tags:

views:

268

answers:

3

My web application sends emails to users. The email contains a link for further user action. Our security standards require that the link in the email cannot be clickable. However, the email clients recognize https:// in the email and auto-link the URL.

Any idea on how to stop the email clients to auto-link. I am thinking if I skip the https://, it may stop the auto-linking. But, if I have to keep the https:// is there any way to avoid auto-linking.

The link in the email is dynamically constructed in the c# code.

A: 

It is not possible to stop auto-linking in email clients based on something you do to the email itself.

If you have total control over your user's machines, you could block 3rd party email access (yahoo, gmail, etc), then prevent links from being clicked in Outlook by deleting this registry key on your user's computers (back up the registry first!):

HKEY_Local_Machine\Software\Classes\htmlfile\shell\open\command

(Pretty much doing the opposite of http://support.microsoft.com/kb/310049)

Erik W
+1  A: 

Replace the actual text with a small GIF image that looks like text.

Email parsers will not recognize text within an image.

abelenky
+1, although most email clients nowadays don't permit the displaying of images inside emails unless the user specifically allows them.
Erik Forbes
A: 

My application has a similar security requirement. The solution we used was to add an underscore to the beginning of the URL (_http://).

vtse