Sometimes it might happen that you want to send cookie to your server as part of a request from different domain (website hosted elsewhere). Common example would be a tracking pixels. Tracking pixel is an image (1 pixel transparent gif) that is accessed from different websites just to track visitor clicks. Image is not just an ordinary image but a server side script that logs activity details and sends back image.

To make it work you need website to insert code like:

<img src='http://other.domain/track.php?anyArguments=1' />

Browser requests the image, shows it and everybody is happy. What happens in the background is that server sends the visitor a cookie to allow better tracking. By sending the cookie, server will be able to track sequences of actions and recognize returning visitors etc.

Problem is, that IE wont just let you do all those things. It detects attempt of sending / receiving cookies between domains and prevents it. To allow it, you would need to set additional header while sending your tracking image. This additional header is called P3P (Platform for Privacy Preferences Project) and defines website security policy. Configured properly says 'accept this cookie no matter what domain request comes from, also send cookies back to me no matter what urls you come from'.

Informed about your trust to everybody IE wont object any more and should accept and pass your cookies like a dream. Example of policy headers doing the job:

P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"

Read more:
Description of codes (very useful)
P3P on Wikipedia

There is another way to deal with it. You can create a subdomain of your domain and assign ip to the server serving the image. So if your domain is my.domain.com you create track.my.domain.com and point it to the server that is actually tracking your clicks.

The only problem with this solution is that you will not be able to track clicks between different domains. If you want to see customers going between a few affiliated websites you will have to use external domain name or you wont be able to match them together. Each domain would be tracked separately and there would be no way to put it back together.

Thats why P3P policy and one external domain seems like spimplier and more universal solution.