Apple iCloud Mail sticks to standard SMTP error codes — there are no proprietary bracket identifiers to decode. What makes iCloud tricky for senders is Apple's strict spam filters, its greylisting behaviour, and especially Hide My Email: a privacy feature that lets users sign up with a disposable relay address, then silently cut off forwarding whenever they like.
Provider
Apple iCloud Mail / @icloud.com / @me.com / @mac.com
MX Hostname Pattern
*.mail.icloud.com
Hide My Email Relay Domain
privaterelay.appleid.com
How to Identify an Apple iCloud Bounce
iCloud bounce NDRs arrive from [email protected] or [email protected]. The Remote-MTA will contain mail.icloud.com. Apple uses standard SMTP codes — there are no proprietary bracket codes in the outer response, though the human-readable text is distinctive.
Remote-MTA: dns; mx01.mail.icloud.com
Diagnostic-Code: smtp; 550 5.7.1
Relay not permitted for user.
The privaterelay.appleid.com domain in the recipient address is the telltale sign of a Hide My Email relay address.
iCloud Mail Error Codes
The most common SMTP errors returned by Apple iCloud Mail servers.
🔴550 5.1.1CRITICAL
User Not Found
The iCloud mailbox does not exist. The address may contain a typo or the account has been closed. Remove from your list immediately.
550 5.1.1 The email account that you tried to reach does not exist.
🔴550 5.7.1CRITICAL
Rejected by Spam Filter
Apple's content or reputation filter has blocked your message. Check your SPF, DKIM, and DMARC records, and review your email content for spam signals.
550 5.7.1 Message rejected due to local policy.
🔴550 5.7.1CRITICAL
Hide My Email — Relay Rejected
Apple's Hide My Email service generates a random relay address (e.g. [email protected]). If the relay is disabled or the user has revoked access for your app/domain, Apple returns 550 5.7.1.
iCloud uses greylisting to filter bots. Your mail server will retry automatically and the second attempt typically succeeds within 5–15 minutes.
421 4.7.1 Service temporarily unavailable — try again later.
🔴550 5.2.1
Mailbox Disabled
The iCloud account exists but is currently disabled or suspended. The user may have deactivated their Apple ID or iCloud storage has lapsed.
550 5.2.1 The email account that you tried to reach is disabled.
Apple Hide My Email — What Senders Need to Know
Apple's Hide My Email feature (available to iCloud+ subscribers) lets users sign up for services using a randomly generated relay address like [email protected]. Emails sent to this address are forwarded to the user's real iCloud inbox — until they disable it.
When a user disables a Hide My Email address, Apple stops forwarding and your sends will bounce with 550 5.7.1 Relay not permitted. This is functionally identical to a user permanently unsubscribing — remove the address from your list immediately.
How to register your domain with Apple
Apple requires bulk senders to register their sending domain in order to deliver to Hide My Email addresses. Unregistered domains may see higher rejection rates.
Why does Apple return 550 5.7.1 for a real subscriber?
+
This is one of the more frustrating iCloud situations. The two most likely culprits are: the user signed up with a Hide My Email relay address and has since disabled it (in which case the bounce is Apple's polite way of saying "they've opted out"), or Apple's spam filter has flagged your sending IP or domain. Start by checking your SPF, DKIM, and DMARC — if those are clean, run your sending IP through a Blacklist Checker.
What are the @me.com and @mac.com domains?
+
@me.com and @mac.com are Apple's older email domains, left over from MobileMe and .Mac — two services Apple ran before iCloud existed. Apple rolled everything into iCloud, so all three domains (@icloud.com, @me.com, @mac.com) land in the same inbox and produce the same bounce codes. If you have subscribers using any of these older addresses, they behave identically.
Does Apple support DMARC enforcement?
+
Yes. Apple enforces DMARC for mail arriving in iCloud inboxes. If your sending domain has a p=reject or p=quarantine policy and your messages fail DMARC alignment, Apple will act on it. Apple also protects its own domains with a p=reject DMARC record, which is why you cannot send mail that appears to come from an apple.com address.
How do I get my IP unblocked by iCloud?
+
Apple does not have a self-service sender portal like Google's Postmaster Tools or Microsoft's Delist Portal, which makes this trickier than it should be. Your best option is to contact Apple Postmaster directly at postmaster.info.apple.com. Have your sending IP, domain, and a brief description of your mail programme ready — the more context you give them, the faster the review tends to go.
We use analytics cookies to understand which tools are most helpful and improve the service. No domain names you check are ever shared with analytics providers.
Privacy policy