Bot Finder dashboard
The Bot Finder dashboard shows everything detected by InboxEagle’s bot analysis pipeline after you connect Bot Finder to your Amazon SES account. Use it to understand how much of your engagement data is real versus bot-driven, identify patterns in bot activity, and review individual detection events.
Open the dashboard from the left sidebar under AWS SES → Dashboard, or go to app.inboxeagle.com/aws-ses/dashboard.
Connection status
Section titled “Connection status”A status indicator at the top of the page shows whether Bot Finder is actively connected to your AWS account:
| Status | Meaning |
|---|---|
| Connected | Bot Finder is ingesting and analyzing SES events |
| Pending | Connected but no events received yet |
| Error | Connection issue — check ARN permissions or SES configuration set |
| Disconnected | Bot Finder has been disconnected; set up again to resume |
If you see an error state, visit Bot Finder troubleshooting for remediation steps.
Metric cards
Section titled “Metric cards”The six metric cards at the top of the dashboard summarize bot detection results for the selected date range.
| Card | What it shows |
|---|---|
| Total analyzed | All email events (opens + clicks) processed by the Bot Finder pipeline |
| Bots detected | Events classified as bot (score ≥ 40) |
| Suspicious | Events classified as suspicious (score 25–39) — possible bots, lower confidence |
| Human opens | Open events classified as human (score < 25) |
| Real open rate | Opens attributed to humans as a percentage of total analyzed |
| Real click rate | Clicks attributed to humans as a percentage of total analyzed |
Understanding bot inflation
Section titled “Understanding bot inflation”Bot inflation is the gap between your reported engagement metrics and your real engagement:
- Bot open inflation = (Bot opens ÷ Total opens) × 100
- Bot click inflation = (Bot clicks ÷ Total clicks) × 100
High bot inflation (>30%) means your ESP’s reported open and click rates are significantly overstated. Use the real open rate and real click rate from Bot Finder for accurate decisions about content, send time, and list segmentation.
Date range filter
Section titled “Date range filter”Use the date range control above the charts to change the analysis window:
- 7 days — Recent activity; good for day-to-day monitoring
- 30 days — Default; balanced view for campaign reviews
- 90 days — Trend analysis; useful for spotting seasonal patterns
- Custom — Choose any start and end date
All charts and cards update immediately when you change the range.
Events chart
Section titled “Events chart”The events chart displays all detected events over time, plotted as a line chart with three series:
| Series | Description |
|---|---|
| Human | Events classified as human engagement |
| Suspicious | Events with moderate bot confidence (score 25–39) |
| Bot | Events with high bot confidence (score ≥ 40) |
Chart interactions:
- Zoom — Click and drag on the chart to zoom into a date range
- Pan — After zooming, drag left or right to pan through time
- Reset zoom — Double-click to return to the full range
Spikes in the Bot series often coincide with:
- Security scanner pre-fetching (corporate gateways scanning email links)
- Apple Mail Privacy Protection (MPP) loading open pixels before users read the email
- Campaigns sent to stale lists with a high proportion of inactive addresses
Bot trend chart
Section titled “Bot trend chart”The bot trend chart shows the percentage of bot traffic over time as a proportion of all analyzed events. Use it to:
- Track whether bot rates are stable, increasing, or decreasing
- Identify specific campaigns that attracted unusually high bot activity
- Correlate bot spikes with list segments, campaign types, or send times
A steady bot rate of 10–25% is typical for senders using shared IPs with standard list hygiene. Rates above 40% consistently indicate a structural issue — often a stale list, aggressive security scanning, or a provider with high proxy usage.
Recent detections
Section titled “Recent detections”The Recent detections table lists individual events classified as bot or suspicious, with the most recent first. Each row shows:
| Column | Description |
|---|---|
| Time | When the event occurred |
| Type | Open or Click |
| Verdict | Bot Bot, Suspicious Suspicious, or Human Human |
| Score | Bot confidence score (0–100) |
| Top reason | The primary detection rule that fired (e.g. “Apple MPP”, “Cloud IP”, “Sub-second open”) |
| IP address | The IP address of the event |
| Recipient | The email address of the recipient (partially masked for privacy) |
Bot classification levels
Section titled “Bot classification levels”Bot Finder uses a 0–100 confidence score. Classification thresholds:
| Score range | Classification | Meaning |
|---|---|---|
| 0–24 | Human | Very low bot confidence; treat as real engagement |
| 25–39 | Suspicious | Moderate signals; may be a bot or privacy proxy |
| 40–100 | Bot | High confidence; exclude from engagement metrics |
The score is computed by a 6-layer pipeline that combines deterministic rules, behavioral analysis, IP intelligence, cross-tenant reputation, and per-recipient history. See Bot Finder advanced configuration for details on the scoring model.
Open bots vs click bots
Section titled “Open bots vs click bots”Use the Open bots and Click bots sub-views (accessible from the dashboard navigation) to see bot activity broken down by event type.
Open bots are the most common:
- Privacy proxies (Apple MPP, Gmail Image Proxy) pre-load images without human intent
- Security gateways scan for malicious content by loading tracking pixels
Click bots are rarer but more impactful to your metrics:
- Security scanners follow all links in an email to check for phishing or malware
- Link-clicking bots inflate click rates more severely than open bots
When a bot opens an email but a real human clicks later (a common pattern), Bot Finder records this as a machine-first / human-followup sequence and counts the click as a real human engagement.
Activity log
Section titled “Activity log”The Activity log (accessible from the Bot Finder sidebar under Activity) shows a raw chronological list of all processed events — both bot and human — with full metadata. Use it for:
- Auditing specific campaigns
- Investigating anomalies flagged in the events chart
- Exporting data for your own analysis
Reports
Section titled “Reports”The Reports section (accessible under Bot Finder → Reports) lets you generate summary reports covering a selected date range. Reports include:
- Total events analyzed and classification breakdown
- Bot and suspicious event percentages
- Top detection reasons
- Top bot-generating IPs and ASNs
- Per-campaign bot rates (if campaign data is available)
Next steps
Section titled “Next steps”- Bot Finder setup — Connect Bot Finder to AWS SES
- Bot Finder troubleshooting — Diagnose connection and data issues
- Bot Finder advanced configuration — Customize thresholds, rules, and delivery methods
- AI Intelligence Agent — Ask natural-language questions about your bot data