a close up of a user clicking on their laptop while simultaneously using their smart phone

The Hidden Benefits of Bot Clicks and Proxy Opens for Deliverability

Bot clicks and proxy opens don't have to be frightening for marketers. Learn how to glean important deliverability signals from these automated actions.
Article Outline

When email marketers hear about bot clicks and proxy opens, they often think of inflated metrics and distorted reports. These clicks can be frustrating as they distort performance metrics, making the click rate an unreliable indicator of engagement. As a marketer, the goal is to measure real user interactions, not automated activity. But what if these seemingly problematic signals can also provide valuable insights?

Before we dive into the benefits, let’s clarify what these terms mean and outline the difference between a proxy open and a bot click. 

What is a bot click?

A bot click happens when an email security system scans and clicks on links within an email before it reaches the recipient’s inbox (often immediately after the email is sent). Bots are commonly used within specific organizations, meaning all recipients sharing the same root domain may be impacted. Systems like Mimecast or Microsoft Defender often perform these actions to detect phishing attempts or scan for malicious links. 

What is a proxy open?

A proxy open occurs when an email is opened via a security system or privacy filter rather than by the actual recipient. These opens often happen in corporate security systems (like Proofpoint or Barracuda). A proxy open also includes other privacy-focused email clients that prevent tracking. Notably, Apple Mail Privacy Protection (MPP) which automatically loads images, including tracking pixels, to mask user activity.

How can marketers use bot click and proxy open metrics?

These metrics can become easily inflated, and can potentially create noise. But they can also offer useful insights into deliverability. Instead of dismissing them as bad data, marketers can utilize them to confirm active inboxes, improve sender reputation, and adjust tracking methods to focus on real engagement. Here’s how:

  • Confirm deliverability: The email was delivered and wasn’t flagged as spam or phishing. Nice work! 
  • Assess list hygiene: Security system activity confirms that an inbox is neither abandoned nor deactivated. Even if the recipient’s engagement is in question, you know that the email address is valid. Further, you’ve followed important technical requirements because you were accepted by the recipient’s organization.
  • Establish a baseline: Since both proxy opens and bot clicks remain consistent, you can use them to set a baseline. Then, any variations from that norm can alert you to potential deliverability concerns.
  • Watch for blocklist signals: A lack of inflated opens could mean you have been added to a blocklist and security bots aren’t checking the email because the server assumes you’re a malicious actor.
  • Understand ISP sender reputation: Bot and proxy clicks signal that email providers like Gmail, Outlook, and Yahoo consider you a legitimate sender.

Though there are benefits to understanding these inflated metrics, it’s essential to adjust how you measure success. Use these engagement signals to help identify currently active email addresses and continue to keep proxy-opened emails on your list because they indicate a live inbox! But because we can’t treat proxy opens as direct engagement, be sure to track other actions like visiting landing pages, website visits, and form submissions to differentiate bot clicks from real engagement.

a woman in an airport works on a laptop in a black and white image accented with yellow
Bot clicks and proxy opens aren’t a reason for marketers to panic: they can be useful signals in and of themselves.

Mitigate false engagement signals from bot clicks and proxy opens

Bots tend to click on random links, which can distort engagement metrics and lead to inaccurate results. To mitigate this, consider implementing a few key strategies.

One effective approach is embedding an invisible link within emails—since real users won’t see or interact with it, any clicks can be attributed to bots, making it easier to filter out automated activity. Additionally, to improve the unsubscribe process and prevent accidental opt-outs, replace the 1-click method with a two-step confirmation. This requires users to verify their unsubscription on a dedicated landing page, ensuring intentional action while also providing an opportunity to offer alternative options, such as adjusting email preferences or reducing email frequency.

As you can see, many of these inflated interactions are to protect end users. Email marketers have learned that even though these interactions do not come from real users, they can still offer valuable insights if you know how to interpret them. Soon, Act-On will launch True Open, a proprietary feature that uses AI to provide clarity into the origins of automated vs. human clicks.

By understanding the benefits of these automated interactions, email marketers can fine-tune their reporting, optimize deliverability, and build more accurate engagement strategies.

What's New?