I don't receive emails ONLY on Apple devices
-
Good morning,
I am writing from Italy.
Suddenly Apple desktop PCs and Apple Phones no longer receive emails without displaying any errors. The emails simply do not arrive.
On PCs that use Windows with Outlook and Android phones everything works.If I disable pfBlocker everything works regularly also on Apple devices.
Do you have any ideas? What could it depend on?
pfSensePlus24.03 2U BareMetal Asrock Industrial IMB-X1314MicroATX
CPU: i7-13700@5.2GHz, RAM:32GB ECC, n°2 Samsung 870EVO SATA 2.5” SSD 1TB (ZFS) Raid1
n°3 Intel i225-LM 2500/1000/100Mbps, n°1 NIC Intel i350-T4V2 10/100/1000 Mbps 4*GLAN, n°1 Intel X520-DA2 -
Check your pfBLockerng logs and stats.
On or more mail host name(s) ? Only you know where the mails should com from : gmail ? oulook ? icloud ? hotmail ? yahoo ?Strange is, if pfBlockerng blocks a (mail) host name, it would block it for all devices on your LAN, not just 'Apple' devices.
( Maybe your Windows and droid devices don't use pfSense as their DNS, so they can't use pfBlocklerng neither )
It doesn't matter what OS or mail app is used, they all use the same host names, for example gmail uses imap.gmail.com, pop.gmail.com and smtp.gmail.com.
@Unoptanio said in I don't receive emails ONLY on Apple devices:
If I disable pfBlocker everything works regularly also on Apple devices.
So pfBlockerng is blocking a host name that should be whitelisted - you've checked the Reports => Alerts and Report => Unified logs ?
Did you've picked a DNSBL feed that contains host names that shouldn't be blocked ? ( ! )
-
-
Well, yeah, no : I don't know what is in all those lists.
You (should !) know (before using them).The mail service(s ?) that don't work anymore, who are they ?
@Unoptanio said in I don't receive emails ONLY on Apple devices:
fakenews
Yeah, I can imagine that a mail server might fall under that category ....
As said above : if pfBlockerng blocks for example "yahoo.com", you can see that happening on the Firewall > pfBlockerNG > Alerts page. You see also then which list contained the blocked host name.
You can unblock (whitelist) domains on the same Firewall > pfBlockerNG > Alerts page. -
@Unoptanio By default, Apple devices use Privacy Protection, which routes email access through a relay in order to hide the user’s IP address. The relay is probably appearing in the blacklist.
On a phone, the setting which controls this can be found in Settings -> Apps -> Mail -> Privacy Protection.
-
@dennypage said in I don't receive emails ONLY on Apple devices:
On a phone, the setting which controls this can be found in Settings -> Apps -> Mail -> Privacy Protection.
I'll have to play with that option.
Mine was not set of course, but what happens when it is set ?
Is this for sending mails ? Receiving ? Both ?And why "hiding" mail traffic ?
There isn't (shouldn't be, were in 2025 now) be any mail traffic anymore that doesn't use TLS, so no MITM is possible between my phone, and the server at the other end.Hiding what from the mail server to which I've send a mail ?
That's counter productive as if the receiving mail server can't check who I am - where the mail came from, change become bigger that the mail is treated as "less serious" thus the mail gets marked as spam or even discarded.Anyway, me just thing out loud here, I'll set this option to on and see what happens.
edit : activating the option doesn't change anything for me.
I could send a mail to a gmail account just fine.
Still saw my Phone's IPv6 (a pfSense LAN prefix IPv6) in the mail headers.
I'm plowing through the mail headers right now, can't see anything obvious or new or different.Is it this :
?
So before sending a mail, my phone needs to tell apple first where I'm sending to, receiving from ?
For my privacy ?
No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
It might be that Apple's iCloud Private Relay is blocked and if you add below to your whitelist and do an update in pfBlockerNG, you should recieve mail again
Good luck
.metrics.icloud.com # Apple mail block introduced with ios 18.2 -
@Gertjan said in I don't receive emails ONLY on Apple devices:
And why "hiding" mail traffic ?
There isn't (shouldn't be, were in 2025 now) be any mail traffic anymore that doesn't use TLS, so no MITM is possible between my phone, and the server at the other end.It's not about the content, it's about tracking. In short, senders of emails place content links in emails sent to you. When you access the email, the sender can see the IP address(s) that are used to retrieve the content. The IP address information allows for tracking of your physical location. The relay addresses this by routing all content retrieval through a privacy proxy.
-
@dennypage said in I don't receive emails ONLY on Apple devices:
senders of emails place content links in emails sent to you. When you access the email, the sender can see the IP address(s) that are used to retrieve the content. The IP address information allows for tracking of your physical location
The famous white 1x1 pixel image present in a mail ... I know.
That issue has been solved many years ago
Example : my mail client (Outlook 365) shows this :
Based of who sends the mail == who I think was sending the mail and the content .... publicity of course in this case, it's "Delete" right away.
@dennypage said in I don't receive emails ONLY on Apple devices:
The relay addresses this by routing all content retrieval through a privacy proxy
Ah, the interesting part. Thanks.
So, when using this functionality on the iDevice, the mail client will access all URLs in a mail using some Apple proxy.
If this proxy - most probably know by the iOS with a host name, is blocked by pfBlockerng, then loading te images in a mail becomes impossible.
Still, the mail app in the iPhone would show == receive the mails ....
This doesn't check with the subject of this thread :I don't receive emails ONLY on Apple devices
where @Unoptanio says he/she can't retrieve the mails == she/he can't access his mail server ... (I guess - posed questions are still unanswered )
-
@Gertjan said in I don't receive emails ONLY on Apple devices:
The famous white 1x1 pixel image present in a mail ... I know.
That issue has been solved many years ago
Not the infamous 1 pixel image used on websites. This is usually general, required content. Real images, present in almost all commercial messages, without which the email does not render properly. Like the name of the sender as an image, signature lines, etc. You probably see dozens per day without noticing. Install something like Little Snitch if you want to see what's all going on behind the scenes.
