In New to Pi Hole why is mask.icloud.com blocked as standard? - #16 by ejwjohn there is a discussion on mask.icloud.com being blocked as a standard.
I wonder if (1) we can let pihole block all the domains it is set to block and then (2) forward those that pass through to the iCloud masker so that we get the benefit of both systems (pihole and mask)?
When iCloud Private Relay is active, the queries from the Safari browser in MacOS go directly to third party servers, and don't go to Pi-hole.
The reason we block (more specifically, provide a NXDOMAIN response) to the two specific domains is to trigger IPR to not become active. This puts the Safari traffic on the same DNS server as the rest of your network.
It's essentially one or the other for Safari in MacOS - Private Relay or Pi-hole. They don't work in conjunction with each other.
As a result, you can't forward domains from Pi-hole to a service that is not active.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.