I guess that someone has posted this before but I couldn’t find it so thought I would share.
As you will be aware at the moment all reporting of opens and clicks currently delivers a number of false positives due to systems like Barracuda and Proofpoint opening them and clicking on the emails. while we can block IPs that we know are those used by these types of tool this will also remove any legitimate opens by the user.
having looked at the data I noticed that in most cases these opens/clicks happen almost instantly once the email has been delivered (within 1 minute if not seconds) of the sent time.
This got me thinking. through the report function there is an option to report on delay to open. If you add this option to the report and then add a filter that points to this fields and filter out any opens that happen within (say) 1 minute of the send I successfully managed to remove almost all of those bots from the report but still received data for those individuals who opened the email after it had passed through the receivers email filters.
It’s by no means perfect but thought I would share as it may help others having the same issue. Obviously, I am aware that this would also remove legitimate openers within 1 minute but in my experience, this is few and far between so providing me with better results.
If there are any other / better solutions out there I would be interested to learn how you guys are doing it.
I guess the ideal solution would be to add a setting in config that would allow you to filter out email bots by filtering out the 1st minute of known bot IP’s