6 Replies
      Latest reply on Jan 14, 2020 12:56 PM by robert_onx
      prasanth_redotter Level 1 Level 1 (0 points)



        We are using "Sign in with Apple" to onboard users to our system. We need to send instructions to the user using the email provided at signup. We use Mandrill in the backend to send emails.  I have configured the sender email in "Individual Email Addresses" under "Certificates, Identifiers & Profiles" in developer account (& it shows a green check mark). The emails sent to private relay addresses (e.g. xxxxxprm23@privaterelay.appleid.com) bounces.


        I have verified another email using gmail & it works fine.


        Am I missing some settings?



        -------------Bounce message from Mandrill-----------------------------------

        Received: from mail178-28.suw51.mandrillapp.com (unknown [])

        by relay-3.us-west-2.relay-prod (Postfix) with ESMTPS id C5BCA20EF5

        for <bounce-md_31096458.5d52843d.v1-61f4bb207bb443e7a3d9e4482eb7beb3@mandrillapp.com>; Tue, 13 Aug 2019 09:34:54 +0000 (UTC)

        Date: Tue, 13 Aug 2019 09:34:54 +0000

        From: postmaster@mail178-28.suw51.mandrillapp.com

        Subject: Delivery report

        To: bounce-md_31096458.5d52843d.v1-61f4bb207bb443e7a3d9e4482eb7beb3@mandrillapp.com

        MIME-Version: 1.0

        Content-Type: multipart/report; report-type=delivery-status;







        Content-Type: text/plain



        Hello, this is the mail server on mail178-28.suw51.mandrillapp.com.



        I am sending you this message to inform you on the delivery status of a

        message you previously sent.  Immediately below you will find a list of

        the affected recipients;  also attached is a Delivery Status Notification

        (DSN) report in standard format, as well as the headers of the original




          <xxxxxprm23@privaterelay.appleid.com>  delivery failed; will not continue trying




        Content-Type: message/delivery-status



        Reporting-MTA: dns;mail178-28.suw51.mandrillapp.com

        X-PowerMTA-VirtualMTA: mail178-28.suw51.mandrillapp.com

        Received-From-MTA: dns;pmta05.mandrill.prod.suw01.rsglab.com (

        Arrival-Date: Tue, 13 Aug 2019 09:34:53 +0000



        Final-Recipient: rfc822;xxxxxprm23@privaterelay.appleid.com

        Action: failed

        Status: 5.1.1 (bad destination mailbox address)

        Remote-MTA: dns;smtp4.privaterelay.appleid.com (

        Diagnostic-Code: smtp;550 5.1.1 bad mailbox name

        X-PowerMTA-BounceCategory: bad-mailbox




        Content-Type: text/rfc822-headers



        DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=mandrill; d=oya.world;

        h=From:Subject:List-Unsubscribe:To:Message-Id:Date:MIME-Version:Content-Type; i=welcome@oya.world;





        Received: from pmta05.mandrill.prod.suw01.rsglab.com ( by mail178-28.suw51.mandrillapp.com id haa23s22s10h for <xxxxxprm23@privaterelay.appleid.com>; Tue, 13 Aug 2019 09:34:53 +0000 (envelope-from <bounce-md_31096458.5d52843d.v1-61f4bb207bb443e7a3d9e4482eb7beb3@mandrillapp.com>)

        DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mandrillapp.com;

        i=@mandrillapp.com; q=dns/txt; s=mandrill; t=1565688893; h=From :

        Subject : List-Unsubscribe : To : Message-Id : Date : MIME-Version :

        Content-Type : From : Subject : Date : X-Mandrill-User :

        List-Unsubscribe; bh=Ops6f/AgWvI27tyFlbRhsYYWTqOPpMm/99FtJ/vbAkU=;




        From: "[TEST] OYA" <welcome@oya.world>

        Subject: [TEST] Download OYA Data-only eSIM using this QR code

        Return-Path: <bounce-md_31096458.5d52843d.v1-61f4bb207bb443e7a3d9e4482eb7beb3@mandrillapp.com>

        List-Unsubscribe: <mailto:unsubscribe-md_31096458.5d52843d.v1-61f4bb207bb443e7a3d9e4482eb7beb3@mailin1.us2.mcsv.net?subject=unsub>

        To: <xxxxxprm23@privaterelay.appleid.com>

        X-Report-Abuse: Please forward a copy of this message, including all headers, to abuse@mandrill.com

        X-Report-Abuse: You can also report abuse here: http://mandrillapp.com/contact/abuse?id=31096458.61f4bb207bb443e7a3d9e4482eb7beb3

        X-Mandrill-User: md_31096458

        Message-Id: <31096458.20190813093453.5d52843d50edc9.32051422@mail178-28.suw51.mandrillapp.com>

        Date: Tue, 13 Aug 2019 09:34:53 +0000

        MIME-Version: 1.0

        Content-Type: multipart/alternative; boundary="_av-aFtqyPtvVIKqh7D4k70iuw"




        • Re: Emails to privaterelay.appleid.com bouncing
          qianyb Level 1 Level 1 (0 points)

          I've had similar problems, and I haven't received an effective response from Apple. Have you solved it?

          • Re: Emails to privaterelay.appleid.com bouncing
            lnb Apple Staff Apple Staff (30 points)



            Thank you for this report.


            It's important to understand that the email address given to the developer (you), in this case:  xxxxxprm23@privaterelay.appleid.com

            may only be used from the email domains (with SPF records) or full email addresses registered in the Developer Portal.  It is not currently possible for you as a developer to hand that email address to a third-party and expect to be able to route through the privaterelay.appleid.com MTAs.  Unfortunately, it's also not possible to register any third-party domain such as mandrillapp.com as one of your email source domains.


            At this time, mail API services that send email from their own MTAs on behalf of their developer customers do not work through privaterelay.appleid.com.  The only available workaround currently is to setup your own MTA and emit mail from one of your registered domains.


            We are aware of this issue and are working on a solution that would allow developers to use these mail API services.


            Stay tuned...

              • Re: Emails to privaterelay.appleid.com bouncing
                prasanth_redotter Level 1 Level 1 (0 points)



                Thanks for the answer.


                Bit more explanation about our setup:


                We have registered our own doamin (e.g  oya.world). We have configured "Mandrill" as our email sending server using the SPF records in our domain. The SPF entry in "oya.world" is  "v=spf1 include:spf.mandrillapp.com ?all",  which clearly says to expect emails from the IP addresses listed in the SPF record for "spf.mandrillapp.com



                1) https://mandrill.zendesk.com/hc/en-us/articles/205582267-About-SPF-and-DKIM

                2) https://www.dmarcanalyzer.com/spf/spf-record/

                • Re: Emails to privaterelay.appleid.com bouncing
                  Zvika88 Level 1 Level 1 (0 points)

                  We have a similar issue (configured DNS to use mailgun), but because we cannot authenticate a mailgun server with Apple, we trued instead to register complete specific email address under the "Individual Email Addresses" setting.


                  That setting does not seem to work either.


                  I registered my own gmail address, as well as emails from few other providers, and NONE of them can deliver to the relayed email. Yahoo, Gmail, Zoho - every individual email address I tried is getting blocked.


                  Is the "Individual Email Addresses" option - not functional?


                  We have completed the "sign in by aple id" feature, for all platforms: web, mobile safari, and native ios. Yet without the email relay feature working we cannot release it.


                  Apple, please advise the status of that. Either configuration with Mailgun for all emails coming from a custom subdomain on a mailgun server (i.e. "mg.xxxxxxx.com") OR using the  "Individual Email Addresses" which seems not to be working at all.


                  Thank you,


                  • Re: Emails to privaterelay.appleid.com bouncing
                    robert_onx Level 1 Level 1 (0 points)

                    Any update on this?


                    I too cannot get the individual email address list to work either.