On Fri, 3 Jun 2022 at 14:05, Paul Gilmartin <0000042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote:
> "urldefense.com" is another thing I'd distrust. What's their business model? I think there are roughly three business models for these things. 1) Like Microsoft's safelinks.com, urldefense[sic].com (aka proofpoint) is part of a package sold to businesses to help protect their employees from phishing emails. As such, the URLs are replaced on *incoming* email to those employees,but are then not unmangled on forwarded or replied-to mail. We see these a lot on these lists. As well, they doubtless take advantage of the flow of links for their own purposes, even if they don't directly sell them on to advertising companies. 2) The url shorteners have been around for a lot longer, and once served a genuine purpose. I think tinyurl.com was the first, and there are a zillion more. But they have all become just data capturers, with the only business model being selling your data to the advertising/data brokerage infrastructure. (Well, there may be a few who provide the sender-paid service of tracking who clicks on the URLs - I've noticed IBMers sometimes use these. But I can't imagine they don't also sell the data on.) 3) And then there are the mailing/marketing list operators, of which, sadly, Lsoft seems to have become one. Constant Contact is a prominent one, but there are a zillion. They send bulk emails - in theory solicited, but in practice they often cross the line into spam. Of these three only type (1) have decodable URLs, and they generally even document how to do it, and some provide websites or little JS or python programs. By decodable, I mean that the original URL can be extracted from the mangled one without doing a database lookup. Types (2) and (3) either don't have or at least don't document how to do this,and so decoding requires disclosing data to the provider. > They get to inspect too much of your web traffic. I never, ever, click directly on a URL in an email. Or on FB, for example. Copy, unmangle, remove tracking. Then click. And as we've seen many times, these things get stacked. So a URL shortener is wrapped by urldefense or safelinks or any number of others. I don't know if the type (1) wrappers look for their competitors and avoid double wrapping. I think Lsoft would do us all a favour if it (optionally) unwrapped all the URLs it can - certainly of type (1). It could even do types (2) and (3) and by effectively aggregating the data, avoid connecting the ultimate clicker with the creator of the mangled URL. Maybe Lsoft accepts RFEs. But who are their customers these days? Presumably not the end users of their mailing lists... Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN