Email marketers report higher click volumes. Is it because marketers are better now? Sadly, no. The most common user behavior was clicking all links in an email. These were often narrowed down to specific business targets within a customer’s database. Why would a customer or prospect click every link in an email? It doesn’t sound right. This link inspection method is visible because it deviates from human behavior. This type of activity is easy to spot and ignore, but anti-malware detection methods vary.
The issue is email filters inspecting links to prevent malware downloads. This makes it appear as if every recipient clicked every link, when in fact an email filter inspected them. Marketers have known about this filtering behavior for years. This anti-malware method is gaining popularity and causing concern.
How link inspection works and what can be done to improve deliverability.
Anti-Malware Filters in Email
It’s an arms race for anti-malware filters and security providers against bad actors trying to infect users. Although Barracuda Email Security Service was the first to use link inspection as an anti-malware method, others have followed suit.
Examples of link inspection methods are:
- An email’s links are clicked one at a time.
- Clicking of links during delivery or later.
- There may be clicks before the receiving mail server confirms delivery.
- Clicks can lead to website visits or not.
- Some providers inspect all redirected links; all email
- Marketing automation service providers
- Filter click traffic can share IP addresses with legitimate click traffic, making activity reporting impossible.
- For privacy reasons, some filters inspect links from residential IPs instead of business or corporate IPs.
To hide the link inspection activity, the filter will appear as human as possible. This prevents the bad actor from changing the link’s payload after inspection but before the intended recipient clicks it. For marketing automation and email service providers, this behavior makes reporting the link inspection difficult.
How to Increase Your Deliverability
A message that has been flagged as suspicious by other stages of a multilevel filtering process may be subjected to link inspection by some providers. Barracuda has 13 layers of email filtering. Link inspection is a type of filtering. Other aspects of the message or sender may trigger this filter.
Check these things within your engagement platform to maximize deliverability:
- Verify SPF and DKIM email authentication mechanisms for your customers.
- Examine bad sending reputation drivers like acquisition and database management practices.
- Remember that sending to a large number of recipients within the same company can cause link inspection.
- Check for HTML errors.
- Then create a custom flow to ignore anti-malware filter activity in the customer’s reporting.
One risk of ignoring anti-malware link inspections is that patterns may change over time. Hardcoded filtering rules may not be completely effective. To hard code solutions within your marketing automation platform due to this filtering method’s fluidity and rapid evolution. There is need for more research on this issue. Partnerships with filter providers will also help reduce inaccurate reporting from anti-malware link inspections.