惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
云风的 BLOG
云风的 BLOG
M
MIT News - Artificial intelligence
WordPress大学
WordPress大学
T
Tailwind CSS Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
Secure Thoughts
博客园 - 【当耐特】
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
博客园 - 司徒正美
Last Week in AI
Last Week in AI
C
Cybersecurity and Infrastructure Security Agency CISA
P
Privacy & Cybersecurity Law Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
B
Blog
The GitHub Blog
The GitHub Blog
小众软件
小众软件
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Spread Privacy
Spread Privacy
Martin Fowler
Martin Fowler
博客园 - 叶小钗
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Tenable Blog
S
Securelist
博客园 - 三生石上(FineUI控件)
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Security Blog
Microsoft Security Blog
Apple Machine Learning Research
Apple Machine Learning Research
罗磊的独立博客
T
Threat Research - Cisco Blogs
Application and Cybersecurity Blog
Application and Cybersecurity Blog
F
Full Disclosure
Cloudbric
Cloudbric
The Cloudflare Blog
Y
Y Combinator Blog
Hugging Face - Blog
Hugging Face - Blog
Microsoft Azure Blog
Microsoft Azure Blog
H
Hacker News: Front Page
腾讯CDC
L
Lohrmann on Cybersecurity
C
CERT Recently Published Vulnerability Notes
V2EX - 技术
V2EX - 技术
GbyAI
GbyAI
TaoSecurity Blog
TaoSecurity Blog
I
Intezer
The Last Watchdog
The Last Watchdog
G
GRAHAM CLULEY
Google Online Security Blog
Google Online Security Blog
T
The Blog of Author Tim Ferriss

Buttondown's blog

Email could have been X.400 times better The physicists who convinced Fermilab to send Brazil's emails Better in-app previews Analytics 3.0 Subscriber ID variables Comments! Send latest premium action Automation filtering Free API subscribers Surveys in automations Reply to replies Labels for RSS feeds How Jeremy Singer-Vine curates curious datasets for readers 2023 (and what's next) Email vs web content Sort by engagement Better gift subscriptions How Andy Dehnart built a career reviewing television New email template Email-based automations Opt-in reply tracking Automatic alt text More social network integrations Sort by metadata Overlarge image warnings Automation tag actions Pause emails mid-flight Search tags and automations Gift via automations Subscriber-driving emails Programmatic webhooks Email page views Tag statistics Discord webhook formatting Automatic subscriber cleanup RSS subscriber count Weekly subscriber reports More list columns Customizable list views How Max Voltar turned a side gig into a trusted keyboard resource How Nick Disabato runs two newsletters from one design consultancy Made-for-you share images Automation improvements End-of-email surveys Filter by date Survey-triggered automations More automation functionality New webhooks How France Insider built a news service with paid subscribers Email as primary key How John Willshire unites two businesses in one newsletter Confirmation reminders Email churned subscribers Email-to-draft Subscriber metadata columns ChatGPT integration Faster web archives Referral program Better search results TikTok embeds Subscriber timeline Spotify embeds Improved RSS-to-email Subscribe page OG image New analytics page Google Tag Manager Even more subscriber types Integrating Duda with Buttondown Linktree integration guide Advanced and enterprise plans Framer integration guide API requests page Team collaboration In-email surveys Better CSS settings Better RSS automation fetching! Editor toolbar improvements Smart filters Faster emails page RSS automations Faster email analytics Zapier error codes Image accessibility checks Tags vs newsletters OG image picker Image editor improvements API bulk actions Improved OpenAPI spec Mastodon support Better subscriber filtering Better subscriber validation Hotkey support! Programmatic access to analytics Stronger bulk actions Faster archive page Custom canonical URLs Email slug and metadata Improved writing interface Generating a Typescript router in Django Filter emails by source
Why we insourced analytics
Justin Duke · 2025-12-03 · via Buttondown's blog

In late March, we put out an innocuous changelog entry announcing that our tracking infrastructure was now our own. The body of the entry was fairly non-descript: I wanted to find a quieter time to talk about the how and why, and that time is now.


Buttondown, just like most other platforms, relies on vendors like SendGrid or Postmark to actually handle the SMTP side of sending emails. These vendors also offer link and open tracking that they manage and inject on your behalf. Some platforms use these directly; others roll their own implementation. For a long, long time (five years!) we were the former.

This decision — to rely on Mailgun or whomever for click tracking — made sense at the time, but grew more painful as time passed:

  1. We currently send outbound emails through five different vendors, and standardizing the events across all five became increasingly annoying.
  2. The performance of tracking events was suboptimal, as we had to rely on webhooks to relay the events to our own servers.
  3. The privacy posture of outsourcing this is suboptimal relative to "owning this thing end to end".

Moreover: the benefits of outsourcing this, as valid as they are early on, became increasingly diluted as we scaled: as other parts of our application matured, our ability to handle spiky traffic, detect bots, and so on became less hinterlands-shaped and more like solved problems ready for re-use.

Okay but literally how did you do it

The beautiful part about a lot of this work is that it is, from a programming perspective, fairly simple.

For instance! Here is the entire implementation of our open tracking endpoint:


from django.http import HttpResponse
from django.http.request import HttpRequest
from ipware import get_client_ip

from emails.models.asynchronous_action.model import AsynchronousAction
from emails.models.subscriber.actions import track_open


def view(request: HttpRequest, compressed_id: str) -> HttpResponse:
    ip_address = get_client_ip(request)[0]
    user_agent = request.META.get("HTTP_USER_AGENT")
    compressed_payload = track_open.compress(
        track_open.Payload(
            compressed_id=compressed_id,
            ip_address=ip_address,
            user_agent=str(user_agent),
        )
    )
    AsynchronousAction.enqueue(
        track_open.__name__,
        [compressed_payload],
    )
    return HttpResponse()

"Okay", you say. "That's cheating. That just proxies out to a background job. Show me the background job."

That's the point! The background job was already implemented because we were using 95% of it for the email events from the vendors themselves. All we're doing is cutting out the middleman.

Don't don't roll your own

You always hear people in software development say you should never roll your own X. "Never roll your own auth or crypto or emails." There are very good and rational reasons not to mess with those. But you can’t throw the baby out with the bathwater. As you mature as an engineer or an engineering organization, you’ve got to start asking yourself which rules you're accomplished enough to break. (Or, as I've written on my personal blog: the people telling you not to roll your own thing tend to benefit from your instead asking them to handle it for you.)

The truth is that Jack Donaghey is right: vertical integration unlocks synergies. Here are some basic examples of things we get to do now that we've insourced this stuff:

  1. Start populating our database of IPs and user agents of bots to help strengthen our spam detection for subscription traffic.
  2. Surface conversion funnels for individual archive pages.
  3. Throttle (or accelerate) email sending in real time based on engagement metrics.

And all of this stuff is, in the background, cheaper and safer and more private.

Two cakes

Running a software company tends to be about trade-offs. You can try and move quickly at the cost of stability, performance, or polish. You can raise prices and increase short-term revenue, but at the cost of growth and customer goodwill. You can do a feature freeze and focus solely on performance and bug fixes for a month or two, but then you slow down your enterprise sales.

But! Every so often an option presents itself that allows you to have your cake and eat it too. This was one such option: we got to decrease tech debt, increase performance, improve our security posture, and decrease costs, all at the same time. And the only downside is that "success" looks like nothing changed at all, which gives me the opportunity to blog about it.