Summary
Using HTTP tracking links negatively impacts email deliverability, user experience, and security. Subscribers encounter security warnings and mixed content issues, leading to distrust and potential abandonment. Email providers may block or filter content with non-HTTPS links, reducing deliverability. HTTP links signal a lack of security and can harm sender reputation. Conversely, HTTPS builds trust, improves SEO, and signals credibility to email providers, improving inbox placement. HTTP exposes users to man-in-the-middle attacks and other security threats. Redirects and tracking parameters must lead to HTTPS destinations. Protecting PII over HTTPS is crucial.
Key findings
- Security Warnings and Mixed Content: HTTP links trigger security warnings and mixed content errors, deterring user engagement.
- Deliverability and Reputation: HTTP links harm sender reputation and decrease email deliverability rates.
- Trust and Credibility: HTTPS enhances user trust and signals credibility, improving engagement and inbox placement.
- SEO Impact: HTTPS improves SEO ranking, while HTTP negatively impacts search engine visibility.
- Security Vulnerabilities: HTTP exposes users to man-in-the-middle attacks, eavesdropping, and data theft.
- Impact of Redirects: If you are using redirects, the final destination must be HTTPS to not negate any security gains.
Key considerations
- Implement HTTPS Across All Links: Transition all links, including tracking links, to HTTPS to avoid security issues and improve deliverability.
- Secure Redirects: Ensure redirects and tracking parameters lead to HTTPS destinations.
- Protect Sensitive Information: Use HTTPS to protect personally identifiable information (PII) and other sensitive data.
- Monitor Reputation: Check your sending domain reputation for issues.
- Review tracking links: Check third party link tracking providers as issues might exist there.
What email marketers say
14 marketer opinions
Using HTTP tracking links in emails, especially when the main website is HTTPS, negatively impacts both deliverability and user experience. Subscribers may encounter security warnings and mixed content errors, leading to distrust and potential abandonment. Email providers may block content with non-HTTPS links or flag emails as spam. Conversely, using HTTPS builds user trust, improves SEO ranking, and signals credibility to email providers, improving inbox placement. Not using HTTPS can also put visitors at risk of man-in-the-middle attacks.
Key opinions
- Security Warnings: HTTP links trigger security warnings in browsers, deterring users from clicking and reducing conversions.
- Mixed Content: Using HTTP links on HTTPS sites causes mixed content warnings, negatively impacting user experience and potentially blocking content.
- Deliverability Issues: Email providers may block or filter emails containing HTTP links due to security concerns, reducing deliverability.
- Trust and Credibility: HTTPS links build user trust and signal credibility to email providers, positively influencing user engagement and inbox placement.
- SEO Impact: Using HTTPS is crucial for SEO, as Google prioritizes secure sites. HTTP links can negatively impact search engine rankings.
- Security Risk: Non-HTTPS traffic increases the risk of man-in-the-middle attacks, potentially compromising user data.
Key considerations
- SSL Certificates: Ensure you have valid SSL certificates to establish trust and avoid browser security warnings.
- HTTPS Implementation: Transition all links, including tracking links, to HTTPS to avoid mixed content issues and deliverability problems.
- User Experience: Prioritize a seamless user experience by ensuring links are secure and trustworthy, reducing friction and increasing engagement.
- Reputation Management: Monitor and maintain your sender reputation by using secure practices to avoid being flagged as spam.
- Compliance: Ensure that your email marketing practices adhere to security standards to protect user data.
Marketer view
Marketer from Email Geeks disagrees with the notion that it's not an issue unless submitting PII. Explains if the traffic isn't secured by encryption that could put the visitor at the risk of a man-in-the middle attack where something malicious ends up on their machine.
25 Dec 2022 - Email Geeks
Marketer view
Email marketer from Cloudflare Blog explains that using HTTP links on HTTPS sites causes mixed content warnings, which negatively impact user experience and security. Browsers may block insecure content, hindering site functionality.
16 Aug 2024 - Cloudflare Blog
What the experts say
3 expert opinions
Experts indicate that HTTP tracking links can impact email deliverability and user experience by signaling a lack of security, potentially harming sender reputation and affecting deliverability rates. Ensuring that the final destination of redirects and tracking parameters is HTTPS is crucial to maintain security benefits. Submitting PII over HTTP poses a personal security risk.
Key opinions
- Deliverability Impact: HTTP links can negatively impact sender reputation and, consequently, email deliverability.
- Security Concerns: Lack of HTTPS signals a security vulnerability, affecting user trust and potentially leading to data compromise.
- Redirects: If using redirects, the final destination must be HTTPS to maintain security.
- Data security: Submitting PII or Financial information is a security concern
Key considerations
- Prioritize HTTPS: Implement HTTPS across all links, including tracking links, to ensure data security and maintain a positive sender reputation.
- Monitor Reputation: Regularly check sender reputation to identify and address any negative impacts from HTTP usage.
- Ensure Secure Redirects: Verify that all redirects and tracking parameters lead to HTTPS destinations.
- Evaluate Deliverability: Check whether it is a deliverability problem or a different problem where the recipient can’t get to the link.
Expert view
Expert from Wordtothewise.com responds to the fact that if you are using redirects and tracking parameters in your email, it's important to ensure that the final destination is indeed HTTPS so as not to negate any gains you have made by using HTTPS in the email.
8 Jul 2024 - Wordtothewise.com
Expert view
Expert from Email Geeks asks if it’s a deliverability problem or a different problem where the recipient can’t get to the link, and that non https is a personal security issue if you’re submitting PII or financial information.
18 Jul 2021 - Email Geeks
What the documentation says
5 technical articles
Technical documentation highlights the security vulnerabilities associated with HTTP tracking links. These links lack privacy and integrity, exposing users to man-in-the-middle attacks, eavesdropping, tampering, and data theft. Modern browsers restrict functionality in insecure contexts. Switching to HTTPS, secured by SSL/TLS encryption, is recommended for data integrity, user security, compliance, and improved search engine ranking.
Key findings
- Man-in-the-Middle Attacks: HTTP is susceptible to man-in-the-middle attacks where attackers can intercept and alter data.
- Lack of Privacy: Insecure contexts (HTTP) lack privacy, making them vulnerable to eavesdropping and tampering.
- Restricted Functionality: Modern browsers restrict features in insecure contexts, diminishing functionality.
- Ranking Signal: HTTPS is a ranking signal for Google search results.
- Data Theft: HTTP links can expose users to data theft and malware injection.
Key considerations
- Implement HTTPS: Switch to HTTPS across the entire website and all tracking links to enhance security and functionality.
- Secure Sensitive Data: Protect sensitive user data by using HTTPS connections, preventing eavesdropping and tampering.
- Comply with Security Standards: Adhere to security standards to ensure data integrity, user security, and compliance with regulations.
- Monitor security protocols: Ensure SSL/TLS encryption is setup correctly and up to date.
Technical article
Documentation from Google Search Central Blog shares that HTTPS is a ranking signal. Switching to HTTPS by securing your website with SSL/TLS encryption can help improve your ranking in Google search results.
3 Sep 2022 - Google Search Central Blog
Technical article
Documentation from OWASP explains that HTTP is susceptible to man-in-the-middle attacks, where attackers can intercept and alter data transmitted between the user and server, potentially leading to data theft or malware injection. If you use HTTP tracking links, you may be vulnerable to this type of attack.
20 Jul 2024 - OWASP
Are Bitly links bad for email deliverability?
Are HTTP links penalized by spam filters in email marketing?
Are link shorteners bad for email marketing?
Are URL shorteners like bit.ly bad for email deliverability?
Do ISPs re-fetch email tracking images, and what causes delayed email opens?
Do long URLs affect email spam filtering?
Do secure HTTPS links improve email deliverability?
Does using HTTP links instead of HTTPS links affect email deliverability?
How do URL shorteners and domain reputation impact email deliverability?
