We send emails with inline images. They show well with all the email clients except the Apple Mail app.
What steps have you taken to resolve the issue?
Update: We haven’t found a proper solution for this yet, but we did found a workaround: use a CDN for loading those images rather than our own server. We know that the inline images actually show on the Apple Mail app when they load from other hosts, like popular hosting services, CDNs, etc. For example, we noticed images are shown when they load from Shopify’s CDN, which is also on Cloudflare. Looking at this specific host and inspecting their HTTP headers we noticed they’re using HSTS. Maybe Apple Mail requires HSTS for loading external images? Just a guess.
Wonder if WAF events would show up some blocked events when trying to load the image
On the phone only? So you cannot get the Developer Console and check if there’s 404 or 403 error showing for those resources (images)?
Is the Hotlink protection feature enabled for your domain?
You should be able to see the challenged or blocked event under the Security tab → Events at Cloudflare dashboard for your zone and know exactly which security option was triggered.
Once you find them, click on a particular one to find more details about it (user-agent, IP, HTTP version …). If yes, could you share some details which service was triggered that blocked you?
Thanks for your reply. Answering your question, Hotlink protection is not enabled. This issue is only happening with the Apple Mail app. No other email client is affected as far as we know. I’ve updated the issue description in any case. We think this issue is not related to the Cloudflare’s TLS certificates, as we initially thought.
