Block email tracking pixels and beacons
Introduction
Digital marketing teams frequently use external images to track when you view an email message. This tracking can record your IP address, approximate location, and a timestamp. Images may also set browser cookies used by advertisers to track your behavior across the web.
Cerb protects your privacy by blocking external images by default.
When you optionally choose to view images for a specific message, its images are routed (proxied) through the server to remove cookies and anonymize worker IPs and locations.
You may also configure a blocklist to always prevent known tracking images from loading, even when other images are displayed.
This guide demonstrates a sample blocklist and provides instructions on creating your own rules.
Importing the sample blocklist
This sample blocklist is not comprehensive, but it will block image tracking from many common sources.
-
Copy this sample blocklist:
.amazon.com/gp/r.html? .amazonaws.com/prod/excess-aws-track-email-open .campaign.adobe.com/r/ .chtah.com/a/ .com/Default.aspx?open= .com/app/?tok .com/imp? .com/open.aspx .com/pixel.gif .com/pub/as? .com/pub/open.php .com/trk .com/wf/open .demdex.net/event .emltrk.com .facebook.com/email_open .google-analytics.com .hana.ondemand.com/data-buffer/sap/public/ .list-manage.com/track/open.php .net/on.jsp? .net/pixel.gif .paypal-communication.com/O/ .sendgrid.net/mpss .sendgrid.net/wf/open ad.doubleclick.net ads.perfectaudience.com beacon.krxd.net click.ngpvan.com clicks.att.com d.turn.com github.com/notifications/beacon/ pixel.app.returnpath.net/pixel.gif pixel.inbox.exacttarget.com/pixel.gif secure.adnxs.com/seg tags.bluekai.com track.sp.actionkit.com trk.email.dynect.net twitter.com/scribe/
-
As an administrator, navigate to Setup » Mail » Incoming Mail » HTML.
-
Paste the above blocklist into the Images » Blocklist section.
-
Click the Save Changes button.
Adding your own blocking rules
Blocking rules are patterns that match a URL.
You do not need to include http://
or https://
at the start of the URL. Any protocol will be matched.
For efficiency, all rules must include a hostname pattern.
When a hostname begins with a dot (.
), any number of subdomains will match. For instance, .google-analytics.com
matches ssl.google-analytics.com
and www.google-analytics.com
. This can include just a top-level domain (e.g. .com
) to match everything with that suffix.
If you provide a partial path (e.g. /beacon/
) the rule will match any location with that prefix.