Skip to content
Thoughtful, detailed coverage of everything Apple for 31 years
and the TidBITS Content Network for Apple professionals
29 comments

How to Set Up Custom Email Domains with iCloud Mail

Apple is now testing an iCloud Mail feature that power users have requested for years: custom email domains. What does that mean? Most people use free email services like iCloud Mail and Gmail, where all email addresses use a pre-specified domain. For instance, if you use iCloud Mail, your address will be something like [email protected] (or [email protected] or even [email protected] if you’re old-school cool). Likewise, if you use a free Gmail account, your address is along the lines of [email protected]

However, if you own a custom domain name, like tidbits.com or joshcenters.com, many email services let you use that domain for your email address. That offers a few advantages:

  • It enables you to customize your email address.
  • It looks more professional—you’re not just one of hundreds of millions of iCloud users.
  • You can migrate your email address to any other email service provider that supports custom domains.

Things to Know Before You Move Your Email Address

You can now test custom domain support on the iCloud beta site. However, there are important caveats:

  • Do not move your primary email domain to iCloud Mail yet, since the feature is still in beta. (There are other reasons to not rely on iCloud Mail as your main email service that I’ll outline below.)
  • You can send outgoing email from a custom email address only with the betas of macOS 12 Monterey, iOS 15, and iPadOS 15, not from currently shipping versions of Apple’s operating systems.
  • You can’t move just one address at a domain to iCloud Mail. It’s all or nothing. For instance, we couldn’t move [email protected] to iCloud and leave [email protected] behind.
  • You can only set up a custom email domain for an iCloud account that has an iCloud email address associated with it. (For historical reasons, Adam Engst’s primary Apple ID is [email protected], has no associated iCloud email address, and wouldn’t allow him to manage custom domains.)
  • You must be a subscriber to iCloud+, Apple’s new name for iCloud paid plans. If you already pay for iCloud storage, you’re automatically in.
  • You must be able to receive email at your custom email address before you set it up at iCloud because Apple needs to send it a confirmation message. I explain how to get around that catch-22 below.
  • Apple does not currently provide any tools to transfer existing email messages from another email provider to your iCloud account. Macworld UK explains how to use the Mail app on the Mac to move messages from Gmail to iCloud, which should work for any email account set up in Mail. Although the article’s steps look reasonable, we haven’t tested them with thousands of messages, so proceed at your own risk and be sure to verify that messages have transferred correctly.
  • You can set up five unique domain names with an iCloud Mail account, but each person can have only three unique addresses per domain, all of which deliver to that person’s iCloud inbox. Services like FastMail offer many more, though you have to pay for additional users. In short, iCloud Mail is still only a solution for individuals and families, not for organizations.

I personally don’t depend on iCloud Mail for anything other than testing. The lack of custom domain support was one reason, but I don’t see myself switching even now. iCloud Mail lacks many of the advanced options of other email providers and has been known to silently filter messages, with no way to recover the messages or even know they were sent.

However, there are some good reasons to use iCloud Mail, especially if you’ve bought into the Apple ecosystem:

  • Easy integration and fast device setup. All you have to do is log in to your iCloud account to send and receive email.
  • Push notifications for email messages that notify you immediately when you receive a message. (Fastmail is the only third-party service I know that offers this for Apple devices.)
  • Economical use of paid iCloud storage space.

How to Buy a Domain

Apple doesn’t sell domains, so you’ll have to buy one from a domain registrar before setting up a custom email address. Entire books have been written about domain purchasing and management, but the process is relatively simple. Here are some registrars that we at TidBITS have used successfully:

I currently host my domains with Epik because of the company’s strong civil liberties stances and outstanding 24/7 support. However, if you’re new to domain registration, I would steer you toward Hover. It’s the most user-friendly registrar I’ve used, complete with excellent telephone support. If you start with one domain registrar and want to switch to another, you can transfer your domains at any time, though you usually have to pay for an extra year when you do so.

Once you own a domain, be sure to renew it every year or pay for a multi-year registration. Set yourself a reminder to renew it at least a few weeks before it expires. When the renewal day comes up, make sure your payment information is up to date. I once nearly lost my joshcenters.com domain due to a payment snafu with Hover. Domain squatters often scoop up lapsed domains and try to resell them back to their owners at exorbitant prices.

You must have a valid email address at your domain to set it up with iCloud Mail because Apple sends a confirmation message to that address. If you’re setting up a new email address, it’s a bit of a catch-22, but don’t worry, most registrars let you create a free forwarding address that will do the job. Just remember to do it before you start configuring your domain in iCloud Mail.

Below is a screenshot of me setting up a forwarding address for one of my Epik domains. I set it up so [email protected] forwards any email it received to my main email address. That enabled me to receive Apple’s confirmation message.

Setting up email forwarding on Epik

(I bought mannsplaining.net when my friend Sonya Mann and I were thinking of starting a podcast called Mannsplaining. Sadly, we both later realized we had nowhere near enough time to host a podcast, and I haven’t used the domain for anything since.)

Setting Up a Custom Domain with iCloud Mail

With all the caveats out of the way, let’s look at the process of setting up your custom domain to work with iCloud Mail:

  1. In Safari, visit beta.icloud.com and enter your login credentials. Note that the iCloud beta works only with the latest versions of Safari, Firefox, Google Chrome, and Microsoft Edge. Annoyingly, that list doesn’t include Brave.
  2. Click Account Settings.
    iCloud beta Account Settings
  3. Scroll down to Custom Email Domain and click Manage.
    Manage custom domain
  4. Choose whether you want to use the domain for only a personal address or for your family. Only You is probably the safe choice for now.
    Choose only you or you and your family
  5. Enter your domain and click Continue. After doing this, you receive an email to your iCloud address with additional instructions, though the iCloud website will continue guiding you through the process.
    Enter custom domain
  6. Enter all the email addresses you want to associate with your domain. You can add more later, but you may miss messages sent to those addresses in the meantime. Click the + icon to add more. Remember, you can add only three email addresses.
    Enter custom email address
  7. Click Add Email Address. You are asked to confirm that you’ve added all of your email addresses. Click Confirm once you’re sure. Don’t fret, because email will not be redirected until you change your registrar’s settings.
    Confirm email address

If you forgot to set up an active email address before starting (raises hand), you can click Resend Verification Emails on this screen to send them again.

Keep an eye on your email inbox for the verification email from Apple. Once you receive it, open it and click Verify. If your default browser isn’t supported by the iCloud Beta, you can Control-Click the Verify button in Mail and choose Open With > Safari or another installed browser. In other email clients, you should be able to Control-click Verify, copy the URL, and paste it into your browser.

Verify email address

You should see a message on the iCloud website saying your address has been verified. Click OK.

Update Domain Registrar Settings

Here’s where things get tricky—you might need help from your domain registrar. You need to set up the appropriate DNS records with your registrar, and how you do that varies by registrar. If you contact your registrar’s support and provide the details, they may be able to set up the records for you or at least point you to the necessary instructions.

In the simplest possible terms, DNS records are instructions for how DNS servers should handle requests for a domain. DNS stands for Domain Name System, and the collection of interconnected DNS servers is what makes it possible to visit a domain like tidbits.com instead of a numeric IP address.

To see the records you need, check your iCloud inbox for an email titled “Finish setting up your custom domain,” but don’t follow that email’s instructions!

Here’s what Apple provides you:

  • Two TXT records that hold information that prevents email spoofing
  • One MX record that specifies where email sent to your domain should be delivered
  • One CNAME record that points traffic from one domain to another

You must correctly enter all of these DNS records for your domain at your registrar’s site. If you miss any or make any mistakes, email from your domain may be automatically rejected or flagged by spam filters.

If you use your domain for services other than email, these records should not interfere with those services as long as you don’t replace existing entries. However, if you set up email forwarding with your registrar or already use your domain with another email provider, you will want to delete the corresponding DNS entries for that provider. (Record the deleted information in Notes or the like, just in case you want to switch back.) I assume that if you’ve already set up a custom email domain in the past, you have some idea of what you’re doing. Otherwise, I recommend contacting your registrar’s support.

Reconfiguring DNS records gave me the most trouble because the instructions in Apple’s email are wrong! Until Apple fixes its email, refer to Apple’s support document, which gives the proper instructions in the correct order. You will need to refer back to Apple’s email for step 5, because it has your unique Personal TXT entry.

Your registrar will likely look different, but as you can see in the screenshot below, on Epik, I was able to leave all the Host fields blank. But with the sig1.dkim.[example.com].at.icloudmailadmin.com. CNAME entry, make sure you replace [example.com] with your domain name or the final step will fail.

Entering iCloud MX records in Epik

Once you’ve correctly entered all your DNS records at your registrar, return to iCloud settings and click Finish Set Up. You’re asked to verify that you’ve updated your DNS records before clicking Confirm.

If you just updated the records with your registrar, you may see a DKIM error when you click Confirm on the iCloud page. There are a couple of things to know:

  • DNS records can take a while to propagate throughout the system, anywhere from a few minutes to a full day.
  • DKIM is an email authentication scheme that tries to reduce spam. Without a valid DKIM record, your outgoing emails will likely all be flagged as spam.

In my case, I received the error because I didn’t replace [example.com] in the CNAME record. Oops! Once I corrected that, it worked instantly.

Finally, you need to specify which address you want to use as your default outgoing email address.

Choose default email address

You’ll know it works if you receive a confirmation email from iCloud. Your other devices will also ask if you want to use the new email address for iMessage and FaceTime.

Prompt to add the new address to iMessage and FaceTime

Using Your New iCloud Address

Here’s what you need to know:

  • Your existing icloud.com, me.com, and mac.com email addresses work as they always have.
  • You can send outgoing email from one of the above addresses or from the new one you set up.
  • Any email sent to your custom email address should arrive in your iCloud inbox.

To choose a different outgoing email address when composing a message, click or tap the address to the right of the From field in Mail. In Mail on the iCloud beta website, your new address shows up instantly. In the iOS 15 beta, it took a few minutes to show up. However, it won’t show up at all in the non-beta iCloud Mail or in any of Apple’s currently shipping operating systems.

Choosing the From address in iCloud webmail

Proceed with Caution

It’s great that Apple has finally added support for custom domains to iCloud Mail, but I strongly encourage you to restrict your usage to testing. Beyond the fact that you can only send email from one of the betas of Apple’s upcoming operating system releases, I just can’t recommend that you trust mission-critical email to a beta service. After Apple promotes the feature out of beta, lots of people will start using it, and we’ll get a sense of how reliable it is.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 29 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About How to Set Up Custom Email Domains with iCloud Mail

Notable Replies

  1. I have my own unique domain name. Being able to use iCloud sounds great, but it sounds like more work than it’s worth. It’s a bit over my head. I think I will stick to easyDNS for now. Thanks for the article, though.

  2. I don’t get why anyone would do that. You get all the drawbacks of iCloud.

  3. Having this article so close to the one entitled “Resetting Recent iCloud Bouncing Subscribers” should give anyone pause when considering using iCloud mail servers. Mail must be reliable in this day and age, along with rapid fixes and good customer service. Sounds like switching to iCloud is a disaster waiting to happen.

  4. Quite right. I’m going back to self-hosting at home (VPS in case of need), and one reason is precisely to deal with iCloud’s pernicious SMTP-time rejection and silent-discarding of email. Not sure why I started using iCloud in the first place TBH; must have been insanity. Then again, 2012 was a different time.

    OTOH: it seems hard to argue with using iCloud’s Mail forwarding addresses if the alternative is to use registrar services for forwarding mail, as is currently my case. It would be clearly preferable for iCloud to receive and filter mail directly from other hosts. No doubt, for that purpose, it’s adequate and far more convenient.

    Edit: and the 3-alias limit per domain! Really, even with forwarding addresses, that does seem entirely unreasonable to me. I’ll definitely miss push on my way out, though.

  5. That is a problem. Initially many of our iCloud-using customers would not get their license emails. We had to remove all the links from our license emails. That was very frustrating and cost us and them lots of hours.

    Still, iCloud’s privacy is superior. We’re all privacy-compromised because so many people have gmail accounts.

  6. Yeah, a bit of unfortunate timing :joy: As I say in the article, there are reasons I don’t use iCloud Mail, but I know many of our readers do.

  7. I currently own a couple of unused domains but i have an [email protected] address for each of them. I forward them to my iCloud account for the simplicity of everything arriving into one mailbox. Being able to assign custom domains into iCloud would be nice - specifically the ability to send from the custom domain (currently I can only send from my primary iCloud account for the forwarded domains).
    I might be an exception, but I’ve had very few problems with iCloud mail, far fewer than I’ve had with Exchange (which is light years more difficult to manage).

  8. I’ve tried to add my domain, jbr.is, but I get an error message: “There was a problem with adding that domain. Please try again later”. It’s not awfully informative: any ideas?

  9. Is the error on the iCloud end? I would report it to Apple since this is a beta and it might be a bug.

  10. The error seems to be at iCloud: the help desk at isnic denies any knowledge of a problem (and actually pointed me at the original article here!)

    What’s the best way to report it to Apple?

  11. As you are in the Monterey beta you should use the application Feedback Assistant.

  12. Try this: Feedback - iCloud - Apple

    Also, it’s hilarious they pointed you back here. I did a Google search and we’re the top result in how to use a custom domain with iCloud.

  13. Thanks, Josh. I was amused too. I’ve submitted a description at the feedback page.

  14. So basically the pro(s) of using iCloud for custom domains are what?

    AFAICT, everything in the article was basically saying don’t bother, lol.

    It’s not even free IMAP email storage, given you have to at least be a Plus customer, unlike say Gmail (although they use their proprietary IMAP-a-like backend, which has never worked well in clients, especially Apple’s).

    Is it basically just relatively cheap then as it’s main selling factor, compared to other solutions?

  15. This is for custom domains. You can’t get a custom domain for free on Google either. (You were once able to - I have one of those.)

    One advantage may be privacy - Apple will not be harvesting and/or using IP or location for marketing purposes. Of course Google doesn’t sell that info, but they do use it to improve ads shown to you, etc.

  16. The advantage is the vast number of people who rely on iCloud for email can now use a custom domain for their address. Simple as that.

    If you don’t use iCloud for email, there’s no particular benefit, but that’s your decision and may not match up with others’ decisions.

  17. Yes I know it’s for custom domains – that’s what the thread’s about.

    I meant you buy a domain, then use Gmail as the free email storage (optionally paying Google for extra functionality, if wanted). However using the same domain with iCloud storage isn’t quite free (obviously min. $£€1 charge) to do the same thing, but more poignantly are the many more restrictions iCloud has outside of the privacy benefit. And if you have to pay anyway, you could just use something less restrictive and get privacy, like Fastmail (see below).

    Yes I have an iCloud email, and sure people have another choice which is always nice. But what’s so special about using it for custom domain email address usage, over something else as ones IMAP storage backend? (especially given the restrictions the article mentioned; very thorough BTW Josh! :wink: )

    Ultimately, if someone wants a custom domain email address, why would they use iCloud with its restrictions as the storage backend, instead of just using something free like Gmail (if they didn’t mind Gmail’s type of sync) or similar moderate cost Fastmail (vanilla push IMAP), et al.?

    Fastmail, for example, also has great customer service to help set it up or should problems arise in future. But with iCloud (and the free Gmail too, last time I checked!), there really isn’t as decent a support in place.

  18. There’s a lot of inertia with email—if you have been using iCloud for many years and you’re happy with it, why change? Plus, if you suddenly start using a custom email address, you’re still going to receive a lot of email at your old iCloud address and this way it all comes to the same place without having to set up forwarding or check multiple accounts.

    I don’t think there’s anything special about iCloud Mail’s custom domain support—it’s mostly interesting to long-time iCloud users who don’t want to switch backends and already are or are willing to pay for iCloud+. But there are probably a lot of those people.

  19. @ace Yeah, I suppose you’re right in that respect. For some, the ease of keeping what they have coming in to their current inbox, and carrying on without dealing with an account switch over is the biggest attraction. :slight_smile:

    Although, if you’re setting up a completely new family email system (obviously Apple aren’t aiming this at any type of business usage beyond maybe a sole trader), IMO I still think most would likely be better off with something else like Fastmail or other, at least for the better tech support benefits and should they want to expand email aliases later – even with the small cost involved.

  20. Totally agreed — I’d never encourage anyone to set up a custom email domain and use iCloud as the backend if there isn’t already a ton of history there.

  21. I found a reasonable domain for my kids, and iCloud mail is one of my options for the backend. If they don’t like it later, they can switch it to something another backend. I already pay for Apple One.

    I use a different domain for myself, with Fastmail as a backend.

    I recently set up a new domain+email for my sister’s side business. Google Suite hasn’t been free for a long time AFAICT. I set hers up with Zohomail, which still was free.

    As an alternative to Fastmail, and for low-volume use, I’ve heard that Migadu email is OK as well.

  22. I’m just trying it out now and get the same result. Nope–no idea. Given this is now being postponed, I suspect it’s on ice for a while anyway. Oh, well. I have a nice, shiny new domain to try it with …

    FWIW, you can reach the FeedBack Assistant on the web at https://feedbackassistant.apple.com/ . It’s the same tool for reporting bugs on iOS and macOS, but online. You can report the issue against the beta iCloud there. I don’t know whether the public-facing feedback form does the same thing or not, but if you file into the bug reporter you might get a response (but probably not unless it’s been widely reported).

  23. A few years ago, I decided to go to war against spam. I was getting around 50 to 80 per day.

    I have had my own domain address for 20 years and I suppose, especially in the old days, it would be harvested from those endlessly infected PCs, when PC viruses were all the rage.

    Going to war meant buying a 2nd domain and using it uniquely for throw away email addresses. So anywhere that asked for an email address, got one of those and my 20 year old email is used solely for email with people I know, or for business. The crux/enabler though, was that my domain name provider, added Sieve filters to its service. So using these, I’ve been able to simply reject everything that isn’t legit and on the 3 occasions that one of these disposable email address has been procured by a spammer, it took less than 2 minutes to delete and I never hear from the spammers again. Crucially though and unlike Junk/Spam filters, I don’t have to go through my mail to check for ‘false positives’. That’s the thing with Junk/Spam filters… you still have to check everything. So they only delay the hassle. They don’t eliminate it.

    So it was with a little ironic smile today, that I see that Apple are introducing something similar with iCloud+ in Monterey. You will be able to easily generate disposable email addresses in order to be able to protect your email address from baddies. This won’t help for addresses that are already receiving a lot of spam, but it will help going forward, by reducing future abuse. I wonder if this will be available for ‘own domain’ addresses as well?? There was mention of only 3 aliases, but this looks like a different feature.

    Maybe someone at Apple read about my system :sunglasses::nerd_face::slightly_smiling_face: which, BTW, worked. I won the war and I’m down to a handful of spam a year.

  24. Yup! I’m late to the game, but that’s exactly how I intend to go about this, too, but with one addition: using control over the submission server, I will rewrite outgoing mail so that its envelope sender and sender header fields will be rewritten depending on the initial recipient. That way, I can participate seamlessly in mailing lists and other places without having to maintain a zillion aliases, as is now the case. I once did this using TMDA, which is a challenge-response system which I found to be very effective against spam, but which made me rather … unpopular. :slight_smile: I’ll reimplement just that functionality myself, and I can reject any mail I don’t want outright at SMTP time. I’ll probably continue to use maildrop, though, rather than sieve, as it’s more flexible (and doesn’t do my head in in the way sieve does).

    It’s good that Apple are bringing this to the hoi polloi though. The idea must be getting about, and it’s clearly the only way. I don’t like heuristic spam filters (I’ve been impressed by learning classifiers), but regardless, the problem of false positives and all the collateral is real enough that I’d like to put an end to it. Plus of course quickly rejecting unwanted mail is faster than spam processing; on my last mail server, a Pentium II, I was spending 90 seconds to filter spam! That’s obviously not going to be true now, but I still want to economise as much as possible. Yes, indeed. Death to spam! :slight_smile:

  25. I’m surprised to find out that you recommended a registrar (epik) that has now been shown to been a haven for far right wing extremists like the proud boys. (https://www.washingtonpost.com/technology/2021/09/21/epik-far-right-hack-anonymous/ )I would hope you edit the article to remove them from your list.

    Unfortunately I took your recommendation and moved one of my domains to them. Now I have to wait 60 days to move it again. Shame on me for taking your advice without doing enough due diligence.

  26. Sorry you’re unhappy with Epik. I actually recommended Hover in the article, since it’s the most newbie-friendly.

    Whichever registrar you switch to, I recommend thoroughly vetting them to make sure they don’t hold any domains you find objectionable (spam, human trafficking, extremist groups, cults, scammers, or whatnot).

    I may actually switch away from Epik because they recently had a major security breach and aren’t handling it very well.

  27. I read this statement as a endorsement:
    "I currently host my domains with Epik because of the company’s strong civil liberties stances and outstanding 24/7 support. " (My emphasis)

    My kind of civil liberties aren’t supported by these people (Wash. Post)
    “Online records show those sites have included 8chan, which was dropped by its providers after hosting the manifesto of a gunman who killed 51 Muslims in Christchurch, New Zealand, in 2019; Gab, which was dropped for hosting the antisemitic rants of a gunman who killed 11 people in a Pittsburgh synagogue in 2018; and Parler, which was dropped due to lax moderation related to the Jan. 6 Capitol attack.”

    Data breaches can happen to anyone, but hosting far right sites is a corporate decision and one that I don’t agree with. Had I known that I wouldn’t even visit their site. Saying that you may move your sites is not a very strong response to a organization like that.

    My opinion of TidBits and their credibility took a hit on this one.

  28. Civil liberties used to mean, among other things, that everyone has a right to speak, even those you dislike. I guess that’s changed in the past few years and I’m just stubbornly old-fashioned.

    As far as I know, Epik doesn’t “host” any of that, they merely register the domains. I believe in net neutrality and don’t think registrars should be in the business of determining who’s allowed to have a domain. If the law is being broken by those websites, law enforcement can seize the domains.

    Eric Friedman, head of Apple’s Fraud Engineering Algorithms and Risk unit, recently said that Apple is the “greatest platform for distributing child porn.” By your logic, every Apple services user is tacitly endorsing CSAM, especially since Apple recently backed off on their CSAM-detection initative.

Join the discussion in the TidBITS Discourse forum

Participants