Summary
While Chrome's mixed content blocking primarily targets web pages (HTTPS pages loading HTTP resources), it indirectly impacts Salesforce Marketing Cloud (SFMC) email deliverability. Modern email clients are increasingly sensitive to mixed content, potentially displaying warnings or blocking content, especially from unknown senders. Ensuring HTTPS for all email assets (images, links, click-tracking domains) is crucial to avoid warnings and maintain good deliverability. Some clients use proxies to load images over HTTPS, but this isn't reliable. Best practices include using universal TLS links, securing the SFMC portfolio base URL, and following a detailed checklist to address potential mixed content issues within SFMC.
Key findings
- Chrome's Web Focus: Chrome's mixed content blocking mainly affects web pages but influences how email clients handle content.
- Email Client Sensitivity: Email clients are becoming stricter about mixed content, potentially impacting deliverability.
- HTTPS is Key: Using HTTPS for all email elements is critical for avoiding warnings and maintaining deliverability.
- SFMC Configuration: A secure SFMC portfolio base URL and a mixed-content checklist are crucial for compliance.
- Proxy Issue: Relying on email client proxies for HTTPS image loading is not a best practice.
Key considerations
- Secure All Assets: Transition all email assets (images, links, tracking) to HTTPS.
- Update SFMC Settings: Verify and update the SFMC portfolio base URL to HTTPS.
- SFMC Checklist: Follow a detailed checklist within SFMC to identify and resolve mixed content issues.
- Test Email: Test emails in various clients to ensure proper rendering and identify potential mixed content warnings.
- TLS Links: Ensure all endpoint links are wrapped in TLS for enhanced security.
What email marketers say
12 marketer opinions
While Chrome's mixed content blocking primarily targets web pages, it has implications for Salesforce Marketing Cloud (SFMC) email deliverability. Modern email clients, like Gmail, are increasingly sensitive to mixed content (HTTPS pages loading HTTP resources) and may display warnings or block content, especially if the sender is not in the recipient's address book. Using HTTPS for all images, links, and click-tracking domains is crucial for maintaining good deliverability and a positive user experience. Some email clients use proxies to load images over HTTPS, but relying on this is not a best practice. Ensuring universal TLS links is essential, and transitioning to HTTPS for all email assets is highly recommended as email clients become more stringent about security.
Key opinions
- Browser Blocking: Chrome's mixed content blocking primarily affects web pages, but the underlying principles extend to email.
- Email Client Sensitivity: Modern email clients are becoming more sensitive to mixed content, potentially impacting rendering and deliverability.
- HTTPS Importance: Using HTTPS for all links, images, and tracking domains in emails is crucial for avoiding warnings and maintaining deliverability.
- Proxy Reliance: Some email clients use proxies to load images over HTTPS, but relying on this is not a reliable solution.
- TLS Endpoints: There is no excuse to not wrap all endpoint links in TLS these days.
Key considerations
- Secure Assets: Transition all email assets, including images and links, to HTTPS.
- Click Tracking: Ensure click-tracking domains are secured with HTTPS to avoid potential issues.
- Email Client Testing: Test emails in various email clients to ensure proper rendering and identify any mixed content issues.
- Sender Reputation: Pay attention to sender reputation, as email clients are more likely to flag mixed content from unknown senders.
- Fallback Options: Provide fallback options for images that cannot be loaded securely.
Marketer view
Email marketer from Email on Acid says that while Chrome blocking of mixed content primarily affects websites, it's important to use HTTPS for images in emails to ensure they are displayed correctly in all email clients, not just those using proxies.
31 May 2024 - Email on Acid
Marketer view
Email marketer from Reddit advises ensuring all images and links use HTTPS to avoid mixed content warnings. They suggest this improves deliverability, especially as email clients become more security-conscious.
23 Jul 2021 - Reddit
What the experts say
2 expert opinions
Chrome's mixed content blocking, while primarily focused on web pages, can indirectly affect Salesforce Marketing Cloud (SFMC) email deliverability. Ensuring HTTPS for images and other email assets is crucial, as email clients may block or warn users about insecure content, thereby reducing engagement. Within SFMC, a detailed checklist can help address potential mixed content issues, including verifying the portfolio base URL, updating landing pages, securing Cloud Pages, and ensuring all images and links within emails are served over HTTPS.
Key opinions
- Chrome Impact: While primarily a web issue, Chrome's blocking principles extend to how email clients handle mixed content.
- Deliverability Impact: Insecure content can lead to email client warnings or blocking, negatively impacting engagement and deliverability.
- SFMC Checklist: A detailed SFMC checklist helps identify and resolve potential mixed content issues.
Key considerations
- Secure SFMC Setup: Verify the portfolio base URL in SFMC Account Settings is HTTPS.
- Update Landing Pages: Convert old-style landing pages to Cloud Pages and ensure all landing pages are served over HTTPS.
- Secure Cloud Pages: Ensure no links point to HTTP versions of Cloud Pages.
- HTTPS Assets: Ensure all images and links in emails are served over HTTPS.
- General HTTPS: Adopt HTTPS for ALL images and links in emails.
Expert view
Expert from Email Geeks provides a detailed checklist for potential mixed content issues in SFMC: (1) Account Settings - look for a portfolio base that's https. (2) Landing Pages - update/convert old style pages to cloudpages. (3) Cloud Pages - ensure no links point to http versions. (4) Landing Pages/Cloud Page - ensure all images are https. (5) Hand-coded emails - ensure all images are https and upgrade http links to https if available.
12 Dec 2023 - Email Geeks
Expert view
Expert from Word to the Wise explains that while Chrome's mixed content blocking primarily targets web pages, it's crucial to use HTTPS for images in emails to maintain deliverability. Email clients may block or warn users about insecure content, impacting engagement.
6 Jul 2023 - Word to the Wise
What the documentation says
4 technical articles
Chrome blocks mixed content (loading HTTP resources on HTTPS pages) to protect users from security vulnerabilities. While the primary focus is on web pages, this practice extends to email through email clients. Salesforce Marketing Cloud (SFMC) documentation emphasizes the importance of using HTTPS for all hosted content (images, landing pages) and securing the portfolio base URL to prevent mixed content warnings. Google and Mozilla documentation further highlight the broader push towards HTTPS for all web resources, underscoring the importance of serving secure content.
Key findings
- Mixed Content Definition: Mixed content occurs when HTTPS pages load HTTP resources.
- Browser Blocking: Chrome actively blocks mixed content to protect users.
- SFMC Impact: In SFMC, mixed content primarily affects images and landing pages, but insecure links can trigger warnings.
- HTTPS Importance: Using HTTPS for all hosted content (images, landing pages) is crucial in SFMC.
- Portfolio Base URL: A secure HTTPS portfolio base URL in SFMC Account Settings is essential.
Key considerations
- Secure Portfolio: Ensure the SFMC portfolio base URL is HTTPS.
- HTTPS Assets: Serve all images and landing pages over HTTPS.
- Address Insecure Links: Identify and update any insecure (HTTP) links in email content.
- General Security: Understand that the push towards HTTPS is a broader web security trend.
Technical article
Documentation from SFMC explains the importance of having a secure (HTTPS) portfolio base URL in Account Settings. This ensures that all hosted content, including images and landing pages, is served over HTTPS, preventing mixed content warnings.
14 Mar 2022 - Salesforce
Technical article
Documentation from Mozilla Developer Network defines mixed content as when HTTPS sites load HTTP resources. Modern browsers block mixed content to protect users from security vulnerabilities. While focused on web development, it explains the underlying reason for Chrome's behavior, which can extend to how email clients handle content.
20 Oct 2024 - Mozilla Developer Network
Are HTTP links penalized by spam filters in email marketing?
Are image-based emails a good practice, and what are the deliverability and accessibility implications?
Do secure HTTPS links improve email deliverability?
Does using a different domain for CDN hosted images in emails affect deliverability?
Does using HTTP links instead of HTTPS links affect email deliverability?
Does website SSL/TLS affect email deliverability?
