Modifying URLs to protect against threats and unauthorized access

When you create a content filtering policy, you can add the action
Modify clickable URLs in message
. This action changes all the URLs in a message before the message is delivered. You can choose one of the following options to customize the action further:
  • Email Threat Isolation
    sends the browser to your Symantec Threat Isolation instance for virtual sandboxing.
  • Web Service (ProxySG)
    sends the browser to your Symantec Blue Coat ProxySG appliance for secure web browsing.
  • Replace clickable URLs in message
    changes all URLs in the message to the
    Value
    that you enter in the dialog box. If the message is in HTML format, the underlying URLs change, but the message displays the original URLs. If the message is in text format, the recipient sees the
    Value
    string instead of the original URLs.
  • Disable clickable URLs in message
    inserts the string
    noclick_
    into the host name of each URL.
    When the recipient clicks a URL in a message, nothing happens. If the message is in plain text format, the recipient may notice that the URL is modified. If the message is in HTML format, the URL modification is not visible.
    Symantec recommends that you add an additional action to the policy to let recipients know that URLs in the message were disabled deliberately. For example, you can select
    Modify the subject line of messages
    and add the modification
    For security, URLs in this message are disabled
    .
SMG can perform only one
Modify clickable URLs in message
action on a message. If a message triggers two or more policies that have different
Modify clickable URLs in message
actions, SMG uses the following priority to select which action to perform:
  1. Email Threat Isolation
  2. Web Service (ProxySG)
  3. Replace clickable URLs in message
  4. Disable clickable URLs in message