Hello,
since today there is no option to put a bad url in a blacklist for the url protection
to simply block that type of url´s from opening / loading.
You can only put url´s on a whitelist.
This would be a big helper in blocking bad / unwanted url´s (Option for example
all .de or test.de or all before und after plus test.de).
We tried already the Data Control for that but the data control only detects the
plain text. So yes we can say, block .de in the data control, but this didn´t help,
because it only blocks as example web.de test.max.de test.de/ablage and so
on but if you have a href code snipped with the url in the mail the mail is not
recognised and filtered out. So this is a big security concenrn. We see on
weekly basis many mails with bad urls wich sophos email protection not recognises
as bad url or mails with embedded pictures wich shows as example a docusign
logo und a button (this is all one picture) and this embbeded picture has an href
link attached to it. So this dangerous mails are not filtered or blocked by sophos.
We already described that behavour with the sophos support, but we only get the
answer that we should report that kind of mails as spam and sophos will check it.
But again this is not a solution for that.
Best regards
Added Infomration
[edited by: SoC2024 at 10:22 AM (GMT -8) on 5 Mar 2025]
Quote