RE: new strangeness with O365 [OT] --TESTING

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

RE: new strangeness with O365 [OT] --TESTING

Fazzina, Angelo
I'm conducting a test to see if the URL rewrite issue is better, for me anyway.
Please ignore.
Test =  http://postfix.1071664.n5.nabble.com/new-strangeness-with-O365-td96344.html

Should be  http:// postfix.1071664.n5.nabble.com /new-strangeness-with-O365-td96344.html

-ANGELO FAZZINA

ITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

[hidden email]
University of Connecticut,  ITS, SSG, Server Systems
860-486-9075


-----Original Message-----
From: [hidden email] <[hidden email]> On Behalf Of Mike Guelfi
Sent: Thursday, May 17, 2018 8:12 PM
To: [hidden email]
Subject: Re: new strangeness with O365 [OT]


Quoting Daniele Nicolodi <[hidden email]>:

> On 5/17/18 3:59 PM, Mike Guelfi wrote:
>> Quoting Noel Jones <[hidden email]>:
>>> It seems counterproductive to rewrite a plain-text link...  I don't
>>> know it there's a setting in the O365 controls to avoid mangling
>>> plain text, so you may have to live with it.
>>>
>>>
>>>
>>>   -- Noel Jones
>>
>> The worst of it is, MS are inserting themselves in the transaction so
>> they get to track which links you click in emails.
>>
>> There's a good security reason to do so
>
> What MS does is to "check" (whatever that entails) the URL and then
> respond to the HTTP client with a redirect. I can envision a very simple
> mechanism for which the response served to the MS robot that verify the
> URL is different from the one served to other clients.
>
> Can you please elaborate on what are the "good security reasons" for
> which that is a good idea and not simply a form of user tracking?
>
> Thanks. Cheers,
> Dan

It's at least a reputation service, which means that if they notice it go
bad after they've already sent you the email, they can still block it when
you attempt to click through on their server.

They might be expending some actual effort like sandboxing to inform their
reputation server, or user reporting, etc. But either way it's better from a
service delivery perspective to allow the email before the testing is complete
and hope you click the link afterwards. They have no warranty on the service
anyway so no downside to them.

That said; I have still asked them to turn it off.

I got a 1st level human to acknowledge it's been escalated, but  
nothing else so far.

I think this thread is starting to be wildly OT though...

--
Mike.