for reasons of GDPR compliance we would like to use the Native iOS Mail App with a managed account (ios Managed Contacts) to prevent e.g. the access of WhatsApp to contacts. In addition, we are currently implementing a conditional access policy that requires a device to be compliant and the app to be approved to have access to all cloud apps. As I see it, the native mail app is blocked because its not an "approved Client App". Is there any way to make the scenario work?
My current workaround in the test is to exclude Exchange from the CA policy and only check for Compliance in another policy only for Exchange. But in his way I can't prevent that e.g. third-party mail apps are used.