Wednesday, March 2, 2022

iCloud+ Custom E-mail Domains

Dominic Lautner (via Hacker News):

So far, this is the first paid service I’ve encountered that doesn’t support a catch-all.


Even after you set up your domain for iCloud Mail, it’ll actively prevent any management actions you want to take if any of the records don’t match up with what it’s expecting — ie. ones you were asked to put in during the setup. If you want to add more addresses or set up a new account for the domain, you better be using iCloud’s MX records. This means no support for inbound email relays at any point — which is straight up ridiculous. The only saving grace for Apple is they will continue routing whatever addresses you did manage to set up before causing the unimaginable kerfuffle that is modifying a DNS record.


Notice how the user-friendly error message that appears in the UI instead of the errorMessage from the response payload does not provide you with a course of action to resolve the issue — in fact, I would argue it’s pointing you in the direction of it being a temporary issue on iCloud’s end.


From what I’ve managed to gather so far, it takes a year for an address previously used as an Apple ID to become available again — either as a iCloud Mail address or an address you can use for your Apple ID. Even if the address belonged to your account — making it that much more perplexing.


If you use email clients other than Apple Mail or the web-based iCloud Mail, you’ll need to log in to them using your Apple ID and an app-specific password, then set up your extra addresses that use custom domains as aliases to be able to send emails from them. Unfortunately, my email client of choice currently sets the Return-Path header of outbound emails to the sign-in address — resulting in leaking my Apple ID no matter which address I choose to send the email from.


11 Comments RSS · Twitter

I notice that iCloud Mail on the web is now much more useful on iOS than it ever was before. That's nice, but there's still no managesieve and the rules support is still crap.

But nah, iCloud custom domains is still far, far too limiting, in ways outlined in this article amongst others (no mention of the most obvious, namely three aliases max per mailbox). I really am about ready to go back to self-hosting, despite my reservations about using cable Internet and commodity hardware to make it available. Yes it's more work, and I'll miss iOS push email, but it's the only way to get the functionality I want for fully custom email addresses at my own domains that I can track and keep at anything approaching reasonable cost. I've scoped out Cyrus, used itself by Fastmail. If I work at it, I might be able to get APNS-based push too; you only need an old copy of macOS Server to generate the necessary push certificates, though it might not last if Apple pulls the interfaces for that. And, I can have control over the submission process, so I can rewrite outgoing mail to use the disposable addresses without mucking up my email client. And Card, Cal and WebDAV, too. It'll be lots of fun …

I just switched to FastMail a couple weeks ago. So far, it's amazing and worth the small monthly fee. No more need to self-host. Much better than anything Apple offers. Almost like Gmail, without the privacy invasion. The iPhone FastMail app is super fast and easy to use, but the service works great with every other email app I've connected it to. Really wish I had switched to this years ago.

I use hosted Exchange through Microsoft for my personal mail. It’s $5 a month and I can use my own domain. I’ve been quite happy with it. Exchange is just a nicer protocol when you can use it. For instance, you get real-time push notifications on iOS and it generally performs better than IMAP with big inboxes or operations involving moving lots of mail.

I previously used Google Apps for business for my email with my own domain. Overall hosted exchange seems to work a lot better with Apple apps compared to Google’s IMAP - push support and just less weirdness in general.

My only complaint is that Google has way better spam filtering. Microsoft’s filters are rigid—they can’t be trained by marking email as spam or not spam like Gmail can—and while you can set the confidence threshold, you generally have to choose between spam getting through or a lot of false positives (you can whitelist domains at least).

iCloud custom domains is not for the person who wants to fine-tune their email service or get low-level control, like many readers of this site.

If, like me, you’ve done it all (self-hosted, Google, Fastmail) and now just want something you can set-and-forget, it works well.

With iCloud + custom domains, my family -- each person has their own custom domain -- now only needs to log into their Apple ID to completely set up a new device.

There are no extra accounts that they have to know about and keep the credentials somewhere. No special setup or “app passwords”. No profile that configures Reminders and Notes using old Apple APIs that don’t support modern features in those apps (Fastmail does this). No configuration of a second CardDAV service resulting in multiple slightly different versions of contact info. No weird handling of spam folders that your family members have to understand (looking at you Fastmail - Etc.

If you are setting up email for *your family* and you subject them to these hassles because you want a wildcard address, or to use non-existent addresses in “From” headers, or a 3rd-party inbound email relay, or other esoteric things that only we (type of people who read this site) even understand, please consider the impact this will have on your family if you are suddenly not around one day. Will they be able to access their information? Will they even know how to access the special shared document you set up to explain it? iCloud Mail is not exciting or customizable at all, but it works reliably for certain use cases.

I've been a fastmail customer for years, and they've always been superb.

iCloud mail would never work for me, unfortunately.

@Ben G Yeah, really like the look of Fastmail, but the pricing is nuts. If you could purchase storage instead of mailboxes, I might reconsider, but as it is I just can't justify that pricing (you have to have "Standard" to use your own domain, at minimum). On the plus side it looks as though they've increased the number of aliases to 600 since I last looked, which is very generous and probably all I need just for myself.

@Gordon Yes, ActiveSync is the only other protocol Apple devices support for "push", too, besides Apple's proprietary "XAPPLEPUSHSERVICE" APNS-based hack. Unfortunately the implementations outside of Exchange itself range from very bad to mediocre, so if you want to use it, better get it straight from the horse's gob. I'll freely admit that it's a very powerful all-inclusive service though, and as a FLOSS advocate it pains me to see Exchange in preference to open standards just because it's so well integrated. IIRC CMU moved from Cyrus to Exchange, itself.

@Nate If it works for you, more power to your elbow! I fully get the simple joy of the "Apple way". I just hope they listen to their more advanced audiences, even if they have to tuck all the goodies away in some far-off management console nobody else visits. Who knows, it might actually be my preference someday again, but I do think they need to sort out their far-too-aggressive spam filtering.

Thanks @Sebby. I would be interested to hear about *current* problems with iCloud’s spam filtering.

In 2013, Infoworld’s Robert X. Cringely (remember that column?) reported that iCloud was silently deleting emails with a certain porn-related phrase. Ever since then, techies in the Mac world have evangelized that “you should never use iCloud email because they silently delete mail”. I heard John Siracusa saying this recently on ATP.

But that was almost 10 years ago. I haven’t heard of this problem recently and I don’t believe this problem is still current. I’ve sent test messages to myself using that phrase and they came through. Email providers fine-tune their spam rules every minute of every day. Since switching about 6 months ago I’m not aware of any email that I was expecting, that was deleted. Of course how would I know? But the same could be said about any email service. All email services silently delete *some* email.

What I have found is that iCloud has better spam filtering than Fastmail, and the “report spam” and “not spam” buttons in email clients do work. (They do not work with Fastmail -- Marco Arment on ATP said he set up his junk folder to be recognized as spam, but Fastmail explicitly recommends against that in their docs. You can only *manually* move things to the “learn spam”/“learn not spam” folders, which you have to manually configure for each user of your domain. Note that when something is in the “learn not spam” folder your user won’t be able to find it in the inbox. Fastmail processes this folder once a day so you can’t immediately move it back to the inbox either.)

@Anonymous iCloud mail used to silently delete all sorts of e-mails, including many non-spam ones that were not porn-related. I haven’t heard any customers complain about that in a while, so I’m not sure whether it’s still happening, or perhaps just to a lesser extent. It is not true that all e-mail services silently delete some messages.

My general impression is that iCloud’s spam filter is much more aggressive than FastMail’s. So it catches more spams but also incorrectly catches more good messages. Since there’s no way to turn off the iCloud junk filter, a lot of SpamSieve customers are now using it to help rescue good messages that iCloud moved to Junk.

@Anonymous iCloud routinely eats mail that comes through forwarding services or mailing lists, especially if they have links. Every other week the Debian listmaster writes in to let me know that I have lost one or two messages from a list that I am on. It's quite annoying. It's clearly not enough to be a problem for many people, but it's noticeable.

All email services silently delete some email.

Like Michael, I would disagree with this assertion.

I don’t particularly object to how aggressive iCloud’s filter is (I can’t vouch for that either way, although obviously, the best spam filter miraculously filters everything that is in fact junk, and doesn’t touch anything else), but silently filtering seems troubling.

For invalid e-mail (e.g., attachments that are larger than acceptable), I would at least want either the sender or recipient to get some form of system message. Not very user-friendly, but at least actionable. I’ve recently had a client who would silently not receive some of my e-mails, and we only found out through accident (namely, a phone call about an unrelated subject). They had no idea I had sent them something. That was quite annoying. What other messages have random customers of mine never received, and neither I nor them know? What messages from customers have I not received? (Their IT department claims nothing ever arrived.)

They've added in a UI in the latest iOS RC for managing your custom domain settings.

I hope it's the beginning and not the end.

Leave a Comment