Using non-HTTPS (Hypertext Transfer Protocol Secure) for engagement tracking in email marketing can have a subtle yet significant impact on email deliverability and overall recipient experience. While direct deliverability blocks might not be immediate, the absence of HTTPS aligns a sender with less sophisticated or potentially suspicious practices, influencing how internet service providers (ISPs) and email clients perceive their mail.
Key findings
Trust Signals: The lack of HTTPS (often indicated by a missing padlock icon or an explicit 'Not Secure' warning in browsers) can erode recipient trust and signal to ISPs that the sender might not adhere to modern security best practices.
Mixed Content Blocking: Email clients, especially browser-based ones, are increasingly stringent about mixed content (non-HTTPS elements on an HTTPS page). This can prevent tracking pixels or links from loading, leading to inaccurate engagement data or even broken experiences for recipients.
Engagement Tracking Failures: If a non-HTTPS tracking link or pixel fails to load, opens and clicks will not be accurately recorded, distorting engagement metrics. This can lead to misinformed campaign optimizations and a perceived lack of engagement.
Sender Reputation Impact: While not a direct blocklist trigger, consistently using non-HTTPS for critical email components can contribute to a poorer sender reputation over time, increasing the likelihood of future filtering.
User Experience Degradation: Recipients may encounter security warnings or broken images if content is not loaded via HTTPS, leading to a negative brand perception and potential disengagement.
Key considerations
Prioritize HTTPS: Ensure all tracking domains, images, and links within your emails use HTTPS. This is a fundamental security and deliverability best practice. For more information, read this article on Google's stance on HTTPS.
Vendor Capabilities: Confirm that your email service provider (ESP) or marketing automation platform fully supports HTTPS for all tracking elements. If not, consider workarounds or migrating to a more modern platform.
Consistent Security Posture: Implement a consistent security approach across all aspects of your email program, including secure HTTPS links and robust authentication (SPF, DKIM, DMARC).
Monitor Deliverability: Regularly monitor your inbox placement rates and engagement metrics. A drop in these could indirectly point to issues related to non-HTTPS tracking if other factors are stable.
What email marketers say
Email marketers often face practical challenges when their existing vendors or internal tools don't natively support HTTPS for engagement tracking. Their concerns primarily revolve around the direct impact on data accuracy and the potential, albeit less tangible, effect on how their campaigns are perceived by both recipients and filtering systems.
Key opinions
Data Accuracy Concerns: The primary fear is that non-HTTPS tracking pixels or links might not load, leading to inaccurate open and click rates and thus unreliable performance metrics.
Perceived Best Practice Alignment: Marketers worry that not using HTTPS aligns them with senders who neglect other fundamental email best practices, potentially impacting their overall deliverability reputation.
Client-Side Blocking: Many marketers are aware that modern email clients and browsers are moving towards stricter policies regarding mixed content, which could directly prevent their tracking from functioning.
Brand Perception: There's a concern that broken images or security warnings caused by non-HTTPS elements could negatively affect brand trust and subscriber experience.
Key considerations
Evaluate Vendor Limitations: If your current email platform lacks HTTPS support for tracking, assess the feasibility and cost of implementing workarounds or consider a migration to a more secure platform. Modern email platforms emphasize deliverability.
Prioritize Security: While immediate deliverability impact may be hard to isolate, the long-term benefits of HTTPS for sender reputation and user trust outweigh the inconvenience.
Educate Stakeholders: Explain to your team and clients why HTTPS is crucial, not just for security, but for accurate reporting and inbox placement.
Monitor Engagement Data: Be aware that engagement data might be incomplete or misleading if tracking pixels and links are routinely blocked due to non-HTTPS issues.
Marketer view
Marketer from Email Geeks asked about the deliverability impact of non-HTTPS engagement tracking, noting their vendor does not support it out of the box. They sought insight from others on this specific issue.
07 Oct 2020 - Email Geeks
Marketer view
Marketer from Rebrandly blog suggests that using non-branded short links can lead to lower deliverability and open rates, as recipients may view them with suspicion. This highlights the importance of trusted, secure links.
14 Nov 2023 - Rebrandly blog
What the experts say
Deliverability experts generally agree that while non-HTTPS engagement tracking might not directly trigger a hard block, it's indicative of a broader lack of adherence to modern best practices. They highlight the increasing emphasis by major email clients and browsers on secure connections, which can lead to functionality issues for tracking rather than just deliverability problems.
Key opinions
Holistic Best Practices: Experts tend to view non-HTTPS as one symptom of a sender not following a comprehensive set of deliverability best practices, which collectively impacts inbox placement.
Client-Side Interpretation: Google Chrome's behavior of attempting to fetch HTTPS versions of HTTP URLs for mixed content is a significant factor. If the HTTPS version fails, the content (and tracking) won't load.
Indirect Deliverability Impact: While Chrome might not directly filter based on HTTP vs. HTTPS in source code, the failure of tracking to work means a loss of engagement signals, which can indirectly hurt deliverability over time.
Vendor Responsibility: Reputable email vendors should already be offering or actively moving towards full HTTPS support for all tracking mechanisms.
Key considerations
Comprehensive Strategy: Focus on a full spectrum of deliverability best practices, not just isolated technical configurations like HTTPS. This includes proper authentication (DMARC, SPF, DKIM) and consistent sending behavior. See Mailgun's guide to email delivery.
Address Mixed Content: Proactively ensure all images and tracking elements in your emails are served via HTTPS to prevent them from being blocked or showing security warnings. This is critical for both engagement and user experience.
Push for Vendor Modernization: If your vendor does not support HTTPS for tracking, advocate for this feature or explore alternatives. It's a fundamental requirement for modern email marketing.
Understand Engagement Metrics: Be aware that if your tracking is frequently failing due to non-HTTPS, your reported open and click rates may be artificially low, masking actual subscriber engagement. This impacts your ability to increase email click through rate.
Expert view
Expert from Email Geeks states that it's challenging to isolate the impact of not using HTTPS from a general lack of best practices, advising that senders without HTTPS are often grouped with those neglecting other fundamental deliverability elements.
07 Oct 2020 - Email Geeks
Expert view
Expert from Word to the Wise suggests that a holistic approach to email deliverability is always better than focusing on isolated issues. They recommend implementing all known best practices, including secure links.
03 Feb 2023 - Word to the Wise
What the documentation says
Official documentation and industry guidelines increasingly stress the importance of HTTPS for all web content, including elements within emails. This emphasis stems from a broader push for a more secure internet, and email is no exception. While direct deliverability rules against non-HTTPS might be rare, the implications for content rendering and tracking functionality are clear.
Key findings
Industry Standard: HTTPS has become the baseline standard for secure web communication. Email content, including images and tracking links, is expected to adhere to this standard.
Browser Behavior: Major browsers, like Chrome, actively mitigate mixed content by attempting to upgrade HTTP requests to HTTPS, or by blocking non-secure content entirely if the upgrade fails.
Impact on Metrics: If tracking pixels and links are blocked due to mixed content policies, this directly impacts the accuracy of engagement metrics (opens, clicks), making it harder to gauge campaign performance.
Security Warnings: Email clients may display security warnings to users if mixed content is present, potentially alarming recipients and reducing trust in the sender's brand.
Key considerations
Universal HTTPS Adoption: Ensure that your entire email infrastructure, from sending domains to tracking domains and image hosting, utilizes HTTPS. This eliminates potential points of failure and builds trust.
Adherence to Browser Standards: Stay updated on evolving browser and email client policies regarding mixed content to preemptively address potential rendering or tracking issues. For instance, Klaviyo emphasizes email deliverability as a function of many factors, including technical setup.
Monitor User Experience: Regularly test your emails across various clients and devices to identify if non-HTTPS elements are causing visual glitches or broken tracking for recipients.
Vendor Compliance: When selecting or evaluating email service providers, prioritize those that offer robust and fully HTTPS-enabled tracking solutions.
Technical article
Documentation from Mailmodo highlights that email deliverability refers to the number of emails reaching the subscriber's inbox and not getting filtered into junk or spam folders. Secure links contribute positively to this.
01 Jan 2025 - Mailmodo
Technical article
Documentation from Kickbox Blog notes that content reputation is a major factor in deliverability issues, encompassing everything within the email, including domain and links. This implies HTTPS secure content is preferable.