I'm trying to get DMARC working for the emails I send via Office 365 as well as Amazon SES. It's working for Office 365 because I setup the SPF and DKIM records in my DNS but it's failing for the emails I send via Amazon SES because of a domain alignment error (amazonses.com != mydomain.com). I understand that I need to create a custom MAIL FROM domain, but I'm running into a problem when adding the TXT and MX records to my DNS on Route 53.
The problem is that I use Office 365 for handling all our email, and I already have an MX record for mydomain-com.mail.protection.outlook.com
. In Amazon's instructions for creating a custom MAIL FROM domain, it gives this warning:
To successfully set up a custom MAIL FROM domain with Amazon SES, you must publish exactly one MX record to the DNS server of your MAIL FROM domain. If the MAIL FROM domain has multiple MX records, the custom MAIL FROM setup with Amazon SES will fail.
How should I add the new TXT and MX records for the custom MAIL FROM domain if I already have an MX record to allow Office 365 to handle my email?