Skip to content

Latest commit

 

History

History
64 lines (41 loc) · 4.21 KB

link-actions.md

File metadata and controls

64 lines (41 loc) · 4.21 KB
Raw
title pcx_content_type weight
Link actions
concept
2

Link actions

Disposition actions

Create actions for emails with specific {{}}dispositions{{}}. URL defang means that every URL in an email of the selected type will be rewritten so that the user cannot follow the link. For example, https://www.example.com will become https[:]//www[.]example[.]com.

To update or create a new disposition action:

  1. Log in to the Cloud Email Security dashboard.
  2. Go to Settings (the gear icon).
  3. On Email Configuration, go to Email Policies > Link Actions.
  4. In Disposition Actions select Edit.
  5. For each disposition, such as MALICIOUS, SPAM, and BULK, choose the action you want to perform.

Email Link Isolation

Email Link Isolation rewrites links that could be exploited, alerts users when there is uncertainty around the website they are visiting, and protects against malware and vulnerabilities through Cloudflare Browser Isolation.

When you enable Email Link Isolation, the service rewrites links in emails and opens them in a browser tab where all page contents are fetched and rendered on a remote server. When this feature is enabled, any malware that might be present in a web page or email link is isolated at the server level, and will not infect and compromise the client network at the endpoint.

Suspicious hyperlinks are system-determined, and triggered by a dynamic isolation list maintained by Cloudflare’s security team.

Previous disposition actions

When you enable Email Link Isolation, Cloudflare no longer takes into account URL actions based on the email’s dispositions. URL actions are, rather, based on attributes of the link.

Link rewriting applies to all email dispositions. If you have link actions set for dispositions, you will see a warning when enabling Email Link Isolation. This indicates that Email Link Isolation's rewriting will apply globally.

Enable Email Link Isolation

{{

}}If you use Microsoft Office 365, you need to allowlist the URL https://linkdefender.cloudflare.com before enabling Email Link Isolation. Refer to Microsoft's documentation to learn how to allowlist a URL.{{}}

To enable Email Link Isolation you must have an inline deployment for your Cloud Email Security setup. Email Link Isolation is not available if Cloud Email Security is deployed through journaling or BCC setups.

Email Link Isolation can only be used when there are no other security applications doing URL rewrites. Double link rewrites are not supported.

To enable Email Link Isolation:

  1. Log in to the Cloud Email Security dashboard.
  2. Go to Settings (the gear icon).
  3. On Email Configuration, go to Email Policies > Link Actions.
  4. Scroll to Email Link Isolation and enable it.

Email Link Isolation is now enabled.

{{

}} Email Link Isolation does not have advanced configuration options. If you need more fine-grained control over what users can do in an isolated browser session, you must have a Cloudflare Zero Trust account and make your changes on Browser Isolation. {{}}

URL rewrite ignore patterns

Use this option to ignore rewrites on URLs matching specific patterns. This feature allows you to ensure that internal corporate services never have links rewritten for them.

  1. Log in to the Cloud Email Security dashboard.
  2. Go to Settings (the gear icon).
  3. On Email Configuration, go to Email Policies > Link Actions.
  4. Scroll to URL Rewrite Ignore Patterns.
  5. Add a new URL pattern to URL pattern and select Add Pattern.