AdGuardDNS breaks Mail Privacy Protection in iOS 15

AdguardTeam / AdGuardSDNSFilter

AdGuard DNS filter

https://adguard-dns.io/

GNU General Public License v3.0

702 stars 126 forks source link

AdGuardDNS breaks Mail Privacy Protection in iOS 15 #764

Closed TimofeyK closed 2 years ago

TimofeyK commented 2 years ago

Steps to reproduce

Use iOS 15
Enable Protect Mail Activity in Settings - Mail - Privacy Protection
Configure AdGuard DNS
Receive new emails in Mail app - Pictures are not loading Warning shown: Unable to load remote content privately
Disable AdGuard DNS and open same emails - pictures are loading normally

Expected behavior

External content, e.g. pictures, should load normally when using AdGuard DNS

Actual behavior

Pictures are not loading Warning shown: Unable to load remote content privately

Screenshot:

Your environment

Description	Value
DNS server in use:	Default, 94.140.14.14
How did you setup DNS configuration:	System profile
Device model:	iPhone 12 Pro
Operating system and version:	iOS 15.0

ameshkov commented 2 years ago

Hm, I cannot reproduce this. What mail provider do you use?

TimofeyK commented 2 years ago

Gmail. For me reproduces consistently. Tried multiple times with the same result - images are not loading with Mail Privacy on and AdGuardDNS. If I turn one these off - everything loads immediately

TimofeyK commented 2 years ago

Just checked - same happens with iCloud mailbox too

Tried restarting the phone - still reproduces

ameshkov commented 2 years ago

What's weird about that is that I can reproduce the issue with other DNS providers as well, it's not specific to AG DNS.

TimofeyK commented 2 years ago

Works correctly when I use both my home and mobile ISP DNS but if you can see the same issues with other DNS maybe this is something on Apple’s end

Actually, I think it must have worked 12 hours ago when I updated to iOS 15

ameshkov commented 2 years ago

Yeah, it works okay when I am using the system DNS, but once I start using any other DNS (Google, Cloudflare, AG), it stops working.

ameshkov commented 2 years ago

Moreover, if I enable VPN, it starts working again. This all is quite weird.

24khxn commented 2 years ago

Any updates on a workaround for now? Is there anything we could whitelist?

ameshkov commented 2 years ago

Nope, as far as I understand this is not a blocklist issue. Not even a particular DNS server issue since it happens with almost every DNS resolver for me.

jeanlst commented 2 years ago

@24khxn the workaround I found was to switch from Split-Tunnel to Full-Tunnel in the Low-Level Advance Settings

jeanlst commented 2 years ago

Any news on this issue? When is it going to work again with the Split-Tunnel?

ameshkov commented 2 years ago

Nothing new here. Reported it to Apple but they easily can consider this intended behavior.

Closing this issue since there's nothing to change in the DNS filter. The discussion can be continued, of course.

24khxn commented 2 years ago

@jeanlst I wasn't able to make the "Unable to load remote content privately" error message go away using your workaround. Restarted Mail app after setting change