Tracking links in Mandrill notification emails


(Simon Sapin) #1

Discourse sends notification emails in some cases when stuff happens, which is great, but the HTML version contains misleading links.

<p>To respond, reply to this email or visit <a href="http://mandrillapp.com/track/click.php?u=3022&id=b9389b72f7394&url=http%3A%2F%2Fdiscourse.specifiction.org%2Ft%2Finitial-set-your-own-initial-styles-for-css-properties%2F198%2F7&url_id=6f6177a5a377b97e">http://discourse.specifiction.org/t/initial-set-your-own-initial-styles-for-css-properties/198/7</a> in your browser.</p>

When rendered, it looks like a link to http://discourse.specifiction.org/ but it actually goes to an unrelated domain. To a path, of all things, called /track/click.php. This smells bad. Thunderbird (at least for me) shows a big red warning “This message may be a scam.”

Why is this the case? Who has access to the collected data? How is it used? Can it be disabled?


(Régis Hanol) #2

These tracking links come from mandrill, not Discourse.


(Jeff Atwood) #3

Simply disable that option in Mandrill.


(Jeff Widman) #4

Or set your own domains that you want to use for click-tracking using a CNAME:


(Simon Sapin) #5

I’m not admin on that instance, but they found how to disable this. Thanks.


(Régis Hanol) #6