Member Hub

    SFMC AES-GCM Migration & Deliverability Crisis

    Incident Summary: Between January 21 and January 25, 2026, Salesforce Marketing Cloud (SFMC) executed a mandatory, non-backward-compatible migration of its link-wrapping infrastructure to remediate critical vulnerabilities (CVE-2026-22582 through 22586).

    Root Cause (Security): Legacy encryption logic utilized hard-coded cryptographic keys and was susceptible to argument injection/protocol manipulation. This allowed potential unauthorized access to subscriber PII via Profile and Subscription Centers by manipulating URL parameters.

    Remediation & “The Nuke”: SFMC transitioned to AES-GCM (Advanced Encryption Standard – Galois/Counter Mode). On Friday, Jan 23, SFMC forcibly expired all legacy links generated prior to Jan 21. This invalidated all tracking, CloudPage, and Unsubscribe URLs in the wild.

    The Deliverability “Double Whammy”:

    1. Header Fragmentation: AES-GCM increased URL payloads from ~180 characters to 580+.
    2. DKIM Invalidation: Microsoft (Outlook/Hotmail) servers have a legacy 999-character boundary for data strings. The bloated URLs in the List-Unsubscribe headers triggered unintended line breaks, corrupting the message body and breaking DKIM signatures. This caused a 99% bounce rate to MSFT domains until a patch was applied on Sunday, Jan 25.
    3. Gmail Filter Glitch: Simultaneously (Jan 24), a heuristic glitch in Google’s spam engine began flagging the long, encrypted Salesforce strings as malware obfuscation, triggering “Phishing” banners on legitimate traffic.

    System Persistence Risks:

    • CRM Truncation: Standard Salesforce CRM Text (255) fields used to store tracked URLs are now silently truncating the longer AES-GCM strings, rendering them non-functional in Sales Cloud.
    • Integration Failure: AMPScript functions like CreateSFObject or MicrositeURL may fail if downstream systems have character limits.

    Required Post-Mortem Actions:

    • Republish all “Evergreen” Journeys and Automations to force link re-wrapping.
    • Upsize CRM URL fields to Text Area (Long).
    • Define a “Custom Redirect” in SFMC Parameter Manager to capture legacy link traffic.
    Share it :
    Picture of Andrew Bonar
    Andrew Bonar
    Andrew is the co-founder of emailexpert.

    Subscribe

    Personalise your own newsletter

    Step 1 of 3

    What would you like to receive?

    Pick the option that suits you best. You can always change this later.

    Categories

    ..

    Vendor Directory

    Latest Posts

    logo-emailexpert
    List Your Business