How to set up iCloud Custom Domain on a Google domain using Netilify's DNS

Support
,
1

Well, I bought a domain from Google domains in 2021 and set it up to use Netilify’s DNS in order to deploy my website to Netilify and access it through that domain (casarin.dev). Everything has been working fine until now.

I just acquired iCloud+ service, which offers the custom mail domains and wanted to set it up with that same domain mentioned before.

In order to make it work, I have to set the following DNS records:

Type: MX
Host: @
Value: mx01.mail.icloud.com.
Priority: 10

Type: MX
Host: @
Value: mx02.mail.icloud.com.
Priority: 10

Type: TXT
Host: @
Value: apple-domain=rVx3CRDBlVYpwgSq

Type: TXT
Host: @
Value: "v=spf1 include:icloud.com ~all"

Type: CNAME
Host: sig1._domainkey
Value: sig1.dkim.casarin.dev.at.icloudmailadmin.com.

I did that 2 days ago and I still get SPF issues, that’s when I realized one thing: Apple asks to the CNAME host to be exactly sig1._domainkey , but netilify automatically adds casarin.dev to the end of the CNAME name, becoming like sig1._domainkey.casarin.dev .

Here is a screenshot of my DNS records in Netilify:

image
image1920×981 64.7 KB

This is obviously a problem for those who want to setup iCloud custom domain using Netilify DNS manager. How can I fix that here? I really would like to use the iCloud custom domain feature with this same domain.
If I can use Google’s DNS instead of Netilify, so I can manage the apple DNS records there and still access my website using that domain, it would be cool too.

What are the options here?

2

You’ll need to remove the quotes (") from the record.

3

Hi, @joaocasarin.

About this:

That is not correct because doing so is impossible. When you make a DNS record for a domain, the apex domain is always concatenated to (added to the end of) that record.

If the apex domain is example.com and making a DNS record for sig1._domainkey, that will always make a DNS record for sig1._domainkey.example.com. There simply is no way to make a DNS record for just sig1._domainkey (unless you were to control _domainkey as a top-level domain which no one does).

You are not alone in having questions about this. For example:

You can use another DNS service and not use Netlify DNS if you prefer. However, I can tell you with 100% certainty that Google’s DNS will also concatenate the apex domain to the sig1._domainkey CNAME record because that is how all DNS services function.

If you want to use third-party DNS, the instructions are here:

Note, you will have to revert back to the registrar’s DNS service in order for that to work.

If there are other questions about this, please let us know.

1 Like