Skip to content

Is Google Poisoning Your E-mail Marketing?

February 24, 2010

Is Google Poisoning Your E-mail Marketing?

[Note: I update this blog infrequently, but you can follow me on Twitter @robinteractive]

[Update at bottom on 2011-01-28 re: Facebook Messages and https.]

Joe Gmailuser opens an e-mail from his Aunt Sadie Khattlaidee. All is well. An e-mail from his girlfriend Ming Waresmeiring, nothing unusual.

Then he opens a marketing e-mail from your company. He sees this:

Images Not Displayed

Old news to an e-mail marketing pro. Many e-mail clients block images by default. Design accordingly. (Note to novices: If you’re sending tool tracks e-mail opens, then you’re sending an image – a Web beacon – even if your e-mail contains no other images.) Let’s continue…

Joe Gmailuser loves your company, reads every e-mail you send, and is more than willing to enable images. Good old Joe, the ideal customer.

What’s the problem?

Here’s what Joe Gmailuser, also (like most people) an Internet Explorer user, sees when enabling images for your e-mail:

Internet Explorer 8 Warning

(This specific image is from Internet Explorer 8. More on Internet Explorer 6 and 7 later.)

In fact, if Joe has allowed images to always be enabled for messages sent from you, the above box appears the moment he clicks your message in the inbox.

Why? The Web page tried loading both secure and non-secure items.

I use Firefox as my primary browser (I love the add-ons/extensions) and use Chrome as my secondary browser. I honestly ignore the secure/non-secure broken lock at the bottom of Firefox:

Firefox Warning

and the secure/non-secure exclamation triangle warning in the address bar in Chrome:

Chrome Warning

But the Internet Explorer warning dialog box? Downright alarming.

Why Gmail? Since mid-January 2010 https is the default access for Gmail. (https = secure Web connection.) This isn’t (yet?) the norm for other Web based e-mail, but Gmail is not alone in using https.  (Update: I’ve learned that Windows Live @edu is also https, and wonder if the same is true for Microsoft’s corporate Web-based e-mail offering.)

Joe encounters no problems when opening e-mails from Aunt Sadie Khattlaidee, even though they have pictures of her beloved cats attached. And e-mails from his girlfriend Ming Waresmeiring? They typically contain nothing more than links to local jewelry stores, so no warnings of any kind.

But when he views your e-mail with images enabled, those images are hosted on a non-secure server. The images from a non-secure source try loading on the secure-by-default Gmail page. The lock breaks in Firefox, the caution arrow appears in Chrome, both likely unnoticed. But the warning dialog box in Internet Explorer has to be answered to return to the underlying page – it is unavoidable.

Does this impact the end user viewing your message and taking the step(s) you want them to take (read it, take action, etc.)? Does it reflect poorly on your brand, since this problem doesn’t occur when friends and relatives send Joe an e-mail?

Real Life Example – Apple:

Apple is (in)famous in the e-mail marketing world for their image-dependent messages. The argument is sometimes made that Apple can get away with this given the strength of their brand. Still true if the Apple-loving recipient is Joe Gmailuser?

  • Selected yes to this question in Internet Explorer 8: “Do you want to view only the Web page content that was delivered securely? This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage.”
  • Selected Display images below option.

Even though I chose to display images, the result is still no images, since I opted not to display non-secure content.

Apple E-mail Marketing

Tested in…:

I tested with Internet Explorer 8 on systems running Windows 7 64-bit and Windows XP Service Pack 3 (XPSP3), Internet Explorer 7 on XPSP3 and Internet Explorer 6SP1 (officially unsupported by Google for Gmail) on XPSP1. Testing was done in consumer Gmail and Google Apps for Education.

(When I tested IE8 on Windows 7 64-bit and opted to display only secure content, that decision persisted across every message I opened in Gmail until I restarted the computer. This didn’t happen to me with IE8 XPSP3.)

The warning dialog box in Internet Explorer 6 and 7 is less alarming, but the problem still exists:

Internet Explorer 7 Warning

As Microsoft notes in their blog post about the warning boxes in Internet Explorer 7 vs. 8, “The dialog was changed in IE 8 to encourage users to make the more secure choice by selecting ‘yes’.  Selecting ‘yes’ to the IE 7 dialog resulted in showing both secure and non-secure content.” (see Microsoft blog post)

Possible Solution:

  • Use a secure server to host images embedded in e-mails. I did a very quick (not in any way thorough) test of this in a few Webmail clients without issue. Microsoft points out in the blog post linked above that secure content loading on a non-secure (http) page will not cause this error. So this approach seems like it would solve the Gmail issue and also be be fine even with people viewing e-mail images in Hotmail, Yahoo, AOL, etc., using Internet Explorer. However, it merits further testing.  (Update March 19, 2010: I tested https images in Outlook 2007 on XPSP3 pulling messages from Gmail via POP3, and also in Outlook 2010 Beta pulling messages from Gmail via IMAP. Https images loaded successfully in both. However, there are reports around the Web where people are having problems with https images in Outlook 2007. In some instances the explanation seems to be when a servlet/applet serves the image (the example cited multiple times is a bar code image). In other instances there are questions about whether it is caused by Exchange Server and/or Outlook configurations.)
  • E-mail service providers (ESPs) typically use a non-secure tracking image, sometimes additional footer images, and even placeholder images in the templates they design. Even if you place your image(s) on a secure server, the ESPs images (tracking and otherwise) still betray you by calling an image from a non-secure source.


  • Gmail and Internet Explorer don’t play nice together.
  • Yet another reason (in addition to rendering issues) to test e-mail marketing across various e-mail clients and various browsers.
  • Check your secure Web pages, as well. You may be a Firefox or Chrome loyalist, and have overlooked that your credit card-accepting page or other secure form is deterring your visitors due to secure/non-secure warnings.
  • If your day-to-day e-mail template (i.e. in Outlook, etc.) includes images hosted on a Web server, you’re likely encountering the same problem.

Update 2011-01-28: The new Facebook Messages (not widely rolled out as of the date of this update) is introducing quite a few wrinkles into e-mail marketing. Related to this specific post, Facebook is rolling out a setting where people can opt to use Facebook via https. The setting is still rolling out to end users, but it is possible to use Facebook https now simply by using the https URL. I tested an e-mail containing images in the new Facebook Messages using https Facebook. When that message is expanded (i.e. displaying the html version instead of the default plain text version), the same warnings as above are displayed.

6 Comments leave one →
  1. John W. permalink
    February 25, 2010 7:00 pm

    Could this be a deliverability issue for senders/ESPs? Things look odd and the report spam button is only a click away.

    If putting the images on a secure server takes care of the issue, than any ESP fixing their infrastructure to deal with this probably has an advantage over competitors.


  1. uberVU - social comments
  2. From MediaPost: Rendering is Only Getting More Difficult | CoolerEmail Blog
  3. » Auch Webbrowser können E-Mail-Response beeinflussen | optivo E-Mail-Marketing-Blog
  4. Gmail en onbeveiligde items weergeven | myMailMarket blog
  5. Fingerprinting + Security Warning = 2 reasons for placing email-trackingpixels on HTTPS | E-Mail Marketing Tipps

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: