URL Sandbox

Administrator Help | TRITON AP-EMAIL | Version 8.3.x

The URL sandbox function provides real-time analysis of uncategorized URLs that are embedded in inbound email. When a user clicks an uncategorized URL, a landing page prompts the user to initiate URL analysis. If the analysis determines that the link is malicious, the site is blocked. If the link is not malicious, the user receives notification that they may proceed to the site.

Your subscription must include the Email Sandbox Module and Email Hybrid Module. URL sandbox capability is available only after the email hybrid service is successfully registered and enabled.

The URL sandbox configuration settings include 3 components:

Default settings that apply to any recipient not covered by specific settings

Recipient-specific settings that apply to an individual domain or email address

List of domains to which sandbox settings do not apply

Use the Settings > Inbound/Outbound > URL Sandbox page to configure the URL sandbox feature:

In the Default Settings section, specify the settings that apply to any recipient not covered by recipient-specific settings.

Mark the Analyze suspicious URLs check box to activate the URL sandbox function. By default, the check box is not marked.

If the URL sandbox is enabled, mark the Allow the recipient to follow links to unclassified URLs check box to allow users to click unclassified URL links. By default, the check box is not marked.

Mark the Allow the recipient to follow links with an unsupported protocol check box to allow users to click a link that may redirect to a site with an unsupported protocol (e.g., HTTPS).

If you want the original URL replaced by other text, enter the string in the entry field below the check box. Leave this field blank if you want the original URL to appear.

Use the Recipient-specific Settings area to add custom sandbox settings for individual domain or email addresses.

Click Add to create sandbox settings for a particular group of addresses.

In the Recipient Email/Domain Address List, enter comma-separated email or domain addresses to which you want the settings to apply. No wildcards are permitted.

Mark the Analyze suspicious URLs check box to activate the URL sandbox function for these addresses. By default, the check box is not marked.

If the URL sandbox is enabled, mark the Allow the recipient to follow links to unclassified URLs check box to allow the specified users to click unclassified URL links. By default, the check box is not marked.

Mark the Allow the recipient to follow links with an unsupported protocol check box to allow users to click a link that may redirect to a site with an unsupported protocol (e.g., HTTPS).

If you want the original URL replaced by other text, enter the string in the entry field below the check box. Leave this field blank if you want the original URL to appear.

At the bottom of the URL Sandbox section, mark the Analyze suspicious URLs that appear in digitally signed email check box if you want the sandbox to examine URLs even if they appear in a message that contains the digital signature of a trusted sender. By default, the check box is not marked.

In the entry field above the check box, enter the URL domains that you want to bypass the URL sandbox. Do not use wildcards, and separate multiple entries with a comma.

If you want to delete a set of recipient-specific settings, mark the check box next to the address list and click Delete.