Apple introduced custom domain names for iCloud email in August of 2021 (I think, but feel free to correct me and I’ll correct this). The easiest way to set this up is probably to just obtain the domain name through Apple. You can also use iCloud Email for custom domains purchased through other registrars. The setup is fairly straight-forward, provided DNS is setup correctly (or that a large-enough DNS host is used that Apple has wired it up to their API to do it for you). To get started, login to iCloud. Then click on the apps selector at the top of the screen and click on Custom Email Domain.
Alternatively, log into iCloud+ and click on the Custom Email Domain option (from here on the screens look about the same).
At the Get Your Custom Email Address screen, click “Use a Domain You Own”
At the Custom Email Domain screen, select whether the email is just for the account being used, or if others will use the email as well. It’s best to use the option for “You and Other People” as I don’t think this can be changed once the domain is setup (or at least I haven’t found a way) and you never know whether you’ll want someone else to have an address on a given domain as well. And no one wants to stop mail flow for their address once it’s being used.
At the “Enter the domain you want to use with iCloud Mail” modal, enter the domain (in this example we’ll use detectthoughts.com) and click Continue.
At the verification screen, click Add existing email addresses to add any that will be part of the initial configuration.
iCloud will lookup and auto-complete each.
Once the user is added, an address is configured. This can be tricky. If the domain doesn’t use email, just add people but not addresses as it will attempt to verify the addresses added. They can be added later. If it is in use, all users who have addresses added will have to accept the email sent by Apple before the domain can be activated.
Once an iCloud account is added, click Continue.
Provided existing addresses are added (if there are any), confirm to move to the next step.
The Apple servers will then look up the DNS. If they support an automated connection to do so, they will attempt to add the necessary DNS records to configure mailflow. Click “Yes, Connect” to proceed (or skip a couple screens to read what to do below if it doesn’t find a supported automated option).
Provided the records are created properly, you’ll then see a cute green checkmark.
Now, if it doesn’t work, there’s some troubleshooting to possibly do. One option is to remove any custom MX records that are keeping the Apple automation from completing its task. That includes TXT, CNAME, or MX records that occupy the namespace that Apple needs. Existing MX records could be moved to a 90 priority so the Apple additions with their 10 priority will work. Existing TXT records are fine, but Sender Policy Framework (or SPF for short) TXT records could cause the Apple scripts to fail so can be removed (although a temporary mailflow issue could be created if the TTL is shorter than how long it takes to resolve the DNS record population/fixing the problem. Same is true for the DKIM records Apple needs. Also, make sure you’re logged into the right account. In the above screen I know because each of my Google accounts uses a different icon. The modal should auto-select based on ownership of the domain but ymmv. The records should look like this if done properly (with Google Domains, at least):
Now, if the wizard doesn’t do all the things on your behalf, there may be manual DNS record creation to be done. The above records provide a bit of a roadmap for that, but more importantly, Apple has a page that lists the records to create at https://support.apple.com/en-us/HT212524. Once verified, there’s a prompt back in iCloud+ for the default email address.
Messages for addresses not specifically created are by default rejected. That can be disabled so all mail to the domain is delivered to an address by default, by clicking on the domain back in iCloud+ and then scrolling down to the “Allow All Incoming Messages” section and clicking on “Turn On Allow All” button.
Once the domain is setup, computers with each iCloud email address that a custom domain address is added to will be prompted to add the new address for use with Apple services (Facetime, mail, etc). Once added, a new message can be sent using the new address, as seen below and mail will flow to the domain.
Since the message headers can help troubleshoot issues, here’s the headers for a properly delivered message:
In general iCloud custom domain names are a good first forray into business email hosting by Apple. There are some things where the interface is too simple. It’s hard to make things simple and yet functional, and Apple is as good at doing so as anyone; however, hiding complexity to make pretty screens can get in the way of getting at more complicated features where there’s lots of clicking around to find them. When everything works as designed, there’s little need for that. Email hosting and DNS have so long been fraught with spam-peril that there’s regretably more complication than there needs to be. That’s not on Apple; it’s on the spammers. The wizard approach is rad when it works; takes less than 15 minutes to setup. I had another domain I tried that took two hours to perform the verification step because it was using a custom DNS server. And I’ve heard reports of those that took days to get working. There just aren’t raw logs to look at with these types of hosting scenarios, so the troubleshooting can be a tad bit cumbersome. If I find time, I’ll do another post on the email migration process, given that it’s automated for certain email providers.