Beware that sendy comes with many backdoors though. Put it in a vm with a strong firewall.

Can you elaborate? I was planning to start using Sendy, but hiding it behind a firewall seems like it would break the signups, click tracking, open tracking, etc.

Compared to Sendy, I would suggest to use EasySendy Pro, I myself shifted to this service, having previously used Sendy. Pro gives many independence of connecting multiple SMTP servers other than, Amazon SES. Also, it is hosted web application and have plans to integrate social and push services very shortly. This cross channel will help us connecting our end customers instantly and smoothly.

I've already firewalled a completely open phpinfo page and a compatibility page leaking all my server info. Who knows what's inside the obfuscated portion. They were leaking my ip I try so hard to hide for cloudflare.

Yes firewall all in is necessary. Outgoing only to Amazon. I don't have a perfect solution. A vm will stop full backdoor.

I'm curious; why don't you use SES for transactional also?

Sendgrid is currently free, may have better transactional deliverability, much quicker using system wide ssmtp vs aws libraries at that time, I didn't have to change anything php side