How to setup your domain in iCloud+

How to setup your domain in iCloud+

guide

At long last, and without much fanfare but a mere byline in the new macOS Monterey website, Apple has launched support for custom domains in iCloud+. For those who did not watch the keynote, iCloud+ is just a new name for the paid tiers of iCloud. If you've bought extra storage, then you've got iCloud+ and it also includes some neat new features like Private Relay, a sort of VPN that will stop ISPs from tracking you, Hide My Email, which allows you to create unique, random email addresses that forward to your personal inbox, and HomeKit secure video, to store footage from HomeKit compatible cameras.

While Gmail and Microsoft have allowed you to use a custom domain for a while now, Apple had notoriously not supported it on their email offering. It is a welcome addition for those fully in the Apple ecosystem who are already paying for iCloud and want to consolidate providers. It is also great for families, as you can give email addresses to family members via Family Sharing. Now, it is worth mentioning it is not a service for power users; while you can add up to five domains and three addreses per user, that's about the extent of the customizability. There are no distrbution lists, catch-all support or any advanced features. One feature I do forsee being a great fit, is the ability to have shared mailboxes via Family Sharing, however this does currently exist.

How do you actually set it up? The steps are pretty much the same as any other provider.

  • First, log into icloud.com on a web browser.

  • One you've logged in, go to Account Settings and scroll down until you see the new Custom Email Domain section:

settings-section

  • Click on Manage you will be asked if you want to set it up for yourself or for your family. I chose just myself. I have not tried the Family Sharing option, but early reports showed it was still not possible to do so.

intro-type-chooser

  • It then goes onto asking which domain you want to use and once you've entered it, you will be presented with the next steps which will be add any existing mailboxes (if you're migrating from another provider) and add the required DNS settings.

domain-entry

If this is a new domain or you do not have any existing email addresses, skip Step 2. If you try to add the addresses here, it will send a verification email that will never arrive as they do not exist yet. Go straight to Step 3 and add the DNS records in your DNS provider.

  • If you already have an email address created in the domain you're configuring, add it here. Apple will send you an email to verify it exists and you will need to click a link. You must already have MX records pointing to an existing provider in order to receive the email.

If the email you want to add already exists as an Apple ID alternate contact, you must remove it first from appleid.apple.com, as Apple will add it when you create the mailbox, so it cannot already exist in your Apple ID.

domain-setup

This step should be familiar to anyone who has configured an email service before. You will add the MX records, a TXT to verify you own the domain, the SPF record and the DKIM key pointer. You should add a total of five records. The DNS records that you need to add are as follows, but keep in mind the verification TXT and the DKIM CNAME are unique to you:

Type Hostname Mailserver Priority TTL
MX @ (or your domain) mx01.mail.icloud.com 10 3600
MX @ (or your domain) mx02.mail.icloud.com 10 3600


Type Hostname Value TTL
TXT @ (or your domain) apple-domain=your_string 3600
TXT @ (or your domain) v=spf1 redirect=icloud.com 3600


Type Hostname Destination / Points to TTL
CNAME sig1._domainkey sig1.dkim.[example.com].at.icloudmailadmin.com. 3600

Since this service is aimed at devs with personal domains or family domains, it is not expected one will send emails from other sources, hence the redirect mechanism in the SPF. If you do have other sending sources, place them before the redirect, as anything after will not be considered and remove the ~all, like this:
v=spf1 include:spf.example.com redirect=icloud.com

dns-settings

  • Once the DNS records have been added, wait 15 minutes for Apple's resolvers to fetch the new data and go to Step 4 to verify the DNS records were entered correctly. Once it has verified you have added them correctly, it will tell you your domain is ready to use.

domain-ready

It will then ask you what email do you want to send as by default in iCloud your new custom domain or your icloud.com address. Pick an option and continue. If you did not add any pre-existing addresses, just continue.

Once the setup is done, you can manage your domain addresses and add or remove as needed. Here is where you would add the addresses if you skipped that section while setting up the domain. The addresses should sync down to your devices soon afterwards and will be available as options when composing an email.

domain-details

Once you're setup I have not experienced any issues with delivery, either inbound or outbound. There is currently an issue with DKIM alignment on outbound emails, but it should not affect anyone as it would only be a problem if the SPF lookup fails and you have a restrictive DMARC policy (which I'd wager most people setting this up won't have).

If you run into any issues, feel free to shoot me an email or tweet - happy to help troubleshoot!

Previous Post