# Sending to Apple Private Relay

> Reliably deliver to @privaterelay.appleid.com (Sign in with Apple's Hide My Email). Register your sending domains — including MailBlastr's return-path subdomain — and from-addresses in the Apple Developer Portal, and authenticate with SPF and DKIM.

If your app supports **Sign in with Apple**, users can choose **Hide My Email**. Apple then assigns each user a unique, randomly generated address under `@privaterelay.appleid.com` and forwards mail from it to their real inbox. Apple will only relay mail from senders it recognizes — so a few configuration steps are required, or your messages bounce.

> **Note:** Apple offers **two** Hide My Email services: one through Sign in with Apple, and one through iCloud+. This guide covers **Sign in with Apple**, which generates a unique address for account creation and login. Configure it in the Apple Developer Portal under **Certificates, Identifiers & Profiles → More → Sign in with Apple for Email Communication → Configure**.

## Register your sending domains

Apple requires you to list every domain you send from. If your **return-path** (envelope) domain differs from your visible sending domain, you must register that too.

> **Warning:** With MailBlastr the return-path runs through a **subdomain**, so it differs from your visible `From` domain. Find it in your Domain settings — it's formatted as `send.yourdomain.tld` (or `send.yoursubdomain.yourdomain.tld`) for the MX and SPF records. Register **both** your primary domain and this `send.` subdomain as Apple email sources, or relay mail will bounce.

## Register your email addresses

Alongside your sending domains, Apple requires registration of every from-address you use to send from those domains. Add them one by one or as a comma-separated list. If you also send to Private Relay from sources other than MailBlastr, include those addresses as well.

## Authenticate your sending domains

Apple requires SPF and DKIM. Because MailBlastr **mandates SPF and DKIM** for every domain that sends through it, a domain that is **Verified** in MailBlastr already meets Apple's authentication requirement. See [DNS records](https://www.mailblastr.com/docs/domains/dns).

## Still seeing bounces from @privaterelay.appleid.com?

Relay bounces don't always carry a detailed reason. The common causes are:

- The user **deleted** their Hide My Email address in Apple settings.
- The user **exceeded the daily limit** of 100 emails to/from their Hide My Email address.
- A **misconfiguration** — double-check that every sending domain (including the `send.` return-path subdomain) and every from-address is registered and authenticated with Apple.

> **Note:** Apple lets the account owner and admins in the Apple Developer Portal opt in to **notifications when relay delivery fails** — enable that to catch problems early. For more, see Apple's docs on [configuring the Private Email Relay service](https://developer.apple.com/help/account/configure-app-capabilities/configure-private-email-relay-service/) and [communicating using the Private Email Relay service](https://developer.apple.com/documentation/signinwithapple/communicating-using-the-private-email-relay-service/).
