Emails to bouncing


We are using "Sign in with Apple" to onboard users to our system. We need to send instructions to the user using the email provided at signup. We use Mandrill in the backend to send emails. I have configured the sender email in "Individual Email Addresses" under "Certificates, Identifiers & Profiles" in developer account (& it shows a green check mark). The emails sent to private relay addresses (e.g. bounces.

I have verified another email using gmail & it works fine.

Am I missing some settings?

-------------Bounce message from Mandrill-----------------------------------

Received: from (unknown [])

by (Postfix) with ESMTPS id C5BCA20EF5

for <>; Tue, 13 Aug 2019 09:34:54 +0000 (UTC)

Date: Tue, 13 Aug 2019 09:34:54 +0000


Subject: Delivery report


MIME-Version: 1.0

Content-Type: multipart/report; report-type=delivery-status;


Content-Type: text/plain

Hello, this is the mail server on

I am sending you this message to inform you on the delivery status of a

message you previously sent. Immediately below you will find a list of

the affected recipients; also attached is a Delivery Status Notification

(DSN) report in standard format, as well as the headers of the original


<> delivery failed; will not continue trying

Content-Type: message/delivery-status

Reporting-MTA: dns;


Received-From-MTA: dns; (

Arrival-Date: Tue, 13 Aug 2019 09:34:53 +0000

Final-Recipient: rfc822;

Action: failed

Status: 5.1.1 (bad destination mailbox address)

Remote-MTA: dns; (

Diagnostic-Code: smtp;550 5.1.1 bad mailbox name

X-PowerMTA-BounceCategory: bad-mailbox

Content-Type: text/rfc822-headers

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=mandrill;;






Received: from ( by id haa23s22s10h for <>; Tue, 13 Aug 2019 09:34:53 +0000 (envelope-from <>)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;;; q=dns/txt; s=mandrill; t=1565688893; h=From :

Subject : List-Unsubscribe : To : Message-Id : Date : MIME-Version :

Content-Type : From : Subject : Date : X-Mandrill-User :

List-Unsubscribe; bh=Ops6f/AgWvI27tyFlbRhsYYWTqOPpMm/99FtJ/vbAkU=;




From: "[TEST] OYA" <>

Subject: [TEST] Download OYA Data-only eSIM using this QR code

Return-Path: <>

List-Unsubscribe: <>

To: <>

X-Report-Abuse: Please forward a copy of this message, including all headers, to

X-Report-Abuse: You can also report abuse here:

X-Mandrill-User: md_31096458

Message-Id: <>

Date: Tue, 13 Aug 2019 09:34:53 +0000

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="_av-aFtqyPtvVIKqh7D4k70iuw"


I've had similar problems, and I haven't received an effective response from Apple. Have you solved it?

No, waiting for a reply from Apple.


Thank you for this report.

It's important to understand that the email address given to the developer (you), in this case:

may only be used from the email domains (with SPF records) or full email addresses registered in the Developer Portal. It is not currently possible for you as a developer to hand that email address to a third-party and expect to be able to route through the MTAs. Unfortunately, it's also not possible to register any third-party domain such as as one of your email source domains.

At this time, mail API services that send email from their own MTAs on behalf of their developer customers do not work through The only available workaround currently is to setup your own MTA and emit mail from one of your registered domains.

We are aware of this issue and are working on a solution that would allow developers to use these mail API services.

Stay tuned...


Thanks for the answer.

Bit more explanation about our setup:

We have registered our own doamin (e.g We have configured "Mandrill" as our email sending server using the SPF records in our domain. The SPF entry in "" is "

v=spf1 ?all
", which clearly says to expect emails from the IP addresses listed in the SPF record for "




We have a similar issue (configured DNS to use mailgun), but because we cannot authenticate a mailgun server with Apple, we trued instead to register complete specific email address under the "Individual Email Addresses" setting.

That setting does not seem to work either.

I registered my own gmail address, as well as emails from few other providers, and NONE of them can deliver to the relayed email. Yahoo, Gmail, Zoho - every individual email address I tried is getting blocked.

Is the "Individual Email Addresses" option - not functional?

We have completed the "sign in by aple id" feature, for all platforms: web, mobile safari, and native ios. Yet without the email relay feature working we cannot release it.

Apple, please advise the status of that. Either configuration with Mailgun for all emails coming from a custom subdomain on a mailgun server (i.e. "") OR using the "Individual Email Addresses" which seems not to be working at all.

Thank you,


Any update on this?

I too cannot get the individual email address list to work either.

Hi, we are facing the exact issue, with Mailgun and Zoho in the picture. Can you shed some light on how you worked around this?

We have also the same issue with mailgun.


Given that the deadline for implementing Sign in with Apple is approaching, it would be good to know if and how this issue could be fixed.

Does anyone have any update on this?

And does anyone know if it applies to emails sent through Zendesk for support? where the domain would be;


Kind regards

  1. Head to "Certificates, Identifiers & Profiles" section at

  2. Click "More" in the left sidebar, then "Continue".

  3. Click "Email resources +" and add your domain and email.

trying to sign up