Setting DNS records in Amazon Web Services (AWS)

You can create new email addresses in ProtonMail using domains that you own. For example, if you own mydomain.com, you can create a custom domain email address in ProtonMail like me@mydomain.com.

This article describes the steps to set up a custom domain for domains registered through Amazon Web Services (AWS). We also provide step-by-step guides for other major registrars: Namecheap, GoDaddy, Cloudflare, and Google Domains.

You can also read our Support article about DNS records generally, as well as this guide to anti-spoofing measures (SPF, DKIM, and DMARC). These articles can help you if you bought a domain from a registrar not listed above.

Once your custom domain is set up, you can use it to add custom domain email addresses.

1. Add your custom domain

1) Log into your ProtonMail account at mail.protonmail.com and go to Settings -> Domains.

2) Click on “Add Custom Domain”. This will take you to step 1 of the setup wizard.

3) Type in your domain name and click “Next”.

4) Enter your ProtonMail password (and 2FA code, if enabled) and click “Submit”.

2. Verify that you own the domain

1) Go to https://console.aws.amazon.com/route53/home and log into your account.

2) Go to the Resources page and click on Hosted Zones.

3) Under the Domain Name column, click on the name of your domain you’ve selected in ProtonMail.

4) Click on Create Record Set and enter the following information in the “Create Record Set” window:

Name: @ (If the “@” value is not accepted, enter your domain instead.)
Type: TXT
Alias: No
TTL (Seconds): 300
Value: (Copy and paste the unique text string under “VALUE / DATA / POINTS TO” in the ProtonMail setup wizard)
Routing policy: Simple

5) Click on “Create”.  (Depending on your registrar, you may have to wait up to 24 to verify before you can move on to the next steps.)

3. Choose your email address

1) Click on “Add Address” and create your new email address in the modal. You can choose the text that appears before @yourdomain.com, as well as the display name and email signature.

2) Click on “Save”.

4. Set MX records in Amazon Web Services

1) Go back to the Resources page and click on Hosted Zones.

2) Under the Domain Name column, click on the name of your domain you’ve selected in ProtonMail.

3) Click on Create Record Set and enter the following information in the “Create Record Set” window:

Name: @ (If the “@” value is not accepted, enter your domain instead.)
Type: MX – Mail exchange
Alias: No
TTL (Seconds): 300
Value: mail.protonmail.ch
Routing policy: Simple

4) Click on “Create”.

5. Set SPF, DKIM, and DMARC

We recommend also adding SPF and DKIM records. Setting DMARC is an optional, advanced feature. You can learn more about what each of these additional security settings do here.

SPF, DKIM, and DMARC are set the same way as TXT records.

1) Go to the Resources page and click on Hosted Zones.

2) Under the Domain Name column, click on the name of your domain you’ve selected in ProtonMail.

3) Click on Create Record Set and create the SPF record according to the values shown in the ProtonMail wizard.

4) Repeat these steps for DKIM and, if desired, for DMARC.

You should now be able to use your new custom domain email address!

Leave A Comment?