URL Defense FAQ's
| Situation | You have questions about URL Defense, such as how it works, how to enable it, and how it will benefit and impact your system. |
|---|---|
| Summary | See the below FAQ's to learn more, including a list of Essentials re-writing scenarios. |
Frequently Asked Questions (FAQ)
What packages is URL Defense included in?
- URL Defense is included in the Business, Advanced and Professional packages.
When is URL Defense applied?
- URL Defense is applied only to inbound mails
Please see the following link for Proofpoint Essentials Mail Flow
How is URL Defense enabled or disabled?
- URL Defense can be enabled or disabled on the Proofpoint Essentials portal: Navigate to Administration Section > Account Management > Features option. URL Defense is disabled by default.
Are there messages that will not be defended?
- URLs contained within Encrypted / protected messages will not be defended.
- DKIM signed messages are re-written by default. Customers can change their configuration to disable DKIM re-writing.
How can you confirm if a URL has been re-written?
- Hover over the URL in the message. It will look like the following if it has been defended: https://urldefense.proofpoint.com/v1/url?=...
What happens when a user clicks on a re-written URL?
- The user is redirected to the Proofpoint URL Defense service where the URL and website is analyzed.
- If the URL is considered bad: The user will be shown a page informing them "The website has Been Blocked!". See bellow:
- If the URL is considered good: The user will be re-directed to the website.
- If the URL is considered bad: The user will be shown a page informing them "The website has Been Blocked!". See bellow:
Will all URLs in a message be defended?
- URLs located in attachments are not re-written. Please refer to the table below to see additional details.
Is there a noticeable delay when a user clicks on a defended URL?
- No. Defended URLs are checked real-time to ensure that the latest status determines it to be safe.
Is URL Defense available for customers on trial?
- Yes.
How long will defended URLs continue to work?
- Defended URLs will not expire. They will continue to function indefinitely.
- If the redirection services is not available (i.e., we cannot verify the links reputation) we will redirect to the original link.
Will URL Defense protect a URL that is safe at one-time but becomes compromised later?
- Yes. Each time a URL is clicked the status of that URL is verified before the redirect is allowed.
How many URL Defense redirectors are there and is the service highly available?
- Proofpoint has multiple redirectors per location and across multiple DCs.
Essentials Re-writing Scenarios
| Description | Example | Defended HTML/Plain Text |
|---|---|---|
| Domain without http:// and <a href> |
Some email clients will make these links clickable despite not being written with proper HTML anchor tags. These URLS are not currently defended in HTML emails. |
Y/Y |
| Domain without www and without <a href> |
someline.com Some email clients will make these links clickable despite not being written with proper HTML anchor tags. These URLS are not currently defended in HTML emails. |
Y/Y |
| Full URL | http://www.domain.com | Y/Y |
| FTP Path | ftp://www.domain.com | Y/Y |
| URL with complex tracking | https://www.domain.com/gp/css/shiptr...6430_TE_typ?ie… | Y/Y |
| Attachment Body (Zipped Text or HTML Document) |
N/N | |
| Attachment Body (Any other file types) |
N/N | |
| Encrypted/signed (DKIM) | Y/N |