I concur with the previous posts about ProofPoint.
The U of I campus implemented this several years ago.
I complained. Fell on deaf ears.
Implemented by our security folks. Rationale being that 99% of the campus email
users (i.e., using the campus Exchange server) are either too lazy and/or too
unaware of the dangers of blindly clicking on a URL in their emails.
However, U of I email with a URL in the message body shows the real URL (in blue
and underlined - unless the URL is hidden via the html "<a href=" construct),
but when you move the mouse pointer over the URL, (at least in Thunderbird) the
bottom horizontal box of T-bird (I'm sure it has a more official name) then
shows the long obfuscated urldefense URL.
So, in our case, one can just copy/paste the URL in the message body to a
browser and NOT go thru ProofPoint.
The other aspect of the U of I's ProofPoint config is that it only affects email
composed in HTML format, and since I generally loathe doing that unless
absolutely necessary, I almost always compose in ASCII mode.
So, I suppose this might be a test of how Fermilab has implemented ProofPoint as
I will now include a rather well known URL here (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Ma0w4F56naDITDGkKlQvVJtetzaOiMo7eexfGKNZgfo&s=j_HbB2h_p9zjRUhPqMrTbEdV3hg8KvFr66CCOEJkwDA&e=) and
see how it arrives in your inbox.
:-)
Jon Pruente wrote on 7/24/18 12:33 PM:
On Tue, Jul 24, 2018 at 12:20 PM, Konstantin Olchanski
<olcha...@triumf.ca> wrote:
On Tue, Jul 24, 2018 at 09:39:37AM -0500, Glenn Cooper wrote:
Some people dislike these email manglers because they replace obviously
safe URLs (zzzz://triumf.ca,
https://urldefense.proofpoint.com/v2/url?u=http-3A__bnl.gov&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=9MsrWO_OsZsUg1N098OjP5FVq11d4xFs7FQSsO0fvOg&s=hNpBcmIgNIJC38WgFxk6q0e-BDk3eAeFQnaJXmIOK3Y&e=,
zzzz://gnal.gov, etc)
with magical "eat me" cookies.
Maybe these manglers cut down on nigerian fishing, but I think there
is a net decrease in security because everybody is forced
to click links without knowing exactly where they go.
Another failure of using such a service is that the URLs are now
mangled inside the ProofPoint URL. When at some point in the future
the ProofPoint service is discontinued or is no longer used by
Fermilab (it will happen, some day, one way or another) the URLs that
were originally submitted are lost. A "safe" link and a
non-HTML-sanitized copy of the original URL would be a welcome
safeguard from being hostage to the service for a clean copy of the
URL for several reasons, even to just know what the URL is targeting
along with having the option to not follow the link through the URL
filtering service for tracking and privacy concerns. expressed by
Konsantin.
--
P. Larry Nelson (217-693-7418) | IT Administrator Emeritus
810 Ventura Rd. | High Energy Physics Group
Champaign, IL 61820 | Physics Dept., Univ. of Ill.
MailTo: lnel...@illinois.edu |
https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Ma0w4F56naDITDGkKlQvVJtetzaOiMo7eexfGKNZgfo&s=zuwvjMwO6N3LEFjVQk1g1psUnqgccVLNrF7TNvgHQRY&e=
------------------------------------------------------------------------------
"Information without accountability is just noise." - P.L. Nelson
