destination ToAddresses=user@example.com \
  --content '{"Simple":{"Subject":{"Data":"Hello"},"Body":{"Html":{"Data":"Hi"}}}}'
# After — Mailer To Go REST API
curl -X POST https://api.mailertogo.com/v1/send \
  -H "Authorization: Bearer $MAILERTOGO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"from":"you@yourdomain.com","to":"user@example.com","subject":"Hello","html":"Hi"}'

No IAM users, policies, or regional endpoints to manage — one key and one endpoint. (Full language-by-language examples: Send email with the Mailer To Go API & SMTP.)

Step 4 — Import your suppression list (do not skip)

Export SES’s account-level suppression list before you cut over:

aws sesv2 list-suppressed-destinations --output json > ses-suppressed.json

Load those addresses into your Mailer To Go suppression list so anyone who bounced or complained on SES is never emailed again. This one step protects the reputation you built on SES.

Step 5 — Warm up and cut over gradually

A new sending domain has no reputation, so don’t flip everything at once — and this matters even more coming from SES, where a large existing volume can look like a spike to inbox providers if you move it all in a day. Run both providers in parallel and shift traffic in stages (10% → 25% → 50% → 100% over a week or two), starting with your most engaged mail (password resets, receipts). Watch bounce and complaint rates at each step, and keep SES ready to take traffic back until you’re fully cut over.

Step 6 — Verify, then decommission

Rollback

Because the switch is credentials + DNS, rollback is fast: point your mailer’s environment variables back at SES. Keeping both providers authenticated during the overlap is what makes that a one-line change instead of an emergency.


New to subdomain sending or authentication? Start with Why Mailer To Go sends from mtg.yourdomain.com and the SPF/DKIM/DMARC setup guide. Coming from a different provider? See Migrating from SendGrid and Migrating from Mailgun.