Email addresses with the privaterelay.appleid.com domain are automatically generated through the “Hide My Email” option that Apple users can select when signing in to apps or websites via “Sign in with Apple.”
This option allows users to register for a service while keeping their personal email address - typically with an icloud.com, mac.com, or me.com domain. Instead, app developers receive a unique, dedicated forwarding email address on the privaterelay.appleid.com domain.
The scenario works as follows:
I am an Apple user and my email address is xyz@icloud.com
I download an app from the App Store and want to register
I choose “Sign in with Apple”, then “Hide My Email”, because I do not want to share my private address xyz@icloud.com
The “Hide My Email” option generates aahxyi2wyu@privaterelay.appleid.com, a unique and random address associated with my real address xyz@icloud.com.
When the app needs to send me email notifications, they are sent to aahxyi2wyu@privaterelay.appleid.com and then forwarded to xyz@icloud.com.
Why do hard bounces occur?
Email addresses under the privaterelay.appleid.com domain only accept emails from senders registered in the app’s Apple Developer account.
Emails sent from non-registered senders are rejected and result in bounces.
What should you do to correctly send emails from magnews to privaterelay.appleid.com contacts?
Your app developers must log in to the Apple Developer account and add the magnews return-path domain. You can find more details on how to do this here.
The shared magnews return-path domains are:
mn1.m.magnews.net
mn1.email.magnews.net
mn1.e.magnews.net
mn1.tr.magnews.net
If you have configured a custom technical sender domain aligned with your branded sender domain, you should instead add that domain to the Apple Developer account.
What if you don’t have an app or an Apple Developer account?
If you do not have an app on the App Store or an Apple Developer account, privaterelay.appleid.com email addresses should not be present in your contact database.
If the email addresses were collected through an app managed by a third party, you will need to ask that third party to register the appropriate return-path domains in the relevant Apple Developer account.