[Shared Blog]: I Want to Believe, But: Your Email Link Clicks Aren’t Real

....backchannel to the leading bot security vendors to negotiate whitelisting marketo servers.

The mail security vendors should never even consider this. Since Marketo doesn't do any egress filtering, you can send any link, including a link to a phishing site.

I wanted to go ahead and piggyback on this particular thread, as there's a new complexity at play: an anti-spam measure has been updated by at least one company in the past couple of weeks to fully load pages in emails, including with JavaScript. Right now, because the IPs looking at this are Azure-based, it's a straightforward process to remove them by not loading Munchkin on Azure IPs and/or screening those IPs out of Marketo activities, but this sort of development is worth keeping an eye on.

More information is at https://www.demandlab.com/insights/blog/want-believe-butyou-cant-coast-anti-spam-measures-year-ago/

Sandy, check out Courtney's new blog post.  Does this explain the multiple clicks/visits activities that were being captured in our test lead record the other day?  For what it's worth, we're in a O365 environment at Avanade. 

It might be also helpful to point out that every link in our Outlook environment is wrapped in a "safelinks.protection.outlook.com" URL (with the actual URL referenced as a URL parameter).

This has been the case for awhile, as if they weren't running JS they wouldn't be able to follow tracked links to start with. They're headless browsers after all.

Yes--the difference now is that they're using headless browser sessions instead of just doing DNS resolution, essentially. It's been pretty uncommon prior to this new wave of activity.

It was never just DNS, though. They followed the tracking redirect using JS. (And sometimes ran JS on the next hop, too.)

So I've read through each comment and am still confused on the current best method to combat false positives.

Is it Dan Stevens​' approach using the Visited Web Page flow? Is it using utm parameters on every link?

Sanford Whiteman​ I'm also curious about the method you're testing to track the user clicks vs automated clicks.

Sanford Whiteman I'm also curious about the method you're testing to track the user clicks vs automated clicks.

I'll surely get to documenting it but I have an absurd amount of projects running at the same time, and blogging is hard, gotta get your diagrams tight and everything.

On the other hand, walking you through it live is pretty easy, so if you want to DM me I can show you what it is.