Blog
Want more like this?
Subscribe!

How they track you: Email Service Provider Edition

A summary of how major email marketers track their emails

The email marketing world is wide and varied. But it is surprising how the tracking techniques stay the same across major ESPs and product companies.

Today we're going to take a deep dive into sample emails from 5 major companies: Mailchimp, SendGrid, AirBnB, Facebook and LinkedIn. We'll look at their style, odd headers and how they track you.

Mailchimp

Mailchimp is a huge ESP who powers many email lists. We're going top to bottom on a sample message, taken from a Mailchimp campaign sent by Mailchimp themselves.

First off is an interesting non-standard header; X-Report-Abuse. I've looked and it doesn't appear to be a computer friendly spec. However it may aid tech savvy users who don't see the other report abuse links that Mailchimp includes:

X-Report-Abuse: Please report abuse for this campaign here:
   http://www.mailchimp.com/abuse/abuse.phtml?u=f7b9eeXXXXXXXXXXXXXXXXXXX&id=965XXXXXXX&e=1f0XXXXXXX

Mailchimp also manages to have very short click tracking urls. Notice how they don't directly include the URL that you are being redirected to. This means that there must be a database lookup to do the redirect. I find it very interesting that that scales for them. Here's an example link, where the XXX was just alphanumeric characters:

http://mailchimp.us1.list-manage.com/track/click?u=f7b9eeXXXXXXXXXXXXXXXXXXX&id=dc3XXXXXXX&e=1f0XXXXXXX

Mailchimp sends out very prettily formatted HTML and CSS. They use proper indentation and style. This means that there is no minification. Good thing that email inboxes include so much storage these days! The HTML they include is so raw that it even has bits of commented out code. Here's an example where they have decided that they didn't want the horizontal divider after all:

<!--
                <td class="mcnDividerBlockInner" style="padding: 18px;">
                <hr class="mcnDividerContent" style="border-bottom-color:none; border-left-color:none; border-right-color:none; border-bottom-width:0; border-left-width:0; border-right-width:0; margin-top:0; margin-right:0; margin-bottom:0; margin-left:0;" />
-->

Additionally, they have informational comments. This seems to be the template name:

  <!-- NAME: 1 COLUMN -->

For open tracking, they use simple standard open tracking. They have a 1x1 white pixel, but with a special url that tracks your email:

<img src="http://mailchimp.us1.list-manage.com/track/open.php?u=f7b9eeXXXXXXXXXXXXXXXXXXX&id=965XXXXXXX&e=1f0XXXXXXX" height="1" width="1">

Here's where they are different though; their pixel is a mere 35 bytes. A 35 byte gif seems to be the smallest I have seen yet. This seems very optimized.

SendGrid/AirBnB

SendGrid seems to provide a very bare-bones service - so the strategies used would be influenced by the customer. I looked at an engagement email from AirBnB, sent by SendGrid.

Header-wise, there is some random information disclosure happening:

  • preheader: The most favorited homes on Airbnb - I can not find any reference to support for this header anywhere. Preheader refers to the preview text that you see under the subject in your mail client. This might be supported by some clients, but I am not sure.
  • X-User-ID: 41XXXXX0 and X-Locale: en-AU - Nice to know a little bit about myself
  • X-Category: engagement and X-Template: low_intent_trending - Nice to know a little but about AirBnB
  • Message-ID: <58780e1ab16fa_6676937e20163547@i-d72a0368.mail> - Nice FQDN :)
  • There is no List-Unsubscribe header

Email seems integrated into the application - with links going right to the application urls. However there are query parameters added at the end. For example:

https://www.airbnb.com.au/rooms/10051192?eluid=4&euid=d6634d83-XXXX-XXXX-XXXX-XXXXXXXXXXXX

AirBnB also don't seem to like HTML minification. Or have any respect for your inbox storage limit really! The HTML has tonnes of data attributes from the mail program they used:

<style data-roadie-ignore data-immutable="true">

They have 284 lines of css, much of it styling classes that aren't used in the email. Because that wasn't enough bloat already, they added a filler:

<meta name="filler" content="        _      _           _      ">
<meta name="filler" content="       (_)    | |         | |     ">
<meta name="filler" content="   __ _ _ _ __| |__  _ __ | |__   ">
<meta name="filler" content="  / _' | | '__| '_ \| '_ \| '_ \  ">
<meta name="filler" content=" | (_| | | |  | |_) | | | | |_) | ">
<meta name="filler" content="  \__,_|_|_|  |_.__/|_| |_|_.__/  ">
<meta name="filler" content="                                  ">

Rebelliously, they put their tracking pixel at the top of the email. More interestingly, they then have a 3rd party tracking pixel as well. They do seem to like bloat and filler, so what is worse than having many different analytics programs?

<img class="tracking" src="https://www.airbnb.com/tracking/pixel/email_opened/1484262937?rookery_uuid=d6634d83-8bcb-3f17-c974-e41ff559060d" style="outline:none;text-decoration:none;-ms-interpolation-mode:bicubic;width:auto;max-width:100%;clear:both;display:block;display:none">

<img class="tracking" src="https://pixel.monitor1.returnpath.net/pixel.gif?r=d18944536895e922f0e7423fe24e51aff6f2b008" width="1" height="1" style="outline:none;text-decoration:none;-ms-interpolation-mode:bicubic;width:auto;max-width:100%;clear:both;display:block">

Linked In

Nobody does more infamous email marketing than Linked In! Obviously their strategy is very controversial, and even illegal at times. They seem to have achieved their effectiveness goals with the marketing.

Link-wise, it is clear that they have integrated the email deep into their application, with the links going directly to application pages. You won't find any special click tracking and redirecting urls here:

Confirm that you know *name redacted*: https://www.linkedin.com/comm/start/accept-invitation?sharedKey=XXXXXXXX&invitationId=1234567891234567889&trk=eml-guest-invite-cta&trkEmail=eml-invite_guest-null-2-null-null-0%7XXXXXXXXX%7XXX

 You received an invitation to connect. LinkedIn will use your email address to make suggestions to our members in features like People You May Know. Unsubscribe here: https://www.linkedin.com/e/v2?e=0-XXXXXXXX-1y&a=nsettings-loid-email-unsubscribe-router&midToken=XXXXXXXXXXXXXX&ek=invite_guest&loid=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&eid=0-XXXXXXXX-1y

Unlike many of the other ESPs, Linked In actually minifies their html. For open tracking, they use a 1x1 gif pixel. This gif is bigger than Mailchimp's at 43 bytes, which seems to be an industry standard. The ID is shared with the urls from above:

<img src="https://www.linkedin.com/emimp/0-XXXXXXXX-1y.gif" style="width:1px; height:1px;">

Other images, such as profile pictures, are served straight from their CDN.

Facebook

Let's go from top to bottom on Facebook's notification emails. First there are many interesting headers:

As for the content, they are similar to Linked In. The html is minified and the tracking pixel is a normal 1x1 gif. Unlike Linked In, they have a special redirecting page; /n. The email is not as deeply integrated into the application.

If you want to be like the big ESPs, here are some tips:

  • Use a white gif image for your tracking pixel
  • The tracking pixel isn't anything fancy
  • The email HTML is very heavy - loads of CSS & styles

If you have any experiences or tips about email, make sure to send them to me@sam.today and I'll add them to the blog.

Get More Great Content

The intersection of marketing, design and machine learning, delivered straight to your inbox:
😀
Awesome! Please check your inbox and confirm your email.
We'll email you our latest posts plus special past content. Change your settings any time.

Exposing properties with Graphene Django

The other missing guide

Arithmetic with JavaScript Arrays

A Astonishing Adventure

Freeing Disk Space with the PackageKit cache

Automatic updates gone wrong

Keeping Python projects secure on GitLab

Pinning projects to the very latest

Testing GraphQL with Graphene Django

The missing guide

Local Politicians Meet InfoSec - a Wordpress Disaster

The article that I didn't want to have to write

PGP for Every Email

Join us in our PGP journey

SELinux Concepts - but for humans

This is your SELinux dictionary!

A new way of writing Gtk+ applications

Introducing Pyract - my weekend hack

Stop Disabling SELinux: A Real-World guide

Be safe from software vulnerabilities AND run your webserver

Plotinus and the quest for searchable menus

The underdog challenges a 30 year old UI convention

DMARC Secured Your Email Identity, But See How it Ruined Mailing Lists

Why people aren't posting on your mailing list

Blender for Hackers - 3D modeling is just like using VIM

A very brief introduction to Blender

Edge of the World - What Open-World Games Can Teach Us About Design

Spoiler: It's all about the illusions

When fictional worlds are an accurate representations of IoT security

Ok, a little dramatized. But still truthful.

How I Destroyed my Blog's Performance with CSS Background-Blend-Modes

Just because a browser has a feature doesn't mean you should use it

Help Us Answer: The Email Signup Popup - where is it from?

Who is behind the latest wave of popups?

My WATCH runs GNU/Linux And It Is Amazing

Lennart Poettering would love it!

6 Stunning Email SignUp Form Designs with Free HTML

I've spent way to much time on dribbble researching these!
G'day Mate, join us on IRC for good banter:
#Learnt on Freenode
See you there!