Feedback by UserVoice

How can we improve compliance or protect your users better in Office 365?

← Office 365 Security & Compliance

Fix ATP safelinks

Advanced Threat Protection Safelinks is not always working correctly and putting users off legitimate links as the whole link text is rewritten rather than the underlying hyperlink. For example, take this support email from Citrix.

Thank you for contacting GoToMyPC Global Customer Support. A customer support representative will respond to you shortly. Your case number for reference is 09452941. Please do not reply to this email.

Please feel free to visit our support site at https://emea01.safelinks.protection.outlook.com/?url=http%3a%2f%2fsupport.citrixonline.com%2fGoToMyPC&data=01%7c01%7cnick.ioannou%40rgp.uk.com%7c2d3df5049c2e4c5a2e7a08d34419aa0d%7ce5f0406515b54ab9b46a8792ebe60f01%7c0&sdata=zAEOz1mYOuGzVM7Fm5VNmGDPBTvzodjWer2fofeKbnQ%3d for quick answers to your most common questions.

Thank you,

Global Customer Support

Citrix Online Division: https://emea01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.citrixonline.com&data=01%7c01%7cnick.ioannou%40rgp.uk.com%7c2d3df5049c2e4c5a2e7a08d34419aa0d%7ce5f0406515b54ab9b46a8792ebe60f01%7c0&sdata=XrvG7%2b9J6uZ9XVCNiS7IuCif87ykDQtqdRFFY8bZpq4%3d Citrix Systems, Inc.
Citrix Online Product Support Center: located at https://emea01.safelinks.protection.outlook.com/?url=http%3a%2f%2fsupport.citrixonline.com&data=01%7c01%7cnick.ioannou%40rgp.uk.com%7c2d3df5049c2e4c5a2e7a08d34419aa0d%7ce5f0406515b54ab9b46a8792ebe60f01%7c0&sdata=NlrYx4KV%2f6HTKXC4XiqerJJegTKb%2fNDDL8hpJcYTewg%3d

Connect with us on Twitter: @GoToMyPC, @GoToAssist, @GoToMeeting, @GoToWebinar, @GoToTraining

33 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Nick Ioannou shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

3 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Ian Veach commented  ·   ·  Flag as inappropriate

    In case Microsoft doesn't understand hypertext, a link is composed of two parts - the href and the link text. ATP should be rewriting the href as appropriate. It should not be rewriting the link text - that is not in the spirit of hypertext, nor helpful in that the link text should provide an easy to read context for the href.

    Some might argue that the user is "not safe" if they see the unchanged link text, or that it doesn't match the href. It never WAS supposed to match - they are different entities of the link. The point of ATP is to rewrite the href to a safe one, not obfuscate via encoding the textual clue for the link. I would argue you've made it far more unsafe with it being difficult to read the visual clue of the link text.

    If this was a plaintext email that remained plaintext, the URL should be unchanged. It it is converted by email client or even an MTA, the rule should still apply: Keep the unconverted text as the link text and convert it into the ATP link for the href.

    $0.02.

  • Douglas Plumley commented  ·   ·  Flag as inappropriate

    If this is a plaintext email I think it's expected to see ATP rewrite the text/hyperlink as they aren't separate like with a HTML message.

Office 365 Security & Compliance

Categories

Feedback and Knowledge Base

(thinking…)

Related Sites