Jun 14, 2026 · 8 min read
Email Tracker for Gmail: Find and Block Them (2026)
Most Gmail users have no idea an email tracker is firing the moment they open a message. No notification, no warning — just a silent request to an external server logging your IP address, device type, and the exact timestamp you read the email. Roughly 70% of marketing emails contain at least one tracking element. This guide explains how they work, which extensions block them, and how to verify what's in your inbox right now.
Key Takeaways
- Approximately 70% of marketing emails contain at least one tracking pixel, according to Litmus research.
- Gmail's image proxy (images.google.com), introduced in 2013, caches remote images but does not block tracking — cached opens still fire once per cache miss.
- Chrome extensions using the
declarativeNetRequestAPI intercept tracking requests before they leave the browser, which is how pixel-blocking extensions work. - Custom tracking subdomains (e.g.,
track.yoursender.com) defeat static domain blocklists — auto-updating blocklists are the more durable defense. - Stripping redirect links — not just pixels — is the critical capability most free tracker blockers skip.
How Do Email Trackers for Gmail Actually Work?
An email tracker is a 1×1 transparent GIF or PNG embedded in the email body. The image tag's src attribute points to an external server controlled by the sender's ESP or sales tool. When Gmail renders the email, your browser fetches that image. The server receives the request, logs it, and the sender gets notified: opened, at 9:14 AM, on a MacBook, in Chicago.
Redirect link tracking works differently. Instead of pointing directly to a destination URL, every link in the email routes through a tracking domain first — something like click.hubspot.com/track/redirect/.... Clicking that link pings the sender's server before forwarding you to the actual page. The sender sees which links you clicked, when, and from what device.
What Gmail's Image Proxy Does (and Doesn't Do)
In December 2013, Google started routing all email images through its own proxy at images.google.com. The stated goal was security — scanning images for malware. A useful side effect: your real IP address is no longer exposed to the sender when images load.
This is commonly misread as "Gmail blocks trackers." It does not. The proxy caches the image after the first fetch, which means the tracking pixel fires at least once per cache miss. Senders with sophisticated setups rotate pixel URLs to defeat caching. Google's proxy masks your IP but leaves open tracking, device fingerprinting via user-agent, and link-click tracking entirely intact.
How Sales Tools Generate Custom Tracking Domains
Tools like Apollo, Outreach, HubSpot, and Mailtrack don't always use their own root domain for tracking. Many generate custom subdomains tied to the sender's own domain — track.acmecorp.com instead of go.apollo.io. This is deliberate: it looks more trustworthy and, critically, defeats any blocklist that works from a fixed list of known tracking domains. A static list that blocks go.apollo.io will miss track.acmecorp.com entirely.
The Most Common Email Trackers in Gmail
These are the tracking tools you're most likely to encounter:
- Mailtrack — a Gmail extension used by millions of individuals and small sales teams; inserts a double-checkmark icon and a
mailtrack.iopixel. See Is Mailtrack Safe? How to Block It in Gmail (2026) for the full breakdown. - HubSpot — embeds pixels and redirect links through
hubspotemail.netand related domains; standard in B2B outreach. - Salesforce / Pardot — uses
pardot.comand custom client subdomains; common in enterprise sales. - Apollo.io — a sales intelligence platform with aggressive open and click tracking. See Is Apollo.io Tracking Your Email? How to Block It.
- Outreach — used by SDR teams; tracks opens, clicks, and reply sentiment. See Is Outreach Tracking Your Email? How to Block It.
- Woodpecker — cold email automation for B2B sales; embeds an HTTPS pixel in every send by default, with bot filtering to confirm human reads. See Is Woodpecker Tracking Your Email? How to Block It.
- Mailchimp — the most widely used email marketing platform; open tracking is on by default in every campaign. See Does Mailchimp Track Email Opens? How to Block It.
- Constant Contact — pixel-based open tracking baked into every send. See Is Constant Contact Tracking Your Email? How to Block It.
This is not a complete list. Any ESP (email service provider) that reports open rates to senders is using a pixel to generate those rates.
How to Find Email Trackers Manually (Gmail "Show Original")
If you want to verify a specific email contains a tracker without installing anything, Gmail exposes the raw message source.
- Open the email in Gmail.
- Click the three-dot menu (top-right of the message) and select Show original.
- In the raw HTML, search (
Ctrl+F/Cmd+F) for1x1,width="1",height="1", or known tracking domains likemailtrack.ioorhubspotemail.net. - Check
<a href>tags that route through a tracking domain before reaching the real destination — the URL pattern is usuallytracker.domain.com/track/click?url=....
This works, but it's tedious to do message by message. A Chrome extension automates the same detection across every email automatically.
Gmail Tracker-Blocker Extensions: Honest Comparison
Four extensions are worth evaluating. Here's how they actually differ on the capabilities that matter:
| Extension | Free | Blocks pixels | Strips redirect links | Auto-updating blocklist | Stays in Gmail |
|---|---|---|---|---|---|
| Gblock | ✓ | ✓ | ✓ | ✓ | ✓ |
| Ugly Email | ✓ | Flags only | ✗ | ✗ | ✓ |
| PixelBlock | ✓ | ✓ | ✗ | ✗ | ✓ |
| Trocker | ✓ | ✓ | Partial | ✗ | ✓ |
Ugly Email shows a small eye icon on tracked emails in your inbox list before you open them — genuinely useful for deciding whether to open. It does not block the tracker from firing when you do open it.
PixelBlock is a solid, lightweight pixel blocker. The original Manifest V2 build stopped working when Chrome deprecated MV2; the current listing has been ported to Manifest V3. No protection for redirect link tracking.
Trocker works across Gmail, Outlook.com, and Yahoo Mail — an advantage if you use multiple webmail services. Its heuristic detection catches some unknown trackers that domain-list blockers miss. Redirect link stripping is partial and inconsistent.
HEY (by Basecamp) and Proton Mail are sometimes listed here but are email services, not Gmail extensions — switching means leaving Gmail entirely, which is out of scope for most people evaluating tracker blockers.
For a more detailed breakdown, see How to Block Email Tracking in Gmail (2026 Comparison).
How Gblock Works Technically
Gblock runs as a Chrome extension using Chrome's declarativeNetRequest API — the same API described in Google's official Chrome extensions documentation. Unlike the older webRequest API (which evaluated every request in JavaScript, creating latency), declarativeNetRequest processes blocking rules natively in the browser engine before the request leaves your machine. The result is faster blocking with less CPU overhead.
When you open an email in Gmail, Gblock intercepts any outbound requests matching its blocklist before they reach the tracking server. The sender's analytics platform never receives a ping. For redirect links, Gblock rewrites the href to point directly to the destination URL, stripping the tracking hop entirely. Each blocked tracker is logged per message, so you can see exactly which tool was tracking you and from which sender.
How to Install and Use Gblock
- Install from the Chrome Web Store — search "Gblock" or navigate directly to the listing. Click "Add to Chrome."
- Open Gmail — Gblock activates automatically inside Gmail. No configuration required.
- Open any email — if the message contains trackers, Gblock blocks them silently and shows a count in the message toolbar indicating what was blocked and which service sent it.
- Click links normally — any link that originally routed through a tracking domain is rewritten inline. You go directly to the destination; the sender's click-tracking server is bypassed.
No email migration, no new inbox to manage. Your Gmail stays exactly as it is.
Why an Auto-Updating Blocklist Matters More Than a Static One
Static blocklists work against well-known, stable tracking domains. Block mailtrack.io, block go.apollo.io, done — until the sender changes it.
Enterprise sales tools increasingly let users configure custom tracking subdomains on their own domain. track.bigclient.com is indistinguishable from a legitimate first-party resource to any extension working from a fixed list. The tracking subdomain wasn't on the list when the extension was built and it never will be — because it was generated for that specific sender's account.
An auto-updating blocklist pulls new entries as new tracking infrastructure is discovered, including custom subdomains that pattern-match known tracking setups. The gap between a static list and an updated one widens every quarter as more senders configure custom subdomains to improve deliverability and evade blockers. If you're evaluating any tracker-blocker extension, checking when its blocklist was last updated is worth the thirty seconds it takes — and if the answer is "it doesn't update," you know exactly what you're getting.