Note: Amazon SES can authenticate using either SPF or DKIM (or both). In the majority of cases, only DKIM is used.
2. To Authenticate Amazon SES using SPF you can follow the steps in this Amazon SES custom MAIL FROM domain setup.
Note: Before you can send from your domain using Amazon SES, you need to do a domain verification by adding a TXT record to your DNS. This must be done in the DNS zone of your domain and can not be done using the Authenticate UI.
Here are the Domain Verification instructions.
3. The DKIM keys for Amazon SES will have to be generated from the Amazon SES Administrator Console.
4. Now log in to your Amazon SES console and follow the steps in this Amazon SES DKIM Setup Guide.
5. Once generated, publish all three DKIM keys in Authenticate, by clicking 'Add a DKIM key' from the DKIM management section. Enter the Selector name, CNAME target value and a Comment if needed.
6. Amazon SES will automatically detect when the DKIM keys have been published and then begin to send DKIM authenticated emails.