[miken123]

I would say another main issue is that while they ask you to setup DKIM records, they do not actually DKIM-sign your emails. Hence your mails may be more easily flagged as spam. Several people have reported this to Apple, but AFAIK it still hasn’t been fixed.

[bredren]

This sounds bad, does it have practical implications? Have people switched to apple hosted custom domains for email and suffered deliverability problems?

[domlaut]

I personally haven't noticed deliverability issues. It'd still be nice to have the messages signed without having to use the web-based iCloud Mail.

[marban]

I've read on Macrumors that some folks draft their emails on Desktop/Phone and then send them via Web as a workaround. Seriously?

[domlaut]

You're right -- this is something I missed mentioning. As of right now, it's still only the web-based iCloud Mail that makes use of DKIM. Using any other client/app will deliver your emails unsigned.

Would you mind if I updated the article crediting you for the DKIM addendum?

[miken123]

I believe the webinterface signs with the icloud.com domain and not your own.

Happy for you to update the article, no need for credits.

[slimeboty]

Does the desktop mail app count as iCloud mail?

[domlaut]

Unfortunately not, DKIM doesn't work on either Apple's desktop or iOS/iPadOS Mail.app (aka. Apple Mail). OTOH, at least they set the correct Return-Path unlike some others that leak your Apple ID through the header instead.