What is Apple Mail Privacy Protection?

According to Apple, Mail Privacy Protection does two things:

  1. It hides your IP address, so senders can’t link it to your other online activity or determine your location.
  2. It prevents senders from seeing if and when you’ve opened their email.

If a recipient uses Apple Mail Privacy Protection, then our email tracker cannot reliably detect whether the email is opened or not.

How to configure Apple Mail Privacy Protection

During configuration of the Apple Mail app, Apple will prompt the user to either Protect Mail activity or Don’t protect Mail activity (neither are pre-selected).

When someone selects the Protect Mail activity option, here’s what happens: Apple first routes emails through a proxy server to pre-load message content—including tracking pixels—before serving to readers. Even if readers don’t actually open those emails.

The user can also modify the setting in Settings -> Mail -> Privacy Protection

How does it work?

Expect this to be refined as Apple continues to improve MPP, but right now, the way this works is:

  1. When the Apple Mail app starts up, it triggers a download of the email messages to their device from their email host (e.g., Yahoo or Google).
  2. At indeterminate intervals (could be immediately or could be a couple of days later), Apple downloads all of the images in the email (including tracking images), creating a copy of the images to a new location on the Apple Privacy Cache. The download is triggered by a proxy server with an IP address assigned to the general region of the subscriber, masking their specific geolocation.
  3. When a user actually opens the email, it triggers a request to download and display the email’s images, but they are coming from the Apple Cache. So, the sender of the email really won’t see the real open.
    Because of this, email trackers can’t tell who opened your emails, when, and where.

Here is a diagram explaining how Apple Mail Privacy works:

Why should I care about Apple Mail Privacy Protection?