I’m not going to share my complete /etc/postfix/main.cf file but here are the pertinent lines to get it to work with AWS.
AWS documentation is here: https://docs.aws.amazon.com/ses/latest/dg/Welcome.html
Of course you will need an AWS account to use SES.
relayhost = email-smtp.us-east-2.amazonaws.com:587
This points to the SMTP server in the AWS Ohio region. Read AWS documentation. Identities are region specific.
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
The sasl_passwd file is actuall sasl_passwd.db but main.cf always adds the db so don’t append it here or it will look for sasl_passwd.db.db
smtp_tls_CAfile = /etc/asterisk/keys/freepbx.vietfeir.com.crt
This is where letsencrypt puts the CA file for TLS. AWS is happy to use it for TLS
Here is the sasl_passwd file with identity redacted
Note, the smtp server name must match the relayhost
When you create your domain identity, it will create 3 CNAME records which you will put in your zone file. I used AWS Route 53 for my DNS server so it added them automatically.