Subject: | |
From: | |
Reply To: | |
Date: | Wed, 16 Jan 2019 08:53:18 -0500 |
Content-Type: | multipart/mixed |
Parts/Attachments: |
|
|
Hi,
One thing that I've found to prevent the mangling of links in my outgoing
mail is to include a line like:
<begin pgp signed message to disable safelinks/>
You can see that I add it in my signature.
Basically, even Microsoft realizes that they can't mess with PGP signed
messages without making a lot of customers unhappy. They have a sloppy
method of detecting PGP signed messages. So, including anything that
is detected as a PGP signed message will prevent safelinks from
munging a message.
This points out one of the biggest security concerns about safelinks.
Namely, that users are being trained to blindly click on large,
unintelligible "safe" links. Eventually spearfishers are going to realize
that they can get around the URL munging and present users with a link
that looks a lot like a munged link. This URL munging is very bad for
e-mail security.
Cheers,
Ron
--
The more I learn about proprietary software, the more I worry that objective truth might perish from the earth. -Paul Romer
<begin pgp signed message to disable safelinks/>
On Tue, 15 Jan 2019, Howard, Chris wrote:
> Date: Tue, 15 Jan 2019 22:29:51 +0000
> From: "Howard, Chris" <[log in to unmask]>
> To: "[log in to unmask]" <[log in to unmask]>
> Subject: MS Outlook adding excessive encrusting excrescence to list URLs
>
>
> Just a note for testing.
>
>
>
> Recently our corporate Outlook email was changed so that all
>
> embedded URLs from this source get slathered with a protective coating
>
> of unintelligible goop.
>
>
>
> And I¢ve been forced to change my mail editor preference to HTML
>
> from plain text so that Skype for Business meeting links will
>
> get sent in the meeting request.
>
>
>
> So I¢m sending the email to get an email back from the list to see
>
> if the URL mangling was because the input was plain text or
>
> if Microsoft is just a bad email neighbor.
>
>
>
>
>
>
>
|
|
|