http://cyveillance.com/ ... So these guys are more than likely clicking 2-5% of your links to check for fraud and other things. While I personally admire the goal of these guys, they are literally causing mayhem and anger in the email marketing community, especially for CPC campaigns. Time to raise public awareness with these guys.. does anybody have any further info, even a bot click email would be perfect to scan the mx records so we can remove as much of them as possible (for those who agree they have no right to be auto clicking our links)
I've got an older list. I'll try to remember where I sourced it and update it. I'll email you the list I have. I use it via htaccess to redirect a ton of bad traffic before ever hitting my servers.
Don't block them "before hitting servers"! Allow them to try to open your link, register it in your tracking system (in the same way you register clicks, pixel etc.) and tell them kindly to GTFO in form of "500 internal server error", redirect them to disney.com or smth. Now you pull an email address from your tracking system, mark it as blacklisted and never send to it again. Interesting thing is, in 90% cases that bots "click" spam button. Before even checking your links. We've found a common pattern: send msg. to email address >> several hours later we got FBL from this address >> 20-40min later (in most cases) we see a bot trying to open our link. We observe that exact behavior hundreds times. It can't be human being checking that email address. Since bots are not supposed to be interested in our offers and we don't expect to earn any $$ on them - we don't want to send anything to that addresses again - so we block that emails (if they didn't FBLed out already). Last weeks we observe that unwanted visits from IPs like: 38.127.197.91, ~.112, ~.122, ~.123, ~.124 etc, generaly 38.127.197.* and 209.120.218.192, ~.193, ~.197, ~.199 (209.120.218.*) bots from 38.127.197.* have always the same user-agent: "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" and from 209.120.218.* - "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" geoIPs of that adresses are "USA / 20007 / Washington" and "USA / 20850 / Rockville" and they are always coming from nowhere (it means empty referer) In some cases there are combined visits from both of the above adresses, for example: 2011-04-25 18:57:06 >>> SENT msg. 2011-04-26 07:22:04 [FBL!] 2011-04-26 07:41:09 [blacklisted IP] 38.127.197.91 2011-04-26 11:07:54 [blacklisted IP] 209.120.218.211 2011-04-26 11:07:55 [blacklisted IP] 209.120.218.211 (above is related to the same email address of course) our full blacklist at the moment: 38.100.41.64/26 38.105.109.8/29 38.112.21.0/24 38.118.42.0/24 38.127.197.64/26 63.100.163.0/24 63.148.99.0/24 65.118.41.0/24 65.192.0.0/11 65.213.208.128/27 65.222.176.0/24 65.222.185.0/24 68.48.24.0/24 151.173.221.0/24 207.87.178.0/24 216.32.64.0/24 209.120.218.0/24 Now dive in your logs, tracking data and tell us if you found something interesting
^^ Now that's a solid post! Thanks mumaque, this is the kind of collaboration and information sharing I hope starts growing in this forum. This could save a LOT of people here some un-needed stress and headaches.
A simple javascript redirect would probably fix most of your bot problems without actually requiring you to filter them out. This can be accomplished by making your tracking page a blank HTML page with the JS redirect code in the header as a function and this as your body tag: < body onLoad="jsRedirectFunction();" >< /body >
Agreed, but wouldn't it really help to still record and analyze what's going on? Including which clicks redirect via JS and which ones fail to do so.
You can if you want to, and that's the best way to weed out the bots. This is how to do it: 1) Your click thru URL (the one included in the email) takes the clicker to the HTML transition page with the javascript redirect. 2) Rather than tracking with your clickthru URL, your JS redirect would pass the user to a tracking URL to log the click and forward them to the offer landing page. It's basically 1 extra step to the process. You can log both clicks to compare "bot" vs "human" click thru's on your drops. Some bots do follow javascript but most will not. Some clicks that seem to be a bot may also be a spam checker / URL validator that runs automatically, so I don't think you should auto-suppress bot clicks the first time around. Collect some data over time and then remove the users that ONLY result in bot clicks.