Why should all URLs use HTTPS?

HTTPS is the expected standard for all web traffic, including links in email. Modern browsers display security warnings for HTTP pages, email clients may flag or block non-secure links, and spam filters treat HTTP URLs as a negative signal. Using HTTP in 2024 suggests either a neglected web presence or deliberate avoidance of security protocols-neither reflects well on sender legitimacy.

Beyond filtering implications, user trust requires HTTPS. Recipients clicking through to HTTP pages see browser warnings about insecure connections. For any page involving data collection-signups, purchases, account access-HTTP is a genuine security risk that exposes users to interception attacks. Even for purely informational pages, the warning undermines confidence in your brand.

The solution is straightforward: ensure all destination pages support HTTPS and update your email links accordingly. This includes your tracking domains if you use link wrapping-your ESP's tracking redirects should use HTTPS throughout the chain. Free SSL certificates from Let's Encrypt eliminated the cost barrier years ago. HTTP links in email are a relic from a less security-conscious era; there's no legitimate reason for them in modern campaigns.