Important Update to Filtering bot activity [May 2023]

Sreekanth_Reddy
Marketo Employee
Marketo Employee

Hello Nation,

 

As some of you know we announced the addition of certain IPs to our blocklist as part of our ongoing efforts to combat bot activity (incase you missed here is the blog). However, following customer feedback and further investigation, we have discovered important insights we have decided to revert these changes. 

 

Reasons for Reversion

Upon customers feedback our team started doing more analysis on these new IPs and identified:

  1. IP quality score – confirmed IP address was recently used by Bots.
  2. A large number of click activities – about 50K per IP address per day.
  3. Same user agent across all the IPs and does not vary with lead or subscription.
  4. Click activity at the same time as the delivered activity (sometimes recorded before the delivered activity)
  5. IP addressed are confirmed to be  part of Barracuda Email Gateway Defense - https://campus.barracuda.com/product/emailgatewaydefense/doc/96023036/email-gateway-defense-ip-range...

Since these IPs are part of Barracuda Email Gateway Defense, it's quite possible that even legitimate user clicks are also coming through this gateway. In this case, all requests we are receiving at Marketo Engage infrastructure could be the same IPs for both legitimate clicks and bot clicks for leads who use Barracuda services. 

 

Actions Planned

In response to these findings, we have planned to revert the changes by removing the 16 identified IPs from the blocklist during the week of May 22nd, 2023. We will closely monitor the situation and collect further data to inform any future improvements to our bot handling mechanisms. An email communication has been sent to all admin users last week.

Impact

With the rollback, activities from these IPs will log back into Marketo Engage instances. As a result, customers can expect click rates, open rates, and other related metrics to return to the range they were in before February 14th, 2023.

Note: Activities from these IPs since Feb 14th 2023 cannot be retrieved.

 

FAQ

  • What is your reasoning for this reversion instead of correcting IP filtering?
    Since these IPs are part of Barracuda Email Gateway Defense, it's quite possible that even legitimate user clicks are also coming through this gateway. In this case, all requests we are receiving at Marketo Engage infrastructure could be the same IPs for both legitimate clicks and bot clicks for leads who use Barracuda services. 

  • What will be the impact after the rollback?
    Since the newly added 16 IPs will be removed, activities coming from these IPs will continue to log back into Marketo Engage instances. So, customers might see the click rate, open rate etc coming back to same range as they were before 14th Feb 2023

 

  • Do we have a time frame for future changes (i.e. roadmap of other future improvements to bot handling)
    No time frame finalized yet for the next set of changes

  • What changes are being made to allow us to filter out bot clicks in the interim?
    There is already a couple of patterns introduced into the product to tackle email bot activities - Email bot activity filtering v2
1354
0