![web: Moving from Google Workspace to iCloud Custom Email Domains using Apple Mail]({"aperture":"0","credit":"","camera":"","caption":"Photo by Ylanite Koppens on <a href="https://www.pexels.com/photo/letters-and-an-eyeglass-on-table-1809342/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"letters and an eyeglass on table","orientation":"0"})
OK, now that Google has been raising prices, I’m in the middle of moving accounts from the $6/month for 30GB of storage and email or $18/month for 2TB to iCloud Custom Domains.
iCloud allows each family to have up to five custom email domains and you get 2TB of storage across your whole family, so in the end, you can save quite a bit of money, here are the steps to go through to do this and it is tricky:
- First of all, just finding this feature is nearly impossible, you have to log in to the web portal at icloud.com, click on the many dots that are at the upper right next to your icon, and you should see a list of `iCloud+ Features` and there should be Custom Email Domain
- In the Custom Email Domain dialogue, you can actually buy a new domain (from Apple!) or use Add a domain you own, if you are moving (which is my case), type the domain in like richtong.com
- The next step is to Add existing email addresses, you need this if you already have users there. Note that you can add your family members or anyone else who already has an Apple account. This is kind of nice for a small business that just needs some email forwarding
- Once you do this, then choose verify and it will send an email to every person on that list, they need to look into their emails and click on verify.
- Only when everyone has done this can you now repoint people from your existing mail server to the iCloud ones
Move your Google Drive and GMail data to iCloud
The first thing to do is to back up your stuff from Google Mail to iCloud. The easiest way to do this is to just connect Mac Mail to your iCloud account and your Gmail account, then if you drag and drop all the mail from Gmail to iCloud it will copy it. You can also export the mail if you want, but this actually worked pretty well even for large folders with 156K messages (I know right!), it does take a day or two, but it seems pretty reliable.
The second trick is you need to move your Google Drive data from Google to iCloud, there are two cases:
- You have “real files” that you need to move. The easiest thing to do is to set up a Google Drive on your Mac and then sync all the folders.
- Then copy the real files from there to your iCloud Drive.
The final case is for Google Workspace files that are really just points, these there things like Google Slides, Docs, and Sheets. In this case, you need to share and then copy:
- Go to drive.google.com multi-select all the Google Suite files and then choose the Share button at the top.
- Select a personal Google account and then choose Share.
- Go to that Google account and then select all the new files, you can find them in the Shared to You section on the left. Then choose Copy and this will make a copy of them all so that when you delete your Google Workspace account you still have them.
- If you are really hardcore, you could export them all to Microsoft Office format and then you will have them, but they’ll lower fidelity, so the share and copy work well.
Moving from Google Mail with Namecheap and Netlify
OK, this is going to vary, but I’ve been using Namecheap to register domains (make sure to turn on auto-renew though, I’ve lost domains not being careful about this) and then point it to a free Netlify account that lets you have a vanity website and does the DNS serving for you for free:
- Assuming you already have Namecheap pointing to the Netlify domain servers, here is what you need to do
- The Google Mail servers require five MX records (if you signed up before April 2023) and just a single one otherwise.
- Go to Netlify and login click on domains at the left, then click on the domain you want to change. YOu should see a list of DNS records there, if you are using Google Workspace, you should see five MX records. These MX by the way means Mail Exchange and this tells servers that want to send you mail where to send it. The priority tells you which of the MX servers to try first. The lowest value is tried first. The name is what subdomain this is for. The @ sign means try it for all subdomains (its sort of like a wildcard).
| Record Type | Name | Priority | Value |
| MX | @ | 1 | aspmx.l.google.com |
| MX | @ | 5 | alt1.aspmx.l.google.com |
| MX | @ | 5 | alt2.aspmx.l.google.com |
| MX | @ | 10 | alt3.aspmx.l.google.com |
| MX | @ | 10 | alt4.aspmx.l.google.com |
So the point is that you have to delete these records and insert a set of new records for Apple. I actually normally just set these to higher priorities later so if Apple fails, you get fall back to Google (until you decide you don’t need Google at all after testing)
Now you need to enter the Apple records, for Netlify at least, there is the question of whether to use a period after the last entry in the value (formally this is required in DNS records but not when you are using URLs which is a little confusing). Some DNS servers can handle the final period and other can’t. Netlify does ok.
The second detail is that the SPF records have double quotes on the Apple site. I found that you have to remove these with Netlify. I think this is because there is a space in these records and some registrars expect a quoted string. Not Netlify, so here is what you need to enter. If you are wondering what these are, there are two MX records for the mail servers, then for server security the SPF and DKIM TXT records. Sender Policy Framework lists all servers send mail as you. The problem is that the MX records are available to the entire internet, so a bad actor can impersonate you and send mail as you through Google or Apple servers. This is bad, so the SPF record basically says only domain name “icloud.com” can be used to send mail
The DomainKey Identified Mail (DKIM) means that when you are sending mail, you sign it and then someone can’t impersonate your mail server and send mail. So the SPF prevents unauthorized use of mail servers from someone and the DKIM prevents hackers from impersonating the iCloud or Google mail servers, both are good things. If another mail server gets mail from you, it checks to make sure the sending server is valid. Note that the DKIM actually uses two records, the apple-domain will have a set of random characters that is the public key signature of their servers and then the CNAME tells other mail servers where to look for DKIM information
So here are the records to add:
| Record Type | Name | Priority | Value |
| MX | @ | 10 | mx01.mail.icloud.com. |
| MX | @ | 10 | mx02.mail.icloud.com. |
| TXT | @ | apple-domain=_this is a key so will vary_ | |
| TXT | @ | v=spf1 include:icloud.com ~all | |
| CNAME | sig1._domainkey | sig1.dkim.forgepointpartners.com.at.icloudmailadmin.com. |
Transfer Blocked: No SPF Records because of CNAME
Now that you have done this, you need to click Finish Setup in the icloud.com and have it checked. For two of our domains, this worked perfectly, but for one, we could not get the SPF record correct, it would just sit there and wait. There are others with this issue, so make sure to use the TXT record type and not the dedicated SPF records. The quote or no quote for the TXT SPF seems like one of the problems, but it works for two domains both hosted by Netlify but not the second so frustrating.
We finally figured this out by looking at a special site. Basically, dnschecker.org showed the correct SPF records, but when we used a specific spf-record.com the error was obvious. I had put a CNAME that said the site being changed was pointed to another site. This was so I didn’t have to do a redirect at a website. But this meant that the SPF record being used was from the target site. So removing this reference seemed to fix a few things.
Unfortunately, it takes time when these directions are fixed to see it appear in the dnschecker.org. An hour after I removed the CNAME, I still can’t see the SPF record
Best Email client for Custom Domains: Mac Mail and Smart Mailboxes, iOS Mail and Unread folder
One of the problems with this solution is that you will now have a mix of mail from different sources. The Mac Mail handles this super well. When you get a message from a custom domain and hit reply, it looks at the To line and uses the same client, so in effect, you get a unified inbox and you don’t have to worry where the notes came from.
The main drawback is that that I love Superhuman because it has a “done” feature so the mail disappears and also a snooze so you can see it later. Unfortunately, Superhuman doesn’t support the iCloud backend and Mac Mail doesn’t have a concept of done, just read and unread, there is now a snooze so a message pops back up. The other problem is the keystroke shortcuts are completely different. Still if you don’t have that much Mail, Mac Mail is free and it handles it well. The main trick is to move the “unread” as your top view and that is the equivalent of “done”.
The other semi feature here is remind me which just creates a new folder called remind me. YOu can’t quite use this as just your inbox, but it is closer.
So the first thing is to create a Smart Mailbox for each, you say Mailbox > New Smart Mailbox and select recipient contains and pick your custom email domain address, then that folder only has things for that customer domain. So you can filter easily, you have a universal inbox at the top and you can look at each set of mail below. Not great but it works. The main inconvenience is that if you have archived a message it still appears there.
Note that Mac Mail is different from iOS Mail. IOS has an unread folder that you can drag to the top, with Mac Macil this is handles by a filter which is at the upper right of the mail pane, when you select it you only see unread mail which you set with View > Filter > Unread, then marking it as read makes it disappear not quite as good as the three states, unread, read and done, but it works.
Spark is almost perfect…if reply was sticky to recipient
The solution is to use Spark which is a free client that handles this decently well, it uses nearly the same keyboard shortcuts as Superhuman (so I now use Superhuman for Gmail and Spark for iCloud). For instance, the e key means end and the mail disappears. It is not deleted and you can search for it, it is a state between read and unread, which is basically visibility.
The main issue is that when you see your iCloud mail it is a unified inbox with all your messages merged together, you can mark messages as coming from different TO lines, but there is no way to have a reply comes from that custom domain email address, so you are constantly toggling it around. Not the best
Note that you can alternatively set up iCloud email with the manual SMTP/IMAP configuration so you get separate emails boxes, but the problem is it duplicates, it doesn’t filter out just the mail from that source. You can use the find function, but this is not sticky. So you need to do it each time.
The SMTP/IMAP is kind of useful and it is not obvious how to use it, but you need to set you the username as your username on icloud.com without the @icloud.com and then you need to create an app-specific password, then for the imap, yo uenter imap.mail.me.com, port 993 and SSL security. And for SMTP, you enter smtp.mail.me.com server, 587 port and STARTTLS security.
![mac: OLCP stuck on boot after root patching and MBP 2014]({"aperture":"0","credit":"","camera":"","caption":"Photo by Anna Tarazevich on <a href="https://www.pexels.com/photo/resume-lettering-text-on-black-background-5598289/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"resume lettering text on black background","orientation":"0"})
![sec: Passkeys are everywhere how do I add to 1Password and Apple Keychain]({"aperture":"0","credit":"","camera":"","caption":"Photo by Oleksandr P on <a href="https://www.pexels.com/photo/person-with-keys-for-real-estate-7599735/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"person with keys for real estate","orientation":"0"})
![net: Argh Google Workspace Price increases keep coming]({"aperture":"0","credit":"","camera":"","caption":"Photo by ATBO on <a href="https://www.pexels.com/photo/black-padded-rolling-armchair-beside-desk-245219/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"black padded rolling armchair beside desk","orientation":"0"})
![av: MOONDROP littlewhite and Variations do rock]({"aperture":"0","credit":"","camera":"","caption":"Photo by Andrea Piacquadio on <a href="https://www.pexels.com/photo/woman-in-white-button-up-shirt-while-listening-to-music-3776839/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"woman in white button up shirt while listening to music","orientation":"0"})
![AV: Truly great Qudelix 5K with MOONDROP Variations Auto-eq (and Schitt Magni Soundsource shutoff)]({"aperture":"0","credit":"","camera":"","caption":"Photo by Shelagh Murphy on <a href="https://www.pexels.com/photo/grayscale-photo-of-people-raising-their-hands-1666816/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"grayscale photo of people raising their hands","orientation":"0"})
![tech: Synology NAS performance is 200 MBps and 500/700 IOPS good?]({"aperture":"0","credit":"","camera":"","caption":"Photo by Pixabay on <a href="https://www.pexels.com/photo/close-up-of-electric-lamp-against-black-background-248747/" rel="nofollow">Pexels.com</a>","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"close up of electric lamp against black background","orientation":"0"})
