Fullworks Simple Setup for Amazon SES replaces the default WordPress email function with Amazon SES, ensuring reliable email delivery for your WordPress site.
This plugin is an independent project and is not affiliated with, endorsed by, or sponsored by Amazon Web Services, Inc.
Features: * Easy configuration through WordPress admin * Optional credential configuration via wp-config.php constants (12-factor / env-var friendly) * Supports all standard WordPress emails * Test email functionality * Credentials stored in the WordPress database, or defined as wp-config.php constants to keep them out of the database * Support for HTML and plain text emails * Staging-safe email redirect: reroute all outgoing mail to a catch-all address (always, or only on non-production environments) while still sending for real through SES
Configuration
Before using this plugin, you need to:
- Have an AWS account
- Set up Amazon SES in your preferred region
- Verify your sender email address or domain in AWS SES
- Create an IAM user with SES sending permissions
- Generate Access Keys for the IAM user
Defining Credentials in wp-config.php
Instead of storing AWS credentials in the database via the settings UI, you can define them as PHP constants in wp-config.php. This is the recommended approach for production sites and works well with environment variables on managed hosts.
Add the following before the /* That's all, stop editing! */ line in wp-config.php:
define( 'FSSFAS_ACCESS_KEY_ID', getenv( 'FSSFAS_ACCESS_KEY_ID' ) ?: '' );
define( 'FSSFAS_SECRET_ACCESS_KEY', getenv( 'FSSFAS_SECRET_ACCESS_KEY' ) ?: '' );
define( 'FSSFAS_REGION', getenv( 'FSSFAS_REGION' ) ?: 'us-east-1' );
Each constant is independent — you can define one, two, or all three. Any constant that is defined takes precedence over the value saved in the settings page, and the matching field in the admin UI is locked while the constant is in effect.
Email Redirect for Staging
When you copy a production site to a staging or development environment, real WordPress and WooCommerce emails (order confirmations, password resets, etc.) can be accidentally sent to real customers. The Email Redirect feature prevents this: every outgoing email is still sent for real through Amazon SES, but the recipients are rewritten to one or more catch-all addresses you control. You see exactly what would have been delivered, fully rendered, without any real recipient being contacted.
- The original To, Cc and Bcc are preserved in
X-Original-To,X-Original-CcandX-Original-Bccheaders, and the subject is prefixed with the original recipient (e.g.[SES redirected → customer@example.com] Your order). - Cc and Bcc are dropped from actual delivery — only the catch-all address(es) receive mail.
- While redirect is active, a warning banner is shown in wp-admin and each redirected send is written to the error log, so trapped mail is never silent.
- The admin “Send Test Email” button always sends to the address you type, ignoring redirect.
Redirect Mode has three settings: Never (default), “Redirect when environment is not production” (uses the WordPress environment type, WP_ENVIRONMENT_TYPE), and Always.
Like credentials, the redirect settings can be defined as constants in wp-config.php so a staging environment can enforce them via environment variables:
define( 'FSSFAS_REDIRECT_MODE', getenv( 'FSSFAS_REDIRECT_MODE' ) ?: 'non_production' );
define( 'FSSFAS_REDIRECT_TO', getenv( 'FSSFAS_REDIRECT_TO' ) ?: 'staging-mail@example.com' );
FSSFAS_REDIRECT_MODE accepts `never`, `non_production` or `always`. `FSSFAS_REDIRECT_TO` is a comma-separated list of catch-all addresses. When defined, the matching field in the admin UI is locked.<h3>External Services</h3>
This plugin sends your site’s outgoing email through Amazon Simple Email Service (Amazon SES), a service provided by Amazon Web Services, Inc. When WordPress sends an email and the plugin has been configured with valid AWS credentials, the message is transmitted to Amazon SES instead of being delivered by your server’s default mailer.
The following data is sent to Amazon SES for each email:
- The recipient address(es), and any Cc, Bcc and Reply-To addresses
- The sender name and address
- The email subject and message body
- Any file attachments included with the email
- Your AWS Access Key ID and the AWS region you select, used to authenticate the request
No data is sent to Amazon SES unless you have entered AWS credentials in the plugin settings (or defined them as wp-config.php constants). Without credentials the plugin does nothing and WordPress sends email using its normal method.
This service is provided by Amazon Web Services, Inc. Your use of it is governed by their terms and privacy policy:
- Amazon SES: https://aws.amazon.com/ses/
- AWS Service Terms: https://aws.amazon.com/service-terms/
- AWS Privacy Notice: https://aws.amazon.com/privacy/