Why am I seeing spam filter clicks with Hotmail and Outlook.com?

Key findings

• New behavior: Microsoft's free consumer email accounts (Hotmail, Outlook.com) are now exhibiting immediate clicks and opens, mimicking known behaviors from enterprise-level spam filters.
• Testing phase: This appears to be part of a testing phase by Microsoft, where they selectively scan and follow links from different ESPs or senders.
• Safe links: For premium subscribers or those with linked paid Office subscriptions, Outlook.com automatically enables Safe Links, which pre-scans URLs in emails for malicious content.
• Data impact: These artificial clicks inflate engagement metrics, making it harder for senders to accurately assess campaign performance and user engagement. For more details on this, see how to identify artificial email opens and clicks.

Key considerations

• Accurate metrics: ESPs and senders need to adapt their tracking methods to filter out these bot-generated clicks for more accurate reporting. Learning how to combat spam filter and bot clicks is crucial.
• Deliverability: While these clicks do not directly indicate a deliverability problem, they are a symptom of Microsoft's ongoing efforts to enhance security, which can indirectly impact how emails are handled. You can find more information about this at Email Click Bots Causing a Click Surge?
• Adaptation: Email marketers should stay informed about these evolving spam filter behaviors to maintain effective email strategies.

Key opinions

• Widespread issue: Many marketers report seeing non-human interaction from Microsoft recipients, indicating a broad trend.
• Targeted scanning: Microsoft appears to be targeting specific network spaces, seemingly at random, for these pre-scans.
• ESPs and filtering: There's a recognized need for ESPs to implement methods to filter out these spam filter clicks to provide more accurate reporting to their clients.
• Distorted metrics: The primary concern for marketers is the distortion of engagement metrics, which impacts campaign optimization and strategic decisions. Learn more about inflated clicks in ESP reporting.

Key considerations

• Metric re-evaluation: Marketers should re-evaluate how they interpret open and click rates, especially for Microsoft domains, and consider alternative engagement indicators.
• Segmentation: Consider segmenting data by domain to identify specific patterns of bot activity from Hotmail and Outlook.com.
• User experience: Even with bot clicks, maintaining good sender reputation and providing valuable content remains essential for user-driven engagement.
• Spam filter interaction: Understand that the spam filter (or blocklist) can affect how emails are received, even before a user interacts with them. Users can also manually adjust their Hotmail and Outlook spam settings.

Key opinions

• Security measure: These pre-clicks are a legitimate security feature, designed to protect users from phishing and malware by scanning links.
• Impact on metrics: It's crucial for senders to understand that these are not genuine user interactions and should be filtered out when analyzing campaign performance.
• Sender reputation: While directly unrelated to sender reputation, consistently delivering to the inbox despite these scans indicates good standing. Issues like incomplete authentication records (SPF, DKIM, DMARC) can lead to emails being marked as spam. More information is available on fixing Outlook & Hotmail deliverability issues.
• Industry trend: This behavior is part of a broader trend among major mailbox providers to pre-scan email content for security purposes, affecting more than just Microsoft domains.

Key considerations

• Advanced analytics: Implement sophisticated analytics to distinguish genuine human clicks from automated security scans, potentially by analyzing user agent strings, IP addresses, and time-based click patterns. This aligns with understanding large upticks in bot clicks.
• Focus on conversions: Shift focus from raw open/click rates to deeper engagement metrics and conversions that indicate actual user interest and interaction beyond the initial email.
• Authentication: Ensure all email authentication protocols (SPF, DKIM, DMARC) are correctly configured and monitored, as strong authentication helps in reliable inbox placement, even with evolving spam filter behavior.
• Monitoring deliverability: Regularly monitor deliverability to Microsoft domains using tools that provide insights into filtering decisions, not just reported clicks.

Key findings

• Automated security: Email providers like Microsoft (Outlook.com) utilize automated systems that pre-click links to check for malicious content, especially for premium users.
• Safe links feature: Outlook.com's 'Safe Links' feature, often automatically enabled for certain accounts, is a primary driver of these pre-clicks. This feature can be managed through Outlook.com's settings.
• Protection mechanism: The core purpose of these clicks is to protect end-users from phishing, malware, and other cyber threats by preemptively scanning URLs.
• Filtering efficacy: These security layers are designed to work in conjunction with other spam and blocklist filters to enhance overall email security.

Key considerations

• Deliverability impact: While intended for security, the interaction of these systems with sent emails can sometimes lead to emails being marked as spam if authentication or reputation is weak. Reviewing Outlook and Hotmail deliverability issues can offer further insight.
• Sender best practices: Adhering to strict email authentication (SPF, DKIM, DMARC) and maintaining a high sender reputation are paramount to ensure legitimate emails bypass these filters efficiently.
• Email content: The content and formatting of emails can influence how they are perceived by these automated systems, impacting whether they trigger security scans.