I concur with the previous posts about ProofPoint.
The U of I campus implemented this several years ago.
I complained. Fell on deaf ears.
Implemented by our security folks. Rationale being that 99% of the campus email
users (i.e., using the campus Exchange server) are either too lazy and/or too
unaware of the dangers of blindly clicking on a URL in their emails.
However, U of I email with a URL in the message body shows the real URL (in blue
and underlined - unless the URL is hidden via the html "<a href=" construct),
but when you move the mouse pointer over the URL, (at least in Thunderbird) the
bottom horizontal box of T-bird (I'm sure it has a more official name) then
shows the long obfuscated urldefense URL.
So, in our case, one can just copy/paste the URL in the message body to a
browser and NOT go thru ProofPoint.
The other aspect of the U of I's ProofPoint config is that it only affects email
composed in HTML format, and since I generally loathe doing that unless
absolutely necessary, I almost always compose in ASCII mode.
So, I suppose this might be a test of how Fermilab has implemented ProofPoint as
I will now include a rather well known URL here (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.google.com_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Ma0w4F56naDITDGkKlQvVJtetzaOiMo7eexfGKNZgfo&s=j_HbB2h_p9zjRUhPqMrTbEdV3hg8KvFr66CCOEJkwDA&e=) and
see how it arrives in your inbox.
:-)
Jon Pruente wrote on 7/24/18 12:33 PM:
> On Tue, Jul 24, 2018 at 12:20 PM, Konstantin Olchanski
> <[log in to unmask]> wrote:
>> On Tue, Jul 24, 2018 at 09:39:37AM -0500, Glenn Cooper wrote:
>> Some people dislike these email manglers because they replace obviously
>> safe URLs (zzzz://triumf.ca, https://urldefense.proofpoint.com/v2/url?u=http-3A__bnl.gov&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=9MsrWO_OsZsUg1N098OjP5FVq11d4xFs7FQSsO0fvOg&s=hNpBcmIgNIJC38WgFxk6q0e-BDk3eAeFQnaJXmIOK3Y&e=, zzzz://gnal.gov, etc)
>> with magical "eat me" cookies.
>>
>> Maybe these manglers cut down on nigerian fishing, but I think there
>> is a net decrease in security because everybody is forced
>> to click links without knowing exactly where they go.
>
> Another failure of using such a service is that the URLs are now
> mangled inside the ProofPoint URL. When at some point in the future
> the ProofPoint service is discontinued or is no longer used by
> Fermilab (it will happen, some day, one way or another) the URLs that
> were originally submitted are lost. A "safe" link and a
> non-HTML-sanitized copy of the original URL would be a welcome
> safeguard from being hostage to the service for a clean copy of the
> URL for several reasons, even to just know what the URL is targeting
> along with having the option to not follow the link through the URL
> filtering service for tracking and privacy concerns. expressed by
> Konsantin.
>
--
P. Larry Nelson (217-693-7418) | IT Administrator Emeritus
810 Ventura Rd. | High Energy Physics Group
Champaign, IL 61820 | Physics Dept., Univ. of Ill.
MailTo: [log in to unmask] | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Ma0w4F56naDITDGkKlQvVJtetzaOiMo7eexfGKNZgfo&s=zuwvjMwO6N3LEFjVQk1g1psUnqgccVLNrF7TNvgHQRY&e=
------------------------------------------------------------------------------
"Information without accountability is just noise." - P.L. Nelson
|