Information
Mail Privacy Protection helps protect user privacy by preventing email senders from learning information about the activity they engage with using the Mail application. When turned on, this feature hides user IP addresses.
Rationale:
By enabling Mail Privacy, senders cannot build a profile of a user's online activity or determine their location. Such a feature also prevents senders from seeing if users have opened the email they sent.
Hiding user IP addresses prevents user tracking and profiling, which results in an increased level of privacy while using the Mail app.
Impact:
Some entities or enterprises might be required to audit all network traffic by policy. In this case, it is possible to block access to Mail Privacy Protection. The fastest and most reliable way to do this is to return a negative answer from the network's DNS resolver, preventing DNS resolution for the mask.icloud.com and mask-h2.icloud.com hostnames necessary for Mail Privacy Protection traffic.
In this scenario, users will still be able to use the service when they are not connected to their corporate network.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
From the device:
Tap Settings.
Tap Mail.
Tap Privacy Protection.
Enable Protect Mail Activity.
Item Details
Category: CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
References: 800-53|CM-1, 800-53|CM-2, 800-53|CM-6, 800-53|CM-7, 800-53|CM-7(1), 800-53|CM-9, 800-53|SA-3, 800-53|SA-8, 800-53|SA-10, CSCv7|5.1, CSCv7|9.2
Control ID: 01ba12602c72af9116a685452108ffae084a201909513754a17237e2b4e5ab3a