Barracuda filters clicking all links

Earlier this month I mentioned that a number of people were seeing issues with multiple links in emails being clicked by Barracuda filters. I invited readers to contact me and provide me with any information or evidence they had. Not only did a number of senders contact me, but one of the support reps at Barracuda also contacted me.
At issue is a part of the Barracuda email filter call the intent filter. There are 3 different modules to this filter.

• Intent analysis – Markers of intent, such as URLs, are extracted and compared against a database maintained by Barracuda Central.
• Real-Time Intent Analysis – For new domain names that may come into use, Real-Time Intent Analysis involves performing DNS lookups against known URL blocklists.
• Multilevel intent analysis – Use of free websites to redirect to known spammer websites is a growing practice used by spammers to hide or obfuscate their identity from mail scanning techniques such as Intent Analysis. Multilevel Intent Analysis involves inspecting the results of Web queries to URLs of well-known free websites for redirections to known spammer sites.

According to Barracuda support it is the multilevel intent analsysis module responsible for clicks on links. From the behavior descriptions I’ve seen from different people, it appears at least some ESP click tracking domains are included in the “redirectors” category.
Barracuda recommends users keep both settings on, and each setting is defaulted to on. Barracuda users can access the configuration panel through  Basic -> Spam checking -> Intent.
There are a couple things that senders should remember when considering the impact on their email marketing programs.

1. This behaviour is not going to change engagement rates as calculated at ISPs. Barracuda is a filter that’s used primarily at businesses and unlike ISPs, businesses (and the filters directed at that market) don’t include engagement in their delivery decision making process.
2. This behaviour may affect one-click unsubscribe links. If clicking the link in an email automatically processes the unsubscribe, then Barracuda may unsubscribe users without their knowledge.
3. This behaviour may affect opt-in confirmation links.

Marketers can prevent accidental unsubscribes by adding a confirm button on the visited web page and requiring a second click before processing the unsubscribe.
Confirmations are a little more difficult, as senders really do want to keep the transaction as low friction as possible. Adding a confirm button may result in people abandoning the confirmation process.
Auto clicks may be identifiable because all or most of the links in an email are clicked. Many marketers track how active a link is and links that are not often clicked may be markers for auto clicks. Another suggestion some senders are trying is to set up a “stealth” link, that human readers won’t see or click on but that parsing software might. Clicks on that link are a sign that the click was not done by the recipient.
While right now this appears to be limited to Barracuda filters, I expect more filters will adopt this behaviour over time. Some ISPs may even start following links to some URLs. This is one of those cases where the anti-virus technique is actually not a bad practice, even when it creates issues for senders. I recommend senders put some thought into how to identify auto-clicks and compensate for them in statistics and engagement measures.