Open & click tracking
Every email sent through Splashify Pro can carry two kinds of recipient-side instrumentation:
| Tracker | Mechanism | Generates |
|---|---|---|
| Open | 1×1 transparent GIF embedded just before </body> | email.opened event |
| Click | <a href> rewriter routing every absolute URL through a redirect proxy | email.clicked event |
Both are on by default on every send (matches AWS SES + Resend + Postmark default). Turn either off when:
- You’re sending transactional mail where engagement metrics aren’t useful (password resets, OTP codes, receipts) and the rewritten URLs trip URL-pattern recognition in mail clients.
- The recipient population is privacy-sensitive (healthcare, legal, financial) and tracking pixels are off-limits per your agreement with them.
- You ship plaintext-only email — opens require an HTML body to host the pixel; if there’s no HTML you’ll never see opens regardless of the flag.
Set defaults per configuration set
Tracking flags live on each configuration set, so you can have one config set for marketing (tracked) and another for transactional (untracked):
# Create a config set with tracking ON (default — flags optional)
curl https://api.splashifypro.com/api/v1/partner/email/configuration-sets \
-H "Authorization: Bearer $SPLASHIFY_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "marketing",
"track_opens": true,
"track_clicks": true
}'
# Create a config set with tracking OFF — privacy / transactional flow
curl https://api.splashifypro.com/api/v1/partner/email/configuration-sets \
-H "Authorization: Bearer $SPLASHIFY_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "password-reset",
"track_opens": false,
"track_clicks": false
}'Update an existing config set:
curl -X PATCH \
https://api.splashifypro.com/api/v1/partner/email/configuration-sets/$CONFIG_SET_ID \
-H "Authorization: Bearer $SPLASHIFY_API_KEY" \
-H "Content-Type: application/json" \
-d '{ "track_opens": false }'Reference the config set on send
curl https://api.splashifypro.com/api/v1/partner/email/send \
-H "Authorization: Bearer $SPLASHIFY_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"from": "[email protected]",
"to": ["[email protected]"],
"subject": "Your password reset code",
"text_body": "Code: 123456",
"html_body": "<p>Code: <b>123456</b></p>",
"configuration_set_name": "password-reset"
}'The pixel + click rewriter are skipped for this send because the
config set has both flags off. Recipient sees a clean HTML message
without the /t/o/<token> pixel or /t/c/<token> redirected hrefs.
Send without a configuration set
When you don’t pass configuration_set_name, both flags default to
true. To send untracked without setting up a config set, the
simplest path is a one-off config set with both off — there’s
no per-send override flag yet.
Use your own tracking instead
If you have your own analytics (e.g. Plausible, Fathom, an internal
warehouse), turn off Splashify tracking on the config set + add your
own UTM params or pixel directly inside your HTML body. Splashify
won’t add a second pixel + won’t rewrite your <a href> — your
links arrive at the recipient verbatim with whatever tracking you
embedded.
<!-- Your HTML body — Splashify leaves it alone with track_opens:false + track_clicks:false -->
<a href="https://yourapp.com/login?utm_source=email&utm_campaign=welcome">Log in</a>
<img src="https://your-pixel.com/track?msg=abc123" width="1" height="1" alt="">What this affects
| Surface | With tracking ON | With tracking OFF |
|---|---|---|
| Recipient HTML | <a href> rewritten through /t/c/<token>; pixel injected before </body> | Verbatim HTML, no rewrites |
email.opened event | Fires on pixel load | Never fires (no pixel) |
email.clicked event | Fires on link click | Never fires (no rewrite) |
email.sent / email.delivered / email.bounced | Fires regardless | Fires regardless |
| Bounce / complaint webhooks | Fires regardless | Fires regardless |
| Reputation calculation | Unaffected — uses bounce + complaint, not opens / clicks | Unaffected |
Privacy & compliance notes
- GDPR / DPDP: tracking pixels can be considered personal data processing. If you operate in jurisdictions requiring explicit consent for tracking, default new senders to a config set with tracking off + opt them in only after consent.
- Apple Mail Privacy Protection (MPP): pre-loads pixels on Apple devices, so opens from those clients are inflated. Many partners drop opens entirely + use clicks as the engagement signal.
- Pixel blocking: Gmail’s image proxy serves the pixel from Google’s edge — you still get opens but with Google’s IP + user agent. Outlook desktop blocks images by default → no open event unless the recipient clicks “show images”.
See also
- Event types → —
email.opened+email.clicked+email.repliedpayload details - Configuration sets → — full CRUD reference
- Anti-spam best practices → — when tracking helps and when it doesn’t