So what's the problem? There's no issues with doing this,
except for people who choose the option to accept cookies from the
originating domain only.. There's no way to track the session from
an external site using the URL unless that external site is
tracking it for you, like you've done in your example. You'll need
to be really clever here if you want to avoid some issues.
Otherwise you can hope people are accepting cookies from any source
and move on knowing that your results may not be all that accurate
if reliable sessions is what you are after.
Turn on cookie alerts and browse around and see how many
times your prompted to accept cookies from ad.doubleclick.net, or
open an email advertisement and look at the source and see how many
images have your email address or some type of unique referral in
them to track if you've opened the email or not. This is a widely
used technique, and one that a lot of spyware filters help people
avoid. Keep all this in mind when you exercise the reliability of
this technique.