[ipsin]

Yeah, all you need is to encrypt the URL (which includes tracking query parameters), and then the URL you give out is the encrypted blob.

When the web server gets a request, it can validate & decrypt, update any tracking values, and redirect to the real URL.

[altairprime]

Historical patterns with Mail.app on iOS suggests that Apple will simply code something that fetches all such links in order to collect a preview, whether or not the preview is ever shown to the user, just as they do with Mail.app images today when iCloud Private Relay is enabled. At which point the tracking value becomes less than zero, because it pollutes the core dataset attribution “a human saw this”.