← field notes

The Invisible Pixel: How Emails Know You Opened Them

someone sends an email, and seconds after it is opened a little number on a dashboard somewhere ticks up. opened. then a second line, four minutes later, on a phone, from a city the reader has never told anyone about. the reader clicked nothing and replied to nothing. they just looked at the message for a moment. and the sender watched it happen, almost in real time.

that is not a glitch. it is a single image, smaller than the period at the end of this sentence, sitting quietly inside the message. the moment a mail program drew it on the screen, it reported back. understanding how email tracking works starts with that one invisible picture, and ends with the realization that an ordinary email is quietly a sensor.

the pixel you never see

a tracking pixel is just an image, usually one pixel wide by one pixel tall, often fully transparent, dropped into the body of an email. there is nothing to notice because it has no color, no border, and no shape on the page.

but an image in an email is not really part of the email. it is a request. the message tells the mail program that the picture lives over on some server, so go and fetch it. that little errand, the trip out to grab a picture nobody will ever see, is the whole trick.

and the address the picture sits at is not generic. when the sender builds each person’s copy of the message, they bake a small tag into the image link, a string of characters that means nothing to the reader and everything to the sender. so the server does not just learn that someone, somewhere, opened an email. it learns that this specific person, on this specific send, opened this specific message.

how an image phones home

when a mail program shows a message with pictures in it, the text arrives with the email but the images usually do not. the message carries links that say the photo lives elsewhere, on a server, come and get it.

so the mail program reaches out across the internet and asks that server for each image. the server hands the picture back and the screen fills in. for a normal photo this is invisible plumbing nobody thinks about. for a one by one pixel that nobody will ever see, the same request has only one purpose, and it is to be made at all.

the moment you open it

this is where the timing comes from. a message can sit in an inbox for a week and nothing happens. the pixel does not phone home while it waits. it only reaches out the instant the mail program decides to display the message, which is almost always the moment the message is opened.

so the request itself is the signal. the sender does not need to know what was read or how anyone felt. they just need that one fetch to arrive, because the fetch only happens on open. the email did not have a read receipt anyone agreed to. it had one wired in from the start.

what the fetch reveals

it is worth looking at what travels with that request, because it is more than a yes. every time a device asks a server for something, it has to say where to send the answer. that is the connecting address, the number the internet uses to route the reply back.

from that one fetch the sender learns several things at once. that the message was opened, and the exact time down to the second. roughly where the reader was, because the connecting address usually maps to a region or a city. and often what kind of device and mail program was used, because software politely introduces itself every time it asks for a file. none of that came from anyone typing anything. it came from a picture loading.

once is never the only time

the pixel does not fire once and retire. every time the message gets displayed, it fetches again. so the sender does not just see a single open. they see an open at nine in the morning, then again at lunch, then a third time in the evening when the message was forwarded and someone else opened it too, from a different city.

because the image link carried that unique tag, the open from the forwarded copy still reports back as the original message, even though it is a different person on a different connection. the sender cannot always tell exactly how far a message traveled, but they can see it kept getting opened after it left the first inbox. one email, one pixel, and a faint trail of everywhere it went next.

the pixel is only half of it. the links in a marketing email almost never point straight at the place they claim to. a button says read more, but the address underneath does not go to the article. it goes to the sender’s own tracking server first, which records the click and then forwards the reader on to the real destination.

that detour is called link wrapping. for a fraction of a second the click passes through a turnstile that notes which person clicked which link at which time, before quietly sending them where they wanted to go. and it closes a gap the pixel cannot. blocking images stops the open from registering, but a click is something done on purpose, so even someone who never loads a single image still hands over a clean signal the moment they tap a link.

a profile, not a number

put the pixel and the wrapped links together and the sender stops having events and starts having a profile. not just opened, but opens every email within a minute, usually on a phone, usually in the evening, always clicks the second link but never the first.

that pattern decides what gets sent, when, how often, and how hard. a person who opens everything gets treated differently from a person who never opens at all. and the profile rarely stays with one company. hashed identifiers and behavior scores get traded between platforms, so a reputation as a reliable opener can follow an address around to senders it never signed up with.

who is actually watching

most of the time this is marketing, and it is everywhere because it is built into the tools. the platforms that send bulk email turn this on by default. open tracking and click tracking are usually just a checkbox, often already ticked, and most senders never think about it.

but the same plumbing does not care who is using it. the technique that tells a newsletter team their open rate also tells a stranger that a message landed, was read, at a certain time, from a certain place. a quiet email with one invisible pixel can confirm that an address is live, that a person is paying attention, and roughly where that person is sitting. the mechanism is neutral. the intent behind it is not always.

the read receipt nobody agreed to

a normal read receipt, the kind some apps offer, asks first. it is a feature anyone can see and switch off, and the other person knows it is on. the pixel is the opposite. nothing announced it, nothing asked, and there is no setting inside the email to decline it.

it is a read receipt that the sender controls completely and that the reader was never told about. the only reason it works at all is that the mail program, trying to be helpful, loads the pictures the moment the message is opened.

the defenses, and where they stop

that is exactly where the main defense lives. because the pixel only works if the mail program goes and fetches it, the simplest protection is to not fetch it automatically. most mail programs have a setting to block remote images and show the text first, leaving the pictures unloaded until asked for. with that turned on, the pixel just sits there, never requested, and the sender’s dashboard shows nothing.

some mail providers go further and put themselves in the way on purpose, fetching every image through their own servers first. this is an image proxy. when the pixel loads, the request to the sender comes from the provider’s machines, so the location they see is the proxy, not the real one. some providers even fetch every image the instant the message arrives, so the open signal fires for everyone at delivery time and stops lining up with a human actually reading.

none of this is a perfect wall. an image proxy can hide where and when, but if it loads the pixel at all the sender still learns the message was opened. blocking images is stronger, but the moment someone clicks show images every pixel fires at once. and clicking any link, wrapped or not, is its own separate signal that no image setting touches. the defenses shrink the sensor. they do not unplug it entirely.

the email as a sensor

so here is the thing to carry out of this. an email is not just a letter sitting in a folder. it is a small piece of software that runs the instant it is looked at, and a lot of what it runs is built to watch exactly that.

the invisible pixel is the clearest example, but it is one expression of a bigger idea. the things arriving in a normal day, the message, the link, the helpful little image, are also instruments. quietly measuring when someone showed up, where they were, and what they touched. once the pixel is visible, it is hard to stop noticing how much of the ordinary internet is shaped the same way. a surface to use, and underneath it, a sensor nobody mentioned was on.

The Hidden Internet takes apart the systems that quietly run the modern web, explained from the inside. No products, just the machinery. Subscribe on YouTube.

watch
The Hidden Internet on YouTube

Every field note starts as a short documentary. Watch the systems in this piece explained on screen.

subscribe →
read on
More field notes

The rest of the series on how the modern internet detects, tracks, and sorts the traffic that reaches it.

browse the archive →