Use Sophos DNS names for click tracking
Currently, it is required to whitelist all off Amazon tracking (*.awstrack.me) globally. This presents a potential privacy and security issue as it is so broad.
Amazon allows for and documents how to use alias records so that customers see your DNS names and not Amazon's. It is easier to whitelist all of Sophos than it is to whitelist all of Amazon. As a security company, correcting these perceived issues should be paramount.
See the link to Amazon's documentation for details.
Using AWS tracking, we get errors that Google throws up (not Chrome, but Gmail in multiple browsers) that says it's a suspicious link. A little hard to have that happen at the same time we're trying to run a legitimate phishing campaign.