Re: urldefense.us URLs?

[Kevin Peterson via Tech-talk <tech-talk at aps.anl.gov>]

It is perceived to be a security improvement.  The irony of using the 
same approach that scammers use to "protect" against spamming is very 
apparent when Thunderbird reports a URL mismatch (see attached image).

Kevin

On 3/5/24 00:37, Gerrit Kühn via Tech-talk wrote:
> Am Mon, 4 Mar 2024 17:43:43 +0000
> schrieb "Johnson, Andrew N. via Tech-talk" <tech-talk at aps.anl.gov>:
>
> > The uldefense URL wrappers are now being added to all messages sent to
> > the tech-talk at aps.anl.gov list from outside of Argonne. I have no
> > control over them, that's due to a recent DOE mandate and not something
> > that the Argonne security people are at liberty to remove AFAIK.
>
> Ironically, these links turn out to be pretty much unusable without further
> processing for me. When looking at the plaintext with my mailclient, the
> links to not work as the trailing "$" is not recognised as part of the
> link. So I end up at https://urldefense.us/v3/__https://urldefense.us/jerror__;!!G_uCfscf7eWS!Y55Xtc8fpPUAs4l8z7dRVo177Od6rTNnLdMpC797i-88IaX7P5Ike3jcZUP8KRveYGgaS8t596DnlOGAK-Q8Vt8$  when clicking them.
>
> Using html view instead, I can see the correct link targets, but when
> clicking them I get a phishing warning from the mailclient as they don't
> lead to the location they advertise.
>
> So in either case, I need to manually copy, edit, confirm... is this
> supposed to be a security improvement?
>
>
> cu
>    Gerrit

Attachment: Screenshot from 2024-03-05 09-36-24.png
Description: PNG image