new strangeness with O365

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

new strangeness with O365

Fazzina, Angelo

Hi, wanted to ask if anyone has this issue and how they deal with it ?

 

My work email is on O365 and we just turned ATP and EOP on so emails with URLS

are being rewritten. That is fine, but my issue is with plain text emails from

this list.

when they come in i get the rewritten hyper link in the email instead of the URL

that was posted in the email. You are supposed to hover the mouse over the URL and then see the link below.

this big mess below is supposed to just be

http:// www. postfix.org/postconf.5.html #reject_unknown_client_hostname

 

O365 seems to work fine when emails are in html and it does it’s rewriting black magic….

 

https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.postfix.org%2Fpostconf.5.html%23reject_unknown_client_hostname&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Cc19b58d8248e42ba3c3708d5b85340c2%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636617590067449013&sdata=guRSNY3sghtANvzcdtLMMfUCjXhdVgnNIgoDjRb%2BvQM%3D&reserved=0

 

-ANGELO FAZZINA

 

ITS Service Manager:

Spam and Virus Prevention

Mass Mailing

G Suite/Gmail

 

[hidden email]

University of Connecticut,  ITS, SSG, Server Systems

860-486-9075

 

Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365

Noel Jones-2
On 5/17/2018 9:40 AM, Fazzina, Angelo wrote:

> Hi, wanted to ask if anyone has this issue and how they deal with it ?
>
>  
>
> My work email is on O365 and we just turned ATP and EOP on so emails
> with URLS
>
> are being rewritten. That is fine, but my issue is with plain text
> emails from
>
> this list.
>
> when they come in i get the rewritten hyper link in the email
> instead of the URL
>
> that was posted in the email. You are supposed to hover the mouse
> over the URL and then see the link below.
>
> this big mess below is supposed to just be
>
> http:// www. postfix.org/postconf.5.html #reject_unknown_client_hostname
>
>  
>
> O365 seems to work fine when emails are in html and it does it’s
> rewriting black magic….
>
>  
>
> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.postfix.org%2Fpostconf.5.html%23reject_unknown_client_hostname&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Cc19b58d8248e42ba3c3708d5b85340c2%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636617590067449013&sdata=guRSNY3sghtANvzcdtLMMfUCjXhdVgnNIgoDjRb%2BvQM%3D&reserved=0
>
>  
>
> -ANGELO FAZZINA
>

The ability to hover on a link and see something depends on html
code in the message, so this feature isn't possible in a plain text
mail.

It seems counterproductive to rewrite a plain-text link...  I don't
know it there's a setting in the O365 controls to avoid mangling
plain text, so you may have to live with it.



  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365

Kris Deugau
Noel Jones wrote:
> The ability to hover on a link and see something depends on html
> code in the message, so this feature isn't possible in a plain text
> mail.

... especially if the "feature" relies on Javascript to work.
Personally that's one of the very first things I do when I have reason
to do a fresh install of Thunderbird or Seamonkey;  allowing active
Javascript to execute in, from, or around an email message is just
asking for trouble and IMO any support for it should never have been
added to email clients in the first place.

-kgd
Reply | Threaded
Open this post in threaded view
|

RE: new strangeness with O365

Fazzina, Angelo
Hi, I'm not sure but this may be getting off topic but here goes.

I use full Outlook client and I think I have it setup to make new emails in Plain text, other options are RTF and HTML.
I am guessing replies come back in same format, but could easily be changed by replying client.

I guess I can change my client to HTML and see if future posts to the list that I get with links, come in normal or not.

Thanks.

-ANGELO FAZZINA

ITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

[hidden email]
University of Connecticut,  ITS, SSG, Server Systems
860-486-9075


-----Original Message-----
From: [hidden email] <[hidden email]> On Behalf Of Kris Deugau
Sent: Thursday, May 17, 2018 12:52 PM
To: postfix users <[hidden email]>
Subject: Re: new strangeness with O365

Noel Jones wrote:
> The ability to hover on a link and see something depends on html
> code in the message, so this feature isn't possible in a plain text
> mail.

... especially if the "feature" relies on Javascript to work.
Personally that's one of the very first things I do when I have reason
to do a fresh install of Thunderbird or Seamonkey;  allowing active
Javascript to execute in, from, or around an email message is just
asking for trouble and IMO any support for it should never have been
added to email clients in the first place.

-kgd
Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365

Noel Jones-2
On 5/17/2018 11:57 AM, Fazzina, Angelo wrote:
> Hi, I'm not sure but this may be getting off topic but here goes.
>
> I use full Outlook client and I think I have it setup to make new emails in Plain text, other options are RTF and HTML.
> I am guessing replies come back in same format, but could easily be changed by replying client.
>
> I guess I can change my client to HTML and see if future posts to the list that I get with links, come in normal or not.

Please don't.  That won't change how messages from the list look to
you, and will make your html-ized messages harder for everyone else
to read.



  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365

Mike Guelfi
In reply to this post by Noel Jones-2

Quoting Noel Jones <[hidden email]>:

> On 5/17/2018 9:40 AM, Fazzina, Angelo wrote:
>> Hi, wanted to ask if anyone has this issue and how they deal with it ?
>>
>>  
>>
>> My work email is on O365 and we just turned ATP and EOP on so emails
>> with URLS
>>
>> are being rewritten. That is fine, but my issue is with plain text
>> emails from
>>
>> this list.
>>
>> when they come in i get the rewritten hyper link in the email
>> instead of the URL
>>
>> that was posted in the email. You are supposed to hover the mouse
>> over the URL and then see the link below.
>>
>> this big mess below is supposed to just be
>>
>> http:// www. postfix.org/postconf.5.html #reject_unknown_client_hostname
>>
>>  
>>
>> O365 seems to work fine when emails are in html and it does it’s
>> rewriting black magic….
>>
>>  
>>
>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.postfix.org%2Fpostconf.5.html%23reject_unknown_client_hostname&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Cc19b58d8248e42ba3c3708d5b85340c2%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C0%7C636617590067449013&sdata=guRSNY3sghtANvzcdtLMMfUCjXhdVgnNIgoDjRb%2BvQM%3D&reserved=0
>>
>>  
>>
>> -ANGELO FAZZINA
>>
>
> The ability to hover on a link and see something depends on html
> code in the message, so this feature isn't possible in a plain text
> mail.
>
> It seems counterproductive to rewrite a plain-text link...  I don't
> know it there's a setting in the O365 controls to avoid mangling
> plain text, so you may have to live with it.
>
>
>
>   -- Noel Jones

The worst of it is, MS are inserting themselves in the transaction so
they get to track which links you click in emails.

There's a good security reason to do so but the problem I have with it
is the opt out isn't a setting, it's a support request to Microsoft to
ask them to please allow you to get email as written. The FAQ attempts
to discourage you from trying, vis:

     =========================================
     Can I deactivate these security features?
     =========================================

     To provide the best protection for your account, these features
are on by default
     and not designed to be turned off. You can contact our customer
service team via
     in-product support to have them deactivate the features on your
behalf, but we do not recommend it.

--
Mike.

Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365

Daniele Nicolodi
On 5/17/18 3:59 PM, Mike Guelfi wrote:

> Quoting Noel Jones <[hidden email]>:
>> It seems counterproductive to rewrite a plain-text link...  I don't
>> know it there's a setting in the O365 controls to avoid mangling
>> plain text, so you may have to live with it.
>>
>>
>>
>>   -- Noel Jones
>
> The worst of it is, MS are inserting themselves in the transaction so
> they get to track which links you click in emails.
>
> There's a good security reason to do so

What MS does is to "check" (whatever that entails) the URL and then
respond to the HTTP client with a redirect. I can envision a very simple
mechanism for which the response served to the MS robot that verify the
URL is different from the one served to other clients.

Can you please elaborate on what are the "good security reasons" for
which that is a good idea and not simply a form of user tracking?

Thanks. Cheers,
Dan
Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365 (THREAD CLOSED)

Viktor Dukhovni


> On May 17, 2018, at 7:53 PM, Daniele Nicolodi <[hidden email]> wrote:
>
> Can you please elaborate on what are the "good security reasons" for
> which that is a good idea and not simply a form of user tracking?

This is not a Postfix topic and should move to another list.

[ FWIW, this type of indirection is used to protect users from
  visiting malicious websites, the tecnique is somewhat effective ]

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365 [OT]

Mike Guelfi
In reply to this post by Daniele Nicolodi

Quoting Daniele Nicolodi <[hidden email]>:

> On 5/17/18 3:59 PM, Mike Guelfi wrote:
>> Quoting Noel Jones <[hidden email]>:
>>> It seems counterproductive to rewrite a plain-text link...  I don't
>>> know it there's a setting in the O365 controls to avoid mangling
>>> plain text, so you may have to live with it.
>>>
>>>
>>>
>>>   -- Noel Jones
>>
>> The worst of it is, MS are inserting themselves in the transaction so
>> they get to track which links you click in emails.
>>
>> There's a good security reason to do so
>
> What MS does is to "check" (whatever that entails) the URL and then
> respond to the HTTP client with a redirect. I can envision a very simple
> mechanism for which the response served to the MS robot that verify the
> URL is different from the one served to other clients.
>
> Can you please elaborate on what are the "good security reasons" for
> which that is a good idea and not simply a form of user tracking?
>
> Thanks. Cheers,
> Dan

It's at least a reputation service, which means that if they notice it go
bad after they've already sent you the email, they can still block it when
you attempt to click through on their server.

They might be expending some actual effort like sandboxing to inform their
reputation server, or user reporting, etc. But either way it's better from a
service delivery perspective to allow the email before the testing is complete
and hope you click the link afterwards. They have no warranty on the service
anyway so no downside to them.

That said; I have still asked them to turn it off.

I got a 1st level human to acknowledge it's been escalated, but
nothing else so far.

I think this thread is starting to be wildly OT though...

--
Mike.
Reply | Threaded
Open this post in threaded view
|

Re: new strangeness with O365 (THREAD CLOSED)

Postfix User-2
In reply to this post by Viktor Dukhovni
On Thu, 17 May 2018 20:05:16 -0400, Viktor Dukhovni stated:

>> On May 17, 2018, at 7:53 PM, Daniele Nicolodi <[hidden email]> wrote:
>>
>> Can you please elaborate on what are the "good security reasons" for
>> which that is a good idea and not simply a form of user tracking?  
>
>This is not a Postfix topic and should move to another list.
>
>[ FWIW, this type of indirection is used to protect users from
>  visiting malicious websites, the tecnique is somewhat effective ]

Thank you Victor. Informative responses as opposed to FUD are always welcomed.

--
Jerry