diff --git a/terraform/production/main.tf b/terraform/production/main.tf
index 5730fbe2a..7008d93b8 100644
--- a/terraform/production/main.tf
+++ b/terraform/production/main.tf
@@ -63,6 +63,7 @@ module "ses_email" {
   recursive_delete    = local.recursive_delete
   aws_region          = "us-gov-west-1"
   email_domain        = "notify.gov"
+  mail_from_subdomain = "mail"
   email_receipt_error = "notify-support@gsa.gov"
 }
 
diff --git a/terraform/shared/ses/main.tf b/terraform/shared/ses/main.tf
index de7ca2a2b..a29a8ce10 100644
--- a/terraform/shared/ses/main.tf
+++ b/terraform/shared/ses/main.tf
@@ -23,6 +23,7 @@ resource "cloudfoundry_service_instance" "ses" {
   json_params = jsonencode({
     region                        = var.aws_region
     domain                        = var.email_domain
+    mail_from_subdomain           = var.mail_from_subdomain
     email_receipt_error           = var.email_receipt_error
     enable_feedback_notifications = true
   })
diff --git a/terraform/shared/ses/variables.tf b/terraform/shared/ses/variables.tf
index c56468cc6..74e852cf6 100644
--- a/terraform/shared/ses/variables.tf
+++ b/terraform/shared/ses/variables.tf
@@ -34,3 +34,9 @@ variable "email_receipt_error" {
   type        = string
   description = "email address to list in SPF records for errors to be sent to"
 }
+
+variable "mail_from_subdomain" {
+  type        = string
+  description = "Subdomain of email_domain to set as the mail-from header"
+  default     = ""
+}
diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf
index c5f0f56ab..5e9c071d3 100644
--- a/terraform/staging/main.tf
+++ b/terraform/staging/main.tf
@@ -64,6 +64,7 @@ module "ses_email" {
   name                = "${local.app_name}-ses-${local.env}"
   recursive_delete    = local.recursive_delete
   aws_region          = "us-west-2"
+  mail_from_subdomain = "mail"
   email_receipt_error = "notify-support@gsa.gov"
 }