Mailmate is not handling modified URLs in Mail for Targeted Attack Protection consistently.
Reported by Stacey Marshall | February 21st, 2020 @ 09:52 AM
Mailmate is not handling modified URLs in Mail for Targeted Attack Protection consistently.
MailMate version 1.13.1 (5671).
Targeted Attack Protection (TAP) from Proofpoint modifys emails sent to my company email:
Any emails you receive into your account from an external source will be assessed by this service to provide URL and attachment defense capability.
- Emails containing external URLs will be rewritten to include urldefense.proofpoint.com so they can be assessed by TAP when you click on the URL.
When I click on most of these modified links I am directed to https://urldefense.com/jerror and not the page intended.
Captured the URL being sent to Firefox by
- Disable Choosey.app (just in case it was doing aything
untoward).
- Enabled Logging via 'about:networking`
- Clicked on the URL in MailMate
When I compare the URL logged via Firefox to the link in the e-mail I find that the final dollar has been removed.
An example of a TAP modified URL, note it has final dollar character at the end.
https://urldefense.com/v3/__https://github.com/osstech-jp/openldap/commit/bba50bf6533d8f67dcbfc990b6b3161d22b4de85.patch__;!!GqivPVa7Brio!KDGhmN2slqGIqw4BFaQkTYmT7Tj8mq0aUeWtflW1P3dYJhH8Nxl7zGE_a-_SxDJKZsHI$
URL passed to firefox when clicked on has dollar removed:
https://urldefense.com/v3/__https://github.com/osstech-jp/openldap/commit/bba50bf6533d8f67dcbfc990b6b3161d22b4de85.patch__;!!GqivPVa7Brio!KDGhmN2slqGIqw4BFaQkTYmT7Tj8mq0aUeWtflW1P3dYJhH8Nxl7zGE_a-_SxDJKZsHI
Opening the email in Mail.app and clicking on the link there is a laborious workaround.
The fault does not appear to be consistent. In preparation for this ticket I sent myself a link, via external account, and that was handled correctly!
https://urldefense.com/v3/__https://staceymarshall.wordpress.com/__;!!GqivPVa7Brio!JZfEnZ9XS7DsTjRVTHm_gl6-RcqMyt3H9RvaI5HDJ2s0I4LS6g8RnnlDQzcO0bi3Dz1K$
Comments and changes to this ticket
-
Stacey Marshall February 21st, 2020 @ 09:57 AM
Noticed that MailMate indeed highlights the whole link in blue except for the final dollar :-)
If I select the whole URL including the dollar and OPEN URL it opens correctly.
- OPEN URL I have a keyboard Shortcut which opens selected text.
-
Stacey Marshall February 21st, 2020 @ 10:12 AM
In the test email (where the dollar was passed through) the body source looks like this:
--000000000000838c19059f11f2cc Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: Quoted-printable Well, why was this not converted then? https://urldefense.com/v3/__https://staceymarshall.wordpress.com/__;!!GqivP= Va7Brio!JZfEnZ9XS7DsTjRVTHm_gl6-RcqMyt3H9RvaI5HDJ2s0I4LS6g8RnnlDQzcO0bi3Dz1= K$=20 --000000000000838c19059f11f2cc Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: Quoted-printable <div dir=3D"ltr"><div>Well, why was this not converted then?</div><div><br>= </div><div><a href=3D"https://urldefense.com/v3/__https://staceymarshall.wo= rdpress.com/__;!!GqivPVa7Brio!JZfEnZ9XS7DsTjRVTHm_gl6-RcqMyt3H9RvaI5HDJ2s0I= 4LS6g8RnnlDQzcO0bi3Dz1K$">https://staceymarshall.wordpress.com/</a></div><d= iv><br></div><div><br></div></div>While the e-mail where the links are not passed through correctly (elided a little)
https://urldefense.com/v3/__https://github.com/osstech-jp/openldap/commit/b= ba50bf6533d8f67dcbfc990b6b3161d22b4de85.patch__;!!GqivPVa7Brio!KDGhmN2slqGI= qw4BFaQkTYmT7Tj8mq0aUeWtflW1P3dYJhH8Nxl7zGE_a-_SxDJKZsHI$=20 https://urldefense.com/v3/__https://github.com/osstech-jp/openldap/commit/b= ba50bf6533d8f67dcbfc990b6b3161d22b4de85__;!!GqivPVa7Brio!KDGhmN2slqGIqw4BFa= QkTYmT7Tj8mq0aUeWtflW1P3dYJhH8Nxl7zGE_a-_SxKwwBOjg$=20So maybe the one that worked has HTML while the failing one does not?
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Mac OS X email client.
benny