I would like to allow using the iCloud Private Relay, especially for the Mail Privacy feature.
Therefore I've set the BLOCK_ICLOUD_PR=false in /etc/pihole/pihole-FTL.conf.
After saving the file, I restarted the DNS pihole restartdns.
I was expecting, that iOS is not complaining in Mail, that the external content could not be loaded due to my network settings.
I quit the App and put the iPhone in flight mode, but it seems, that the configuration did not take effect.
Can someone please point me in the right direction?
Obviously I've missed an important step ...
Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:
Thanks for your help.
I restarted my iOS devices and still didn’t work.
Then I noticed, that the private relay flag in settings -> wifi was disabled. I thought that I could use pihole for safari and only use iCloud PR for mail privacy. This seems not to work. After enabling PR for this wifi network, it works as expected. Pihole is bypassed and PR is used.
Do you know if I can use PR for mail only in my home network?
You don't need to have Private Relay enabled to get the Mail Privacy features. They use the same domains, but are separate features in IOS and MacOS.
You can disable Private Relay (and have the DNS traffic from the Safari browser go through Pi-hole) and still have the Mail Privacy feature with your current Pi-hole settings.
In IOS Settings > Mail > Messages > Privacy Protection, toggle Protect Mail Activity to ON.
In IOS Settings > Apple ID > iCloud > Private Relay, turn that OFF.
thanks for pointing this out.
I tried your solution and it seems to work like you described. At least the warning in iOS Mail is gone. Though, I didn't double checked if these images are downloaded through PR.
I actually tried to disable PR for my wifi network only, as I would like to use it when I am connected to networks without pihole or with LTE.
I am afraid it is not working, like I wish it does. The small description below the flag in the wifi network settings says, that hiding the IP address in mail.
(translated with deepl.com)
The Private Relay prevents networks from monitoring your
your Internet activity, and hides your IP address
address from known trackers and websites. By going to
disabling private relay for this network will also
also disables IP address hiding in Mail.
will be disabled.
Attached is a screenshot of the setting, I am talking about.
Sorry it is in German ...
Note that Pi-hole would be able to suppress actually accessing tracking domains as contained in eMails as long as they'd appear on one of your blocklists.
The net effect may be similar, i.e. as those blocked tracking domains are never contacted, they also wouldn't know your IP address.