Email bounced and marked as invalid but the person clicked.

It's possible it was clicked by a bot or similar. There's a discussion related to this here: https://nation.marketo.com/message/117598#comment-117598

Hey Irene, [oob] bounces are "out of bounds" which means that it's just the response that the receiving server is returning -- which is completely out of your (or Marketo's) control. I doubt there are many of

I doubt there are many bounces like this occurring, but you could set up a smart list that you review periodically, or a triggered smart campaign for someone who clicks a link in an email where email invalid = true (probably with a email invalid cause contains OOB), and send yourself an alert.

A specific scenario is like so:

1. The recipient domain's MX server accepts an incoming connection from Marketo.  (This is the in-band stage as distinguished from later out-of-band communication.) This particular MX doesn't have an up-to-date list of the existing mailboxes (mailbox = LHS = left-hand-side of the email address) at that domain for some reason.  But since the message contents, header, and initial connection info all pass muster, the server accepts the message, despite not knowing for sure if there is a corresponding inbox on the final mailbox server.
2. Because the MX accepted the message, Marketo must log a Delivered activity, since that is a correct accounting of activity at that point.
3. The MX forwards the message to the next-hop server, which might be the mailbox server itself or an another intermediate anti-spam scanner.
4. The next-hop server begins a prefetch of the links in the email, which is when the bot Click activity is logged.
5. The links all check out (though the damage has been done with the synthetic Click) so the message is accepted for delivery.
6. After getting the final all-clear, the system then looks up the LHS of the message (this could even happen in parallel with the prefetch) and realizes the user doesn't exist, so an OOB bounce is generated.
7. Marketo updates the activity log w/the OOB bounce.

Note the whole process above can happen in a matter of seconds, so it's possible for the order in the log to be not exactly representative of the execution order.

There are some other permutations as well, but the general tenor is the same: not validating the address in-band, letting anti-abuse checks run, then being forced to send an OOB bounce.  Like Dory said, this should be a rare occurrence.  These days it's a downright misconfiguration to not validate the LHS in-band (it was always something to avoid if you could, but not always a signal of a overall bad system) although in some cases, such as temporary maintenance during which a less-capable backup system is used, it may still be necessary.

A far-remote other possibility is that the OOB bounce is synthetic and punitive, that is, the email did not pass all checks, but the receiver is pretending the mailbox does not exist.  This would be a really stupid config on their part -- no two ways about it -- but mail admins (I was one for many years) can have some strange ideas about how to enforce their rules (n.b. not "their company's" rules ).

Hi Irene, I have seen emails marked as OOB but the person did receive it. Unfortunately it's just up to whatever response the recipient's server sends out at that point. Again -- super rare (and we average 1.6m emails/week), but it happens.

The intent is that it always looks like a human click -- otherwise the services aren't doing their job, since they could easily be sidestepped by an attacker.

The only way I can think of to have them run through something just 2x is to create two separate campaigns. They're allowed to run through each one 1x, and the second campaign requires them to be a member of the first campaign to qualify.

We had a person fill out a form and then did not receive the email that included a link to the download. They got to the form from another email that we sent to them. So some emails are getting thru and others like this are getting marked with "550 [internal] [oob] The recipient is invalid." How is this possible?