Apple to Unify Private Mail Domains for Sign In

private.icloud.com domain – Apple says new Sign in with Apple and iCloud+ Hide My Email relay addresses will use the same domain, private.icloud.com. The switch is expected later this summer and should be invisible for users, but developers, corporate networks, and email providers may ne

Apple is making a change that most people will never notice—until their systems do.

Starting soon, new relay email addresses used for Sign in with Apple and iCloud+ Hide My Email will share the same domain: private.icloud.com. Apple announced the update on Monday, saying it is expected to roll out later this summer.

For users, Apple’s message is reassuring: addresses created under the older setup won’t be cut off. “Existing addresses on the legacy domains will continue to work and forward mail to users without interruption,” Apple says. In other words, accounts made earlier should keep receiving messages even after the new domain begins routing masked mail.

Behind the scenes, though, the change matters. When email relays move to a new domain, the plumbing has to keep up—validation rules, allowlists, and filtering systems that decide what is safe to deliver and what should be treated like spam.

For developers and corporate IT teams, Apple is essentially asking for a quick review. App and web developers are being advised to check their account systems. email validation logic. and allowlists so they explicitly permit incoming mail from the new private.icloud.com domain while still supporting the legacy domains. Corporate network administrators and the software that sits in front of email—every layer that routes or scores incoming messages—may need similar adjustments so relayed addresses don’t get caught in the wrong category.

Email service providers face their own version of the same problem. Apple says email providers will need to update domain-based filtering, routing rules, and suppression lists. The goal is straightforward: stop the new private.icloud.com addresses from being accidentally marked as spam.

The reason is built into how both features work. Sign in with Apple and Hide My Email were designed to reduce exposure to spam and protect identities by masking real email addresses behind Apple-generated relays. Hide My Email, part of iCloud+, uses random addresses that forward messages to a user’s inbox. Sign in with Apple offers a similar privacy layer when people sign up for apps and websites.

By placing both under a single domain, Apple is standardizing part of its privacy infrastructure—an approach that can make long-term maintenance and compatibility simpler across its services.

This update also lands in the middle of a broader privacy push. It comes shortly after Apple’s WWDC 2026 keynote. where Apple leaned heavily into Apple Intelligence and deeper system integration across its ecosystem. Among the announcements from that keynote were a rebuilt Siri powered by Apple Intelligence. expanded parental controls. smarter Safari features. and updates to iCloud. Maps. and Find My. Apple said its AI architecture is designed to run both on-device and through Private Cloud Compute while keeping user data private.

The domain change for masked email is smaller than the headline-grabbing AI announcements—but it touches a different kind of trust. It’s privacy that still has to pass through real-world systems: servers. filters. and rules that often aren’t written with relay domains in mind. Apple’s plan keeps the user side stable. The work, now, shifts to everyone whose infrastructure decides whether that masked mail gets through.

Apple Sign in with Apple Hide My Email iCloud+ private.icloud.com email relays email validation allowlists spam filtering corporate networks developers WWDC 2026 Apple Intelligence Private Cloud Compute