Skip to main content
My preferencesSign out
Proofpoint, Inc.

URL Defense FAQ's

Situation You have questions about URL Defense, such as how it works, how to enable it, and how it will benefit and impact your system.
Summary See the below FAQ's to learn more, including a list of Essentials re-writing scenarios. 

 

Frequently Asked Questions (FAQ)

What packages is URL Defense included in? 
  • URL Defense is included in the Business, Advanced and Professional packages.
When is URL Defense applied?
How is URL Defense enabled or disabled? 
  • URL Defense can be enabled or disabled on the Proofpoint Essentials portal: Navigate to Administration Section > Account Management > Features option. URL Defense is disabled by default.
  • clipboard_e3ad5f19414a1c5d71ccc22c7ced8d7be.png
Are there messages that will not be defended? 
  • URLs contained within Encrypted / protected messages will not be defended.
  • DKIM signed messages are re-written by default. Customers can change their configuration to disable DKIM re-writing.
How can you confirm if a URL has been re-written? 
What happens when a user clicks on a re-written URL? 
  • The user is redirected to the Proofpoint URL Defense service where the URL and website is analyzed.
    • If the URL is considered bad: The user will be shown a page informing them "The website has Been Blocked!".  See bellow:clipboard_ec79c050a9d101eaac5b3cac2537cf866.png
    • If the URL is considered good: The user will be re-directed to the website.
Will all URLs in a message be defended? 
  • URLs located in attachments are not re-written. Please refer to the table below to see additional details.
Is there a noticeable delay when a user clicks on a defended URL? 
  • No. Defended URLs are checked real-time to ensure that the latest status determines it to be safe.
Is URL Defense available for customers on trial? 
  • Yes.
How long will defended URLs continue to work? 
  • Defended URLs will not expire. They will continue to function indefinitely.
  • If the redirection services is not available (i.e., we cannot verify the links reputation) we will redirect to the original link.
Will URL Defense protect a URL that is safe at one-time but becomes compromised later? 
  • Yes. Each time a URL is clicked the status of that URL is verified before the redirect is allowed.
How many URL Defense redirectors are there and is the service highly available?
  • Proofpoint has multiple redirectors per location and across multiple DCs.

Essentials Re-writing Scenarios

Description Example Defended
HTML/Plain Text
Domain without http:// and <a href>

www.somelink.com

Some email clients will make these links clickable despite not being written with proper HTML anchor tags. These URLS are not currently defended in HTML emails.

Y/Y
Domain without www and without <a href>

someline.com

Some email clients will make these links clickable despite not being written with proper HTML anchor tags. These URLS are not currently defended in HTML emails.

Y/Y
Full URL http://www.domain.com Y/Y
FTP Path ftp://www.domain.com Y/Y
URL with complex tracking https://www.domain.com/gp/css/shiptr...6430_TE_typ?ie Y/Y
Attachment Body
(Zipped Text or HTML Document)
  N/N
Attachment Body
(Any other file types)
  N/N
Encrypted/signed (DKIM)   Y/N