Prefetches and Proxies

Jody asks “Are ‘prefetch opens’ and ‘proxy opens’ the same thing?”

Non-human opens

An “open” is just someone (or something) fetching a remote image.

A non-human-interaction (NHI) open is where some sort of automation fetches the image without human interaction – i.e. it’s fetched when the automation feels like it, not triggered by a user opening a message.

Prefetched images

A pre-fetched open is a NHI open where the image is retrieved by some sort of automation prior to the user seeing the email. Describing it as prefetched implies that the users mail client won’t fetch the image again when the mail is read by a human, rather it’ll use that copy of the image it’s already got. (But it’s not always that simple, especially with users with multiple mail clients).

Prefetches provide uncertainty about whether and when the image was seen by a human.

Proxied opens

A proxied open is where the entity that wants an image (maybe a humans mail client, maybe some automation) doesn’t fetch the image directly, rather it asks another system – the proxy – to fetch the image on it’s behalf. That means that the IP address fetching the image will be that of the proxy, and the browser metadata such as user-agent will be that of the proxy.

(The proxy may also modify the image, cache it across multiple users, compress it or do other things – but we don’t care about that so much when we’re talking about opens.)

Proxies provide uncertainty about what IP address a human was using when they saw the email, and what browser or mail client they use (and also eliminate some of the protocol-level tricks that can be used to track users over time and across different websites and mail senders).

Proxy opens are not necessarily NHI – the proxy may be doing work on behalf of a human, or they may be doing it for some automation.

Why not both?

You will often see systems that use both prefetches and proxies. They’re working together to provide uncertainty about whether the image was seen by a human, when it was seen by a human, the IP address (and hence network provider and geographic location) of the user, and any information that could be used to fingerprint and track the user.

All that uncertainty helps to protect the privacy of the user, making it more difficult to profile them and to track their behaviour.

Apple MPP is one of the higher profile mailbox providers that does this, but there are similar elements in other mail systems.