Hi,
One thing that I've found to prevent the mangling of links in my outgoing
mail is to include a line like:
<begin pgp signed message to disable safelinks/>
You can see that I add it in my signature.
Basically, even Microsoft realizes that they can't mess with PGP signed
messages without making a lot of customers unhappy. They have a sloppy
method of detecting PGP signed messages. So, including anything that
is detected as a PGP signed message will prevent safelinks from
munging a message.
This points out one of the biggest security concerns about safelinks.
Namely, that users are being trained to blindly click on large,
unintelligible "safe" links. Eventually spearfishers are going to realize
that they can get around the URL munging and present users with a link
that looks a lot like a munged link. This URL munging is very bad for
e-mail security.
Cheers,
Ron
--
The more I learn about proprietary software, the more I worry that objective
truth might perish from the earth. -Paul Romer
<begin pgp signed message to disable safelinks/>
On Tue, 15 Jan 2019, Howard, Chris wrote:
Date: Tue, 15 Jan 2019 22:29:51 +0000
From: "Howard, Chris" <[email protected]>
To: "[email protected]" <[email protected]>
Subject: MS Outlook adding excessive encrusting excrescence to list URLs
Just a note for testing.
Recently our corporate Outlook email was changed so that all
embedded URLs from this source get slathered with a protective coating
of unintelligible goop.
And I’ve been forced to change my mail editor preference to HTML
from plain text so that Skype for Business meeting links will
get sent in the meeting request.
So I’m sending the email to get an email back from the list to see
if the URL mangling was because the input was plain text or
if Microsoft is just a bad email neighbor.
