Email forwarding with SES


Jun 24, 2023
cPanel Access Level
Root Administrator
By default, SES requires the sender's email to be verified and this is not working with email forwarding. i.e. I receive an email from '[email protected]' and it's forwarded to '[email protected]' this won't work because of the mentioned reason as '[email protected]' is not verified with SES.
I'm trying to update the headers before sending emails so that they are sent from my verified emails on my domain, not users' emails.

driver = smtp
port = 587
hosts_require_auth = *
hosts_require_tls = *
headers_remove = From:Sender:Return-Path:Return-path:DKIM-Signature:Reply- To:Envelope-From:Received:X-Authenticated-Sender
headers_add = Envelope-From: $local_part@$domain
headers_add = X-Authenticated-Sender: $local_part@$domain
headers_add = Reply-To: $sender_address
headers_add = X-Original-Sender-Address: $local_part@$domain
headers_add = From: $local_part@$domain
headers_add = Sender: $local_part@$domain
headers_add = Return-Path: $local_part@$domain
max_rcpt = 1
return_path = ${srs_encode {SRS_SECRET} {$local_part@$domain} {$domain}}

this didn't work the headers were not changed so I tried to update custom_begin_pre_recipient:

domains = +local_domains
remove_header = From
remove_header = Sender
remove_header = Return-Path
remove_header = Return-path
remove_header = DKIM-Signature
remove_header = Reply-To
remove_header = Envelope-From
remove_header = X-Envelope-From
remove_header = X-Authenticated-Sender
add_header = Envelope-From: $local_part@$domain
add_header = X-Authenticated-Sender: $local_part@$domain
add_header = Reply-To: $local_part@$domain
add_header = X-Original-Sender-Address: $local_part@$domain
add_header = From: $local_part@$domain
add_header = Sender: $local_part@$domain
add_header = Return-Path: $local_part@$domain
add_header = Return-path: $local_part@$domain
add_header = X-Envelope-From: $local_part@$domain
remove_header = Received

This worked with most of the headers but not all and SES still detects the sender ad '[email protected]'.

These are the headers I received:

Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from
by with LMTP
id P1OrDxKyg8AZjHKjQ
(envelope-from <[email protected]>)
for <[email protected]>; Tue, 18 Jul 2023 15:38:58 +0000
Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Tue, 18 Jul 2023 15:38:58 +0000
Date: Tue, 18 Jul 2023 15:38:08 +0000
To: email <[email protected]>
Subject: Subject
Message-ID: <jHHuxRzd[email protected]>
Feedback-ID: 21140702:user
MIME-Version: 1.0
Content-Type: multipart/alternative;
Envelope-From: [email protected]
X-Authenticated-Sender: [email protected]
Reply-To: [email protected]
X-Original-Sender-Address: [email protected]
From: [email protected]
Sender: [email protected]
Return-Path: [email protected]
Return-path: [email protected]
X-Envelope-From: [email protected]
X-Spam-Status: No, score=2.7
X-Spam-Score: 27
X-Spam-Bar: ++
X-Ham-Report: Spam detection software, running on the system "",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Sent from mobile
Content analysis details: (2.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
0.0 HTML_MESSAGE BODY: HTML included in message
2.0 PYZOR_CHECK Listed in Pyzor
0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
EnvelopeFrom freemail headers are
X-Spam-Flag: NO

I get this error:
SMTP error from remote mail server after end of data: 554 Message rejected: Email address is not verified. The following identities failed the check in region EU-WEST-1: [email protected]

Is it possible to remove this email '[email protected]' from the headers and make it as if it's sent from '[email protected]' or an alternative way to send incoming emails to other emails?
Last edited:


Aug 17, 2023
cPanel Access Level
Root Administrator
I am facing the same issue when SES configured with cpanel and forwarding enabled to receiver email account.

Here is the case details - is the primary domain of cpanel and it's verified in SES for sending mail.

Forwarding enabled from cpanel [email protected] to [email protected]

Sending mail from [email protected] to [email protected].
It delivered to [email protected] but failed to deliver on [email protected]

[email protected] ([email protected]) <[email protected]> R=send_via_ses T=ses_smtp [x.x.x.x] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=yes: SMTP error from remote mail server after end of data: 554 Message rejected: Email address is not verified. The following identities failed the check in region US-EAST-1: sender <[email protected]>, [email protected]

I have followed this document -
Tried with enabling or disabling SRS features from exim , both failed to forward email.

SRS Not working for forwarding email with SES -

if someone able to resolve this issue please send the solution.


Jurassic Moderator
Staff member
Oct 19, 2014
cPanel Access Level
Root Administrator
@theme2html - that last support document you linked indicated that configuration isn't possible with cPanel, so that would be the final word there. If there are other workarounds, they would need to happen outside the supported cPanel tools, but I'm not aware of such a thing on my end.