Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Getting started with Yandex Cloud Postbox

Written by
Updated at November 12, 2025

Use this guide to create your address and send a verification email.

Getting started

Sign up for Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or create a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure.

Learn more about clouds and folders here.

Create a service account and keys

  1. Create a service account named postbox-user and assign it the postbox.sender role.

  2. Create a key for the service account:

    • To send an email using the AWS CLI, create a static access key. Save the ID and secret key to a secure location. You will not be able to view the secret key parameters again after you close the window.
    • To send an email via SMTP, create an API key. When creating an API key, set the scope for yc.postbox.send. Save the secret key you got in a secure location. You will not be able to view the secret key parameters again after you close the window.

  3. Generate a key to create a DKIM signature:

    openssl genrsa -out privatekey.pem 2048

Create an address

  1. In the management console, select the folder where you created the service account. If you create the service account and address in different folders, you will get an error when attempting to send an email.

  2. Select Cloud Postbox.

  3. Click Create address.

  4. Specify the Domain from which you will be sending emails. The domain can be of any level.

  5. Specify Selector: postbox.

    Note

    You can specify a selector other than postbox. You should only use the specified selector in a single resource record: the one you create at the Pass domain ownership verification step.

  6. Copy the contents of the privatekey.pem file you created earlier and paste it into the Private key field.

  7. Optionally, configure logging.

  8. Click Create address.

Pass a domain rights check

To send emails, confirm domain ownership. After creating an address, DKIM signature settings will be generated on its page. Specify them as the values of the resource record you need to add to your domain zone. You can add a record with your registrar or in Yandex Cloud DNS if you have delegated your Yandex Cloud domain.

Example of creating a resource record in Yandex Cloud DNS

  1. In the management console, select the folder containing the address and your domain zone.

    If you do not have a public DNS zone yet, create one:

  2. Select Cloud DNS.

  3. Select your domain zone.

  4. Click Create record.

  5. In the Name field, specify the name portion generated when creating the address, omitting the domain in <selector>._domainkey format, e.g., postbox._domainkey.

    Note

    For other DNS services, you may need to copy the entire record. The final record must look like this: <selector>._domainkey.<domain>., e.g., postbox._domainkey.example.com..

  6. In the Type field, select TXT.

  7. Copy the contents of the Value field from the Signature verification section and paste it into the Data field. Note that the record value must be enclosed in quotes, for example:

    "v=DKIM1;h=sha256;k=rsa;p=M1B...aCA8"

  8. Click Create.

  9. Go to Cloud Postbox.

  10. Select the address you created.

  11. Click Verify address. If the record is correct, the verification status on the address page will change to Success.

DNS server responses are cached, so delays may occur when updating a resource record.

Send a verification email

You can send a test email using the AWS CLI or from your email client over SMTP.

Note

To ensure the security of data transfer, Yandex Cloud Postbox supports TLS protocol versions 1.2 and 1.3.

AWS CLI

  1. Install the AWS CLI.

  2. Set up the AWS CLI:

    1. Launch the interactive profile setup: 
      aws configure
    2. Specify the previously obtained key ID of the postbox-user service account: 
      AWS Access Key ID [****************ver_]: <service_account_key_ID>
    3. Specify the previously obtained secret key of the postbox-user service account: 
      AWS Secret Access Key [****************w5lb]: <service_account_secret_key>
    4. Specify the ru-central1 default region name: 
      Default region name [ru-central1]: ru-central1
    5. Specify JSON as the default format for output data: 
      Default output format [None]: json

  3. Prepare two JSON files:

    • destination.json: File with a list of destination addresses:

      {
  "ToAddresses": ["test@example.com"]
}

    • message.json: File with the subject and content of the email:

      {
  "Simple": {
    "Subject": {
      "Data": "Test message",
      "Charset": "UTF-8"
    },
    "Body": {
      "Text": {
        "Data": "Test message. Hello!",
        "Charset": "UTF-8"
      }
    }
  }
}

  4. Send an email using the AWS CLI:

    aws sesv2 send-email \
  --from-email-address mail@example.com \
  --destination file://destination.json \
  --content file://message.json \
  --endpoint-url https://postbox.cloud.yandex.net

  5. Check the mailbox specified in destination.json for the email.

SMTP

  1. In the SMTP server settings of your email client, specify the following parameters:

    Email client supports STARTTLS

    Email client supports SMTPS instead of STARTTLS

    Server name

    postbox.cloud.yandex.net

    Port

    587

    465

    Username

    ID of the created API key

    Password

    Secret part of the created API key

  2. Send an email using your email client and make sure the specified recipients receive it.

See also

Next
All guides