[daniel_iversen]

Could it be that they're trying to make sure that any old online accounts on the old email address isn't able to be hijacked? In most tech workplaces when you leave, your email address is being put in a holding place and not reused - i.e. I never got daniel@ as an email address in any of my companies because there was always a Daniel before me, and once they leave they don't want me to reuse the address because I could reset the password for any of their accounts that had used that email address.. Less likely scenario in families but you could still imagine some family conflicts or falling outs and then someone goes and does bad stuff with accounts? Just a thought.

[domlaut]

It's a reasonable policy for Apple-owned Apple IDs on their public domains (@icloud.com, @mac.com, @me.com), but I don't see how it makes sense for privately owned domains you're already in control of the DNS for. You could use any other mail provider or routing service and get access to any emails that way -- then do a password for any other service where the address used was on the domain you were in control of.

[daniel_iversen]

True, I just think apple doesn’t want to be the cause/enabler of these kinds of things.