Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Monterey Mail.app: "Your network preferences prevent content from loading privately."

pickerin said:
The issue is the ability to reach Apple's, currently two, Mail.app proxy servers for loading remote content (specifically images and tracking pixels) when the setting "Protect Mail Activity" is enabled in Mail.app.

The way it appears to work is that if you have the setting enabled (which is the default) all images (and potentially other content) in an email will be loaded from Apple's servers and not the sender's requested host. This means the sender of the email will see ALL of the users activity coming from Apple's proxy servers and NOT your machine.

The servers in question are:
mask.icloud.com
mask-h2.icloud.com

Because this is a proxy server, if you have the setting enabled, and Mail.app cannot resolve the DNS address of the servers in question OR cannot reach those IP addresses after DNS resolution, then it will display the message in question and give you the ability to work around the issue by clicking the button (and loading the content un-masked).

Unfortunately, that means there are a number of things that could be preventing you from resolving those servers and/or connecting to them:
* Ad blockers may have those two servers listed as ad servers, in which case it will prevent DNS resolutions
* Pi-Hole will block DNS requests to those servers without a new configuration added to your FTL conf file
* Firewalls may block accessing those servers
* Virus protection may block DNS resolution and/or connecting to those servers as malicious proxies (they aren't)

So, you need to first verify if you can resolve the addresses. Then you have to see if you can connect to them by IP address. Private relay on or off shouldn't impact it. Hiding your IP or not shouldn't impact it.

Look for things like Ad Blockers, uBlock Origin, Firewalls, Anti-virus, DNS proxies, VPNs, etc. These are likely the issue.

I just wrote about this here if you want more details: https://robpickering.com/macos-monterey-and-mail-privacy/
Click to expand...
What do you suggest in my case:
- I have no ad blockers
- No pi hole

I only have a VPN client configured by my employer - Cisco any connect, and it has some filters. And the issue is only happening while connected to the VPN. What settings do I need to change, if I want to keep the default setting to protect mail activity?
 
Thanks to those who mentioned PIA, I had it installed but have switched to another VPN provider so I followed the PIA uninstall procedure referred to in post# 71. Now content loads as expected with Private Relay enabled.
 
i have completely removed all the add blockers of any kind I had dowloaded and the VPN I had never used so we'll see tomorrow morning whet happens .
I noticed that all private emails sent with pictures to my private email ( me@myself.com) had no problems .
It's a different story with Gmail I use for newsletters and shops .

EDIT : No change whatsoever without add blockers or VPN
 
Last edited:
  • Like
Reactions: TheYayAreaLiving 🎗️
vddobrev said:
What do you suggest in my case:
- I have no ad blockers
- No pi hole

I only have a VPN client configured by my employer - Cisco any connect, and it has some filters. And the issue is only happening while connected to the VPN. What settings do I need to change, if I want to keep the default setting to protect mail activity?
Click to expand...

Some corporate VPN's are configured so that the client routes all traffic through the VPN, not just the traffic that allows the client to reach the corporation's servers. If that's the case with you, you might be able to get some help from IT at your company. You might also check Cisco's forums for any discussion of this problem.
 
  • Like
Reactions: vddobrev
svenmany said:
Some corporate VPN's are configured so that the client routes all traffic through the VPN, not just the traffic that allows the client to reach the corporation's servers. If that's the case with you, you might be able to get some help from IT at your company. You might also check Cisco's forums for any discussion of this problem.
Click to expand...
Maybe that first sentence was silly. If a company is requiring all traffic to go through their proxies when the VPN is up, then it's very unlikely they would want email traffic to bypass them. It might not be important though; if web traffic was going through the VPN, a foreign site contacted by Apple Mail would likely see the traffic originating from a company IP address rather than your own.
 
I had the same problem, so I went in and unchecked the protect mail, Then I exited mail. then came back and activated it and it works with no problem. Now this on my mac. I also have it activated on my phone. Seem to get all the images . I am wondering if the problem is on the apple side of it.
 

Attachments

  • grab6.jpg
    grab6.jpg
    97.1 KB · Views: 216
svenmany said:
Some corporate VPN's are configured so that the client routes all traffic through the VPN, not just the traffic that allows the client to reach the corporation's servers. If that's the case with you, you might be able to get some help from IT at your company. You might also check Cisco's forums for any discussion of this problem.
Click to expand...
Yes, I checked with IT. Monterey not supported yet, so I have to wait when they update the corporate VPN. Until then my personal Mac connected to corporate VPN will be like that.

Edit: and yes, they route all traffic through the VPN, except Zoom and Exchange.
 
Does anyone know if this issue is still present in the macOS Monterey 12.1 beta?
 
I have this nagging feeling that Apple's networking shenanigans for private relay will always fight the networking shenanigans of other software, like VPNs and DNS tricksters. I suspect third-party software, if it wants to run comfortably on MacOS and not interfere with OS features, will have to be patched.
 
  • Like
Reactions: gilby101
For now it seems you have to turn off all the new mail privacy settings in Monterey. It all works normally. But then we don't have those new features.... So it's a win-lose situation.

p.s. I have express vpn, though it is not even open, and does not open on startup. Weirdly though, if my memory is correct, this bug seemed to happen after I installed it....
 
inteliboy said:
For now it seems you have to turn off all the new mail privacy settings in Monterey. It all works normally. But then we don't have those new features.... So it's a win-lose situation.

p.s. I have express vpn, though it is not even open, and does not open on startup. Weirdly though, if my memory is correct, this bug seemed to happen after I installed it....
Click to expand...

I use Private Internet Access. Even if I never run it myself or see any obvious evidence of it running, PIA does run a daemon, "pia-daemon", that's automatically launched on boot. It's kicked off by plist file in /Library/LaunchDaemons. Perhaps your VPN does something similar.
 
I don't use any of the listed apps (PIA, VPN, etc.) nor do I have a firewall turned on.

I have found that after some amount of time I get the "your network preferences prevent content from loading privately" message.

Rebooting makes it work again, but after a while the message comes back.

So I have to chalk this up to a bug that Apple needs to address.
 
So this is still a problem? We can't even load our email now without clicking a button? Well it was a good run I guess. 18 years of Apple Mail without having to click a button to see the email content. But now lawyers have taken over UI development at Apple, so this is what we get.
 
Pro Apple Silicon said:
So this is still a problem? We can't even load our email now without clicking a button? Well it was a good run I guess. 18 years of Apple Mail without having to click a button to see the email content. But now lawyers have taken over UI development at Apple, so this is what we get.
Click to expand...
If you don't care about the new privacy stuff, you can have Mail load without asking. Uncheck all the boxes in Preferences/Privacy.
 
mikehalloran said:
Then take it up with an English teacher. The language is quite clear to me. It means exactly what it says.
Click to expand...
Hey Mike, you're obviously pissed off. I'm ready to listen.

First off, what is the antecedent of "it" in your first sentence?

In your second sentence you say "The language"; what language is that? My post was only commenting on what @Aggedor said. Are you referring to some language in their post? Could you quote it so that I can understand your objection better?

Grammar is a hobby of mine. Also, my daughter has a teaching certificate for English. I'm happy to ask her any question you think I should ask. What would you like me to ask her?

By the way, I only took the time to carefully read @Aggedor's post because you cruelly insulted them. After reading their post I realized you undeservedly insulted them. We should all call out bullies when we see them.

I hope you take the time to carefully answer my explicit questions or, at least, point out exactly what was wrong with @Aggedor's post that I was defending.
 
  • Like
Reactions: jsamuelson and Aggedor
Firstly, fully agree with svenmany above.

Secondly, and back on topic, I have noticed with the latest beta that Mail is showing me images again, even with privacy enabled, with a Pi-Hole on my network, and the hits on mask.icloud.com and mask-h2.icloud.com have gone through the roof. So they have tweaked something on the back end, or privacy is failing completely on mine!
 
I am having the same issue. I have two Macs, both with "Protect Mail Activity" checked in Mail preferences. One of the Macs will not show images in email. The other one does.

I did come across this Apple support page that acknowledges the issue and says it is sometimes related to use of a VPN. However, I am not actively using VPN on the affected Mac. Weird. I'm gonna keep trying to troubleshoot.
 
How to fix
1)Open Mail app
2)Mail->preferences
3)Privacy
4)uncheck Hide Ip Address
fixed

(when you have Hide Ip Address you are using some kind of vpn )
1637697757477.png
1637697757477.png
 
donfirst said:
How to fix
1)Open Mail app
2)Mail->preferences
3)Privacy
4)uncheck Hide Ip Address
fixed

(when you have Hide Ip Address you are using some kind of vpn )
View attachment 1916792View attachment 1916792
Click to expand...
You are correct that this instantly fixes it for me at least. But the other Mac has both "Hide IP Address" and "Protect Mail Activity" checked and is able to load the images. This is what I and others in this thread are trying to achieve so we can have the protections of Apple's servers pre-fetching the images with their IPs to limit tracking.
 
Another possible data point to consider. The images do load on an Intel Mac but are not loading on an M1 Mac with both "Hide IP Address" and "Protect Mail Activity" checked.

I do not use Pi-Hole. This is occurring across networks so seems unlikely to be specific to a local network. I have uninstalled a corporate VPN (that was not being used) and uninstalled 1Blocker application. The problem persists.
 
This person on Apple forums claims it is a known bug to be fixed in future update. Apple engineers apparently worked with them to diagnose it. Not sure how much to believe that. I guess will wait for a macOS update. This is 12.0.1 after all.
 
  • Like
Reactions: SW3029, svenmany and Yptcn
donfirst said:
How to fix
1)Open Mail app
2)Mail->preferences
3)Privacy
4)uncheck Hide Ip Address
fixed

(when you have Hide Ip Address you are using some kind of vpn )
View attachment 1916792View attachment 1916792
Click to expand...
Exactly right.

The "Hide IP Address" is that functionality which sends requests from emails through the Apple relays. The Apple relays hide your address from the website being contacted. It is very similar to what a commercial VPN does to hide your IP address.

This relaying functionality is having some problem. Certainly turning off that functionality will eliminate the problem with that functionality. :) Kind of like "Doctor, doctor, my arm hurts when I raise it over my head". The doctor replies "So, don't raise it over your head".

If a user is happy not having their IP address hidden, then this solution is a good one.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back