Do free email services click links in emails to check for spam?
Summary
What email marketers say11Marketer opinions
Email marketer from Litmus shares that email testing platforms can simulate how different email clients render and scan emails. This can include checking if links are properly formatted and lead to the intended destination, mimicking the behavior of spam filters.
Email marketer from Sendinblue shares that mailbox providers use spam filters, which may include click tracking, to ensure a safe email experience. They evaluate the sender's reputation and the content of the email, sometimes clicking links to verify their safety.
Marketer from Email Geeks mentions that for consumer providers you might not necessarily see the actual provider following those links, but other services. Also consumer providers don’t necessarily have to push all emails through those filers, they might decide to reject or spam filter your emails without the need to follow the links based on other signals and data sources. He also adds to not assume that every “click” you see is an actual human being.
Email marketer from Reddit shares that major email providers like Gmail and Outlook often use automated systems to click links in emails as part of their spam filtering process. This helps them identify potentially malicious websites.
Email marketer from StackExchange explains that various email services and security programs automatically scan URLs in emails to identify potential threats. They might open the URLs to check their content and see if they lead to phishing sites or malware.
Email marketer from MailerLite responds that some email clients and security software scan emails to detect spam and malware. This process might involve clicking links to see where they lead and if the content is safe. However, these clicks aren't from real subscribers.
Marketer from Email Geeks shares that pretty much all ISPs do click links. Depending on many factors these could range from sampling a cluster of messages to clicking almost every link in every message. The hit-rate correlates with sender reputation to some extent and to not expect those clicks to originate from their networks.
Email marketer from Email Marketing Forum mentions that it's common knowledge that email providers click links in emails to check for spam. This helps them to improve their spam filters and protect users from harmful content.
Email marketer from Gmass says that Google is constantly scanning emails in transit for spam and phishing purposes. While they haven't officially stated that they click every link, it's likely that they do some form of link analysis as part of their security measures.
Marketer from Email Geeks shares that consumer domains do it a lot less often, if at all. Most campaigns don't seem to get significant numbers of scanning clicks from consumer domains. He recalls that he hasn't seen those clicks from Google Workspaces recently, but it's not unusual to see spam filter clicks exceed real clicks by 2-3x+ at Office 365, for example.
Email marketer from Neil Patel Digital explains that email providers do scan emails for spam and malicious links. Some providers will open links to verify the destination and assess safety. This is part of their overall spam filtering process.
What the experts say3Expert opinions
Expert from Spamresource.com explains that reputation systems at large providers absolutely use URL reputation in scoring incoming mail. So they may not 'click' but they will absolutely analyze them as part of the delivery decision.
Expert from Word to the Wise shares that they have seen many ISPs are now doing more than just simple click tracking. They are actively loading pages, executing javascript, and seeing what happens.
Expert from Email Geeks says that Microsoft has been clicking all links for almost a year now but it seems to be rotating between different ESPs.
What the documentation says5Technical articles
Documentation from Cisco responds that their email security products scan URLs in emails to protect users from malware and phishing attacks. This includes analyzing the reputation of the website and checking for malicious content.
Documentation from Google explains that Gmail uses sophisticated methods, including link following, to detect phishing and malware. These automated systems analyze links to identify potentially harmful websites and protect users.
Documentation from RFC Editor details that some email providers employ automated systems that check links in emails as part of their spam and phishing detection mechanisms. This may involve visiting the linked pages to assess their content and security.
Documentation from Spamhaus explains that they maintain databases of known spam sources. While they don't directly click links, they gather information about malicious URLs and use this data to help email providers block spam.
Documentation from Microsoft responds that their Safe Links feature in Office 365 scans URLs in email messages to protect against phishing and malware. This involves rewriting URLs and checking them against a list of known malicious sites when a user clicks on them. They also pre-emptively 'detonate' suspect links in a sandbox environment.