Why are email service providers using click tracking links?

ESPs use click tracking links to gather valuable data on how recipients interact with your emails. This includes metrics like click-through rates, which links were most popular, and conversion tracking. This data helps senders optimize their campaigns for better engagement and return on investment.

Can I prevent my ESP from using click tracking links?

While most ESPs enable click tracking by default due to its analytical benefits, many offer the option to disable it for specific links or entire campaigns. However, disabling tracking means you'll lose valuable insights into your email performance. The best approach is usually to ensure your tracking links are reputable rather than avoiding them entirely.

What's the difference between a sending IP and a click tracking IP?

A sending IP address is the server that sends your email. Its reputation affects whether your email lands in the inbox. A click tracking IP (or domain) is what resolves when a recipient clicks a link in your email, redirecting them to the final destination. They are often separate entities, and issues with one don't always reflect on the other.

How can I tell if my ESP's click tracking links are blocked?

You'll typically receive reports from recipients who see browser or email client warnings like 'Dangerous Web Page Blocked'. You can also use online URL checkers from security vendors to test your click tracking domain. Additionally, a sudden drop in click-through rates in your ESP's analytics might indicate an issue.

How long does it take to remove a blocklist (blacklist) entry for a tracking domain?

The removal time varies greatly depending on the specific blocklist (or blacklist) and the reason for the listing. Some automated blocklists remove entries quickly once the issue is resolved, while others, particularly those managed manually, can take days or even weeks. Proactive communication with the blocklist operator and your ESP is key.

Why are click tracking links from my ESP being blocked as dangerous? - Troubleshooting - Email deliverability - Knowledge base

Sending marketing or transactional emails often involves using click tracking links provided by your Email Service Provider (ESP). These links allow you to monitor engagement, gather valuable analytics on how recipients interact with your content, and ultimately understand the effectiveness of your campaigns. Typically, when a recipient clicks a link in your email, they are first redirected through a tracking domain managed by your ESP before landing on the intended destination page.

However, it can be alarming to discover that these seemingly innocuous click tracking links are being flagged or blocked as dangerous by security software, email clients, or internet service providers (ISPs). When this happens, recipients might see warning messages like 'Dangerous Web Page Blocked' or 'This site can't provide a secure connection', preventing them from reaching your intended content. This issue directly impacts your email deliverability and can severely hinder campaign performance.

I've seen firsthand how frustrating and baffling this situation can be for senders. The good news is that understanding the common reasons behind these blocks is the first step toward effective troubleshooting and resolution. It often boils down to a few key areas related to reputation, shared infrastructure, or security compromises that need to be addressed.

Shared infrastructure and its risks

One of the most frequent causes for click tracking links being blocked as dangerous stems from the nature of shared infrastructure. Many ESPs use shared domains and IP addresses for their click tracking services across numerous clients. While this offers cost efficiency and ease of setup, it also introduces a significant risk. If one client on that shared domain or IP engages in malicious activity, like phishing or distributing malware, the entire shared resource can get blacklisted (or blocklisted) by security vendors.

When a shared click tracking domain or its underlying IP address lands on an email blocklist or security threat database, all links originating from it, regardless of the legitimate sender, can be flagged. This means your perfectly legitimate marketing email could contain a 'dangerous' link simply because another ESP user misused the same tracking infrastructure. This scenario often requires the ESP itself to intervene and address the issue with the blocklist operators or security providers.

In some cases, the issue might not be a general blacklist, but rather specific security filters like Microsoft Defender SmartScreen or

Norton Safe Web. These services maintain their own reputation databases and can flag URLs based on suspicious patterns, even if the primary domain isn't broadly listed. The transient nature of some phishing campaigns means a tracking domain might be used briefly for a nefarious purpose, leading to its rapid blacklisting.

Compromised websites and sophisticated attacks

Beyond shared infrastructure issues, a more direct and serious cause for dangerous link warnings is if your own website, or the ESP's infrastructure, has been compromised. If a hacker gains access to your website or a part of your ESP's system and sets up phishing pages or distributes malware through the tracking links, security software will quickly identify and block these URLs.

Even if the compromise is not on your primary website, but rather a subdomain used for tracking, it can still lead to widespread blocking. Attackers are constantly finding new ways to exploit vulnerabilities. When these malicious activities are detected, the tracking domain becomes associated with danger, resulting in warning messages for your email recipients. This type of blocking is usually highly accurate, as security vendors have detected actual threats.

The domino effect of compromise

A compromised click tracking domain can have far-reaching consequences, even if only one client's account is affected. In some cases, if the tracking mechanism isn't unique enough per customer, a compromise on one client's URL path can cause

Google or other security providers to flag the entire tracking domain for all users, regardless of whether their specific links were compromised.

This is why conducting regular security audits of your own web properties and maintaining a strong security posture are crucial. If you suspect a compromise, isolating the issue and working with your security team or ESP to clean up any malicious content is paramount. False positives exist, but actual compromises are a significant concern that demands immediate attention.

Strategies for resolution and prevention

Addressing click tracking link blocks requires a multi-faceted approach, often involving collaboration with your ESP. The most robust solution for many businesses is to switch from a shared click tracking domain to a dedicated click tracking domain. This means the domain used for tracking is unique to your brand, giving you full control over its reputation and reducing the risk of being affected by other senders' poor practices. While this involves a bit more setup, the long-term benefits for deliverability are substantial.

Shared click tracking

Cost effectiveness: Generally lower setup and maintenance costs.
Ease of setup: Often pre-configured by the ESP, requiring minimal effort.
Vulnerability to others: Reputation can be impacted by other senders using the same domain.
Limited control: Less control over blocklist (blacklist) removal processes.

Dedicated click tracking

Brand reputation control: Your domain reputation is solely tied to your sending practices.
Improved deliverability: Less chance of blocks due to others' poor behavior.
Increased setup: Requires CNAME records and potentially a warmup period.
Proactive management: Easier to submit for re-evaluation if incorrectly flagged.

If your links are being blocked, reach out to your ESP's support team. They can investigate whether the tracking domain has been listed on any security blocklists (or blacklists) or if there are any known issues with the shared infrastructure. Sometimes, simply requesting a re-evaluation from the security vendors (like Palo Alto Networks URL Filtering) can resolve false positives. Keep in mind that a comprehensive email blocklist strategy is essential.

Another crucial step is to continuously monitor your domain's reputation. Tools can help you track if your primary sending domain or your click tracking domain appears on any blocklists (or blacklists). Being proactive means you can detect and address issues before they significantly impact your deliverability. Regularly auditing your website for any signs of compromise is also a non-negotiable step, as an infected site linked through tracking URLs will always be flagged.

Understanding the technical nuances

It's important to distinguish between your email's sending IP reputation and the reputation of the domain used for click tracking. While both are critical for deliverability, a block on your click tracking link doesn't necessarily mean your sending IP is in trouble. They are often separate entities. Your ESP might suggest moving your click tracking to a different IP or domain if the current one has sustained damage, but 'warming up' a click tracking IP is not a standard practice in the same way you would warm up a sending IP.

Click tracking domain configuration

Your ESP will typically provide a CNAME record that points your custom click tracking domain (e.g., 'clicks.yourdomain.com') to their tracking infrastructure. This record is essential for the tracking to function correctly. Here's a common example:

CNAME record for click trackingDNS

Host: clicks.yourdomain.com
Type: CNAME
Value: track.your-esp.com

Ensure this CNAME record is correctly configured in your DNS, as misconfigurations can also lead to issues.

The structure of the tracking URL itself can also play a role. Some ESPs use unique paths or subdomains for each client's tracking, which can help isolate reputation issues. If the tracking URL format is too generic across multiple clients, a problem with one sender could inadvertently affect others using the same core tracking domain. This highlights the importance of choosing an ESP that prioritizes strong domain isolation for their tracking infrastructure to minimize shared risk.

Views from the trenches

Best practices

Proactively submit your click tracking domains to security vendors for re-evaluation.

Utilize dedicated click tracking domains to maintain better control over your reputation.

Regularly audit your website and web properties for any signs of compromise or malicious content.

Implement robust security measures across all your digital assets to prevent phishing.

Common pitfalls

Relying solely on shared click tracking domains without understanding the associated risks.

Assuming a click tracking block is always a false positive without thorough investigation.

Neglecting to monitor the reputation of your click tracking domain for blocklist listings.

Confusing click tracking IP reputation with email sending IP reputation, they are distinct.

Expert tips

Always consult your ESP for insights into their click tracking infrastructure and any known issues.

Understand how security providers like Google differentiate between paths on shared domains.

Maintain open communication with your security team regarding any flagged website content.

Consider the long-term deliverability benefits of investing in dedicated tracking infrastructure.

Marketer view

Marketer from Email Geeks says they recently encountered issues with Norton blocking their Braze click tracking links, specifically due to the format of the tracking domain URL.

April 6, 2020 - Email Geeks

Marketer view

Marketer from Email Geeks says their team experienced similar click tracking domain flagging and found success by proactively submitting their domains to security providers for re-evaluation and recategorization, including Palo Alto Networks.

April 6, 2020 - Email Geeks

Maintaining trust in your email links

The integrity of your email links is fundamental to effective email marketing and communication. When click tracking links are blocked as dangerous, it not only disrupts your analytics but, more importantly, erodes recipient trust and severely impacts your ability to engage with your audience. Addressing these issues promptly is critical for maintaining a healthy sender reputation and ensuring your messages reach the inbox.

By understanding the potential pitfalls of shared infrastructure, being vigilant against website compromises, and proactively managing your domain's reputation, you can significantly reduce the likelihood of your click tracking links being flagged. Investing in dedicated tracking domains and working closely with your ESP are key steps toward securing your email campaigns and safeguarding your deliverability. Ultimately, consistent monitoring and swift action are your best defenses against these disruptive blocks.