I’m using eM Client iOS as my email client, mainly to be able to protect my privacy by using OpenPGP email encryption. Another privacy function I use are DNS-based tracking protection.
Today I checked the results of Apples “App Privacy Report” for eM Client
"Settings app" > "Privacy & Security" > "App Privacy Report" > "App Network Activity" > "eM Client" > "Show all" > "Unnamed Domains"
and it seems that the eM Client app bypass the iOS system dns functionality by directly connecting Cloudflares 1.1.1.1 dns-service. Attached I list ip-addresses reported by “App Privacy Report” for eM Client enhanced by whois informations:
whois-1.1.1.1.txt
netname: APNIC-LABS
descr: APNIC and Cloudflare DNS Resolver project
descr: Routed globally by AS13335/Cloudflare
descr: Research prefix for APNIC Labs
descr: APNIC Research and Development
----------------------------
whois-104.207.157.184.txt
NetName: CONSTANT
OrgName: The Constant Company, LLC
----------------------------
whois-104.26.2.228.txt
NetName: CLOUDFLARENET
OrgName: Cloudflare, Inc.
----------------------------
whois-104.26.3.228.txt
NetName: CLOUDFLARENET
OrgName: Cloudflare, Inc.
----------------------------
whois-104.70.84.85.txt
NetName: AKAMAI
OrgName: Akamai Technologies, Inc.
----------------------------
whois-104.70.95.247.txt
NetName: AKAMAI
OrgName: Akamai Technologies, Inc.
----------------------------
whois-109.233.159.253.txt
netname: NWRK-NET
descr: NWRK AMS1 Loadbalancing Pool
----------------------------
whois-109.233.159.64.txt
netname: NWRK-NET
descr: NWRK AMS1 Loadbalancing Pool
----------------------------
whois-151.101.2.132.txt
netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
descr: IPv4 address block not managed by the RIPE NCC
NetName: SKYCA-3
OrgName: Fastly, Inc.
----------------------------
whois-172.67.73.71.txt
NetName: CLOUDFLARENET
OrgName: Cloudflare, Inc.
----------------------------
whois-18.153.171.24.txt
NetName: AT-88-Z
OrgName: Amazon Technologies Inc.
----------------------------
whois-185.85.0.50.txt
netname: DE-MYRASEC-20150121
descr: MYRA SECURITY GMBH
----------------------------
whois-185.97.174.199.txt
netname: HEINLEIN-SERVICES-1
----------------------------
whois-192.0.73.2.txt
NetName: AUTOMATTIC
OrgName: Automattic, Inc
----------------------------
whois-194.150.228.43.txt
netname: DE-TELEKOM-20040629
----------------------------
whois-23.192.152.196.txt
NetName: AKAMAI
OrgName: Akamai Technologies, Inc.
----------------------------
whois-3.123.151.152.txt
NetName: AT-88-Z
OrgName: Amazon Technologies Inc.
----------------------------
whois-35.207.186.72.txt
NetName: GOOGLE-CLOUD
OrgName: Google LLC
----------------------------
whois-45.60.74.114.txt
NetName: INCAPSULA-NET
OrgName: Incapsula Inc
----------------------------
whois-52.28.118.217.txt
NetName: AT-88-Z
OrgName: Amazon Technologies Inc.
----------------------------
whois-52.31.135.233.txt
NetName: AT-88-Z
OrgName: Amazon Technologies Inc.
----------------------------
whois-80.245.156.34.txt
netname: ITZBUND-NET-3
descr: ITZBUND-NET-FFM
descr: ZIVIT B
----------------------------
whois-93.191.162.152.txt
netname: INXMAIL-NET-1
descr: Myranet Security
----------------------------
whois-99.84.152.34.txt
NetName: AMAZO-4
OrgName: Amazon.com, Inc.
----------------------------
Did anyone else got same results in his “App Privacy Report” on Apples iOS systems?
Is there any way to deactivate the bypass of the iOS systems dns-functionality, keeping the protection of my dns-based tracking protection active even for eM Client?
Could someone (maybe from the development team) describe, why this has been implemented and if this is a bug or wanted functionality and if this behaviour will be deactivated in a future app relase?