How to Use Apple Hide My Email and Mail Privacy Protection

Two Apple Tools That Attack Spam From Opposite Ends

Most anti-spam advice treats the inbox as the battlefield, but by the time a message lands there the damage is already done: your real address is on a list, and the sender likely knows the moment you open the email. Apple ships two features that move the fight upstream, and they solve different halves of the problem. Hide My Email stops your real address from ever reaching the sender in the first place, and Mail Privacy Protection stops the sender from learning what you do with the message once it arrives. Used together they cut off both the address leak and the surveillance that follows it, which is why it is worth setting up both rather than picking one.

The address-leak half is the one the FTC's guidance on reducing spam puts first: it recommends using an email mask or a secondary address whenever a site asks for your email, precisely so a breach or a list sale never exposes the account you actually read mail in. Hide My Email is Apple's built-in version of that mask. Instead of typing your personal address into a signup form, you generate a unique random address like abc123@icloud.com that forwards to your real inbox — and if that address ever starts attracting spam, you deactivate it and the spam stops at the door, with your real address never having been in play.

The surveillance half is what Mail Privacy Protection covers. As the EFF explains in its guide to protecting yourself from email tracking, marketers embed a tiny invisible image — a tracking pixel — hosted on a remote server; when your mail app loads that image it quietly reports back that you opened the message, along with your IP address and rough location. That "open" signal is what tells a spammer your address is live and worth mailing again. Mail Privacy Protection breaks the signal by routing remote content through Apple's proxy and preloading it in bulk, so senders cannot tell whether or when you actually read anything.

Setting up both tools: step by step

  1. Confirm you have iCloud+. Hide My Email is an iCloud+ feature, so you need a paid iCloud plan (any tier) or an Apple One bundle — the free 5 GB tier does not include it. Apple's Hide My Email setup guide confirms the requirement and notes the feature also works for anyone in your Family Sharing group who has iCloud+. Mail Privacy Protection, by contrast, is free and needs no subscription.

  2. Create a Hide My Email address. On iPhone or iPad, open Settings, tap your name at the top, then iCloud → Hide My Email → Create New Address. Apple's walkthrough for creating and managing addresses shows how to label each one so you remember which site it belongs to — a habit worth forming, because the label is how you later identify which sender to cut off. On a Mac the same controls live in System Settings under your name → iCloud → Hide My Email.

  3. Use it at the point of signup. The smoother path is to let it appear automatically: in Safari, tap any email field on a signup form and iOS offers "Hide My Email" above the keyboard, generating a fresh address for that specific site. Any app or site that offers Sign in with Apple can do the same. Generating a distinct address per service is the whole point — it means a leak at one site can never be linked back to your accounts elsewhere.

  4. Turn on Mail Privacy Protection. On iPhone or iPad, go to Settings → Apps → Mail → Privacy Protection, then switch on Protect Mail Activity, per Apple's Mail Privacy Protection instructions. That single toggle both hides your IP address and loads remote content privately. On a Mac, the equivalent lives in the Mail app under Mail → Settings → Privacy → Protect Mail Activity.

  5. Rotate and retire addresses over time. When one of your masked addresses starts pulling spam, open Hide My Email, find it by its label, and deactivate it — forwarding stops immediately. This is the payoff that a plain secondary Gmail account cannot match: you are not stuck reading spam sent to a shared alias, you simply burn the one address that leaked and move on.

What each tool does — and does not — do

Set expectations correctly so you do not over-trust either feature. Hide My Email is a forwarding mask, not a separate inbox: messages sent to a masked address still arrive in your normal mail, so it hides your identity from senders but does not filter or block anything on its own. It also lives behind the iCloud+ paywall, which rules it out if you are unwilling to pay for iCloud. And because it depends on Apple's forwarding, it is best for signups and newsletters rather than for correspondence you might need to keep if you ever leave the Apple ecosystem.

One detail that reassures people once they understand it: replying from a masked address keeps the mask. If a newsletter or a store emails your Hide My Email address and you answer it, Apple sends your reply from the random address, not your real one, so a two-way conversation never leaks the account behind the mask. That makes the feature usable for order confirmations and support threads, not just fire-and-forget signups — the sender only ever sees the disposable address, even across a back-and-forth. It is still worth deactivating any address the moment its usefulness ends, because a live forwarding address is only as private as the label you gave it and the list it might be sold onto.

Mail Privacy Protection has a sharper boundary that trips people up: it only works inside Apple's own Mail app. If you read your mail in the Gmail or Outlook app on your iPhone, the toggle does nothing for those messages — those apps have their own, separate tracking-protection settings. It also defeats open tracking, not click tracking: if you click a link inside an email, that click can still be logged, so the feature is not a license to click freely. As the EFF notes, non-Apple clients such as Thunderbird and Outlook each need their own remote-image settings adjusted to get comparable protection, so a household that mixes mail apps has to configure each one. The cleanest setup, if you are committed to the Apple approach, is to read everything through the Mail app so the protection actually applies to every message rather than a subset.

The realistic outcome is incremental, not instant. Existing spam already addressed to your real account keeps coming — these tools protect the addresses you use going forward, so the payoff builds as you replace old signups with masked addresses over the following weeks. Pair that with the FTC's baseline habits — marking spam as junk so your provider's filter learns, and unsubscribing only from senders you actually recognize — and you attack the problem from both the technical and the behavioral side at once. Give it a month of using a fresh masked address for every new signup and the difference in how much unwanted mail reaches your real inbox becomes obvious.

Keep reading

Posts in this series