About URL Defense
URL Defense leverages the advanced power of Proofpoint Targeted Attack Protection, the industry’s most effective defense against
advanced threats, stops and blocks malicious URLs. When enabled, all incoming email is scanned by Proofpoint and all URLs contained are replaced with an alternate Proofpoint URLs. This ensures that when the URL is clicked, its destination safety can be verified in real-time.
Enable/Disable URL Defense
To enable URL Defense:
- In the Account Management section, click Features.
- Locate the Enable URL Defense checkbox.
- Check the checkbox to the right of Enable URL Defense.
- Click Save.
To disable URL Defense:
- In the Account Management section, click Features.
- Locate the Enable URL Defense checkbox.
- Uncheck the checkbox the right of Enable URL Defense.
- Click Save.
Customize URL Defense Settings
To access URL Defense settings:
- In the Security Settings section, click URL Defense.
- Adjust your organizations settings as needed (See table below).
- Click Save.
URL Defense Settings
|
Setting |
Description |
Additional Notes |
|---|---|---|
|
Re-write URLs that are located in DKIM signed messages |
DKIM is an email validation system designed to detect email spoofing. It provides a mechanism to allow mail systems to check that incoming email from a domain has not been modified during transport. Many hosted mail systems today employ this technique in their email delivery process. If this setting is enabled URLs found in DKIM signed messages will be re-written. DKIM validation will fail as a result of this setting. |
This setting is enabled by default. If you are experiencing delivery issues as a result of DKIM failures, you can disable this setting. |
|
Re-write URLs that are not located in an anchor tag |
Anchor tags <a> are used in HTML to tell a browser or email client where to direct the user when a piece of content, such as a website URL, is clicked. For example: This anchor tag <a href="http://www.bobsbooksupplies.com">Click Here</a> will appear as Click Here when viewed in an email browser or email client. Some email clients will make any URL that appears in a message, such as www.bobsbooksupplies.com or http://www.bobsbooksupplies.com, clickable without the need for an anchor tag. If this setting is enabled, these links will be re-written. As a result, they will appear as follows: https://urldefense.proofpoint.com/v2...ksupplies.com&... |
Proofpoint recommends you enable this setting. |
|
Exclude URLs that contain specified domains/IP addresses |
You can specify one or more domains and/or IP addresses that, when found in a message URL, will not be re-written. For example: If the entry bobsbooksupplies.com appeared in the list then the URL: http://www.bobsbooksupplies.com would not be re-written |
Proofpoint recommends you limit the use of this exclusion policy. |
|
Exclude active domains associated with this organization |
If this setting is enabled all active domains registered to this organization will not be re-written when found in a message URL. |
|
|
Exclude re-writing emails that are sent by specified senders |
You can specify one or more senders whose emails will not be re-written. |
Proofpoint recommends you limit the use of this exclusion policy. |
|
Exclude re-writing bare IP addresses in plain text emails |
If this setting is enabled, bare IPs (e.g., http://123.123.123.123) will not be re-written. Bare IPs are common when receiving auto generated log/event related emails. |
Proofpoint recommends you disable this setting. |
|
Exclude re-writing URLs in plain text emails |
In HTML emails, URLs are typically masked behind a friendly link (e.g., click here will be displayed instead of http://www.bobsbooksupplies.com). Plain text emails do not offer this ability and, as a result, users will see re-written URLs (https://urldefense.proofpoint.com/v2...plies.com&...\). |
Proofpoint recommends you disable this setting.
|
Carlos Rios
Comments