https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Extraction-click-here-location/m-p/13458#M58355 <HTML><HEAD></HEAD><BODY><P>Hi,&nbsp;</P><P>what are you folks using as Main URL to allow users to get the original attachments?</P><P>When Threat Extraction is active, you can configure it so that users can get the original attachment by clicking "here" in the banner that they see in the mail.</P><P>The configuration for the target of "here" is not done in the Threat Extraction config settings but under "UserCheck" in the gateway configuration.</P><P>I was using a FQDN that points to the LAN interface of the firewall gateway but that of course doesn't help users external of the gateway (like home users, or on mobile devices).</P><P></P><P>So should we use an external URL? What are you using? Does this have security implications?&nbsp;</P><P>UserCheck is also used for other things, should we expect a new issue?</P><P></P><P>Regards,<BR />Jeroen</P></BODY></HTML> Tue, 06 Nov 2018 12:55:50 GMT Jeroen_Demets 2018-11-06T12:55:50Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Extraction-click-here-location/m-p/13458#M58355 <HTML><HEAD></HEAD><BODY><P>Hi,&nbsp;</P><P>what are you folks using as Main URL to allow users to get the original attachments?</P><P>When Threat Extraction is active, you can configure it so that users can get the original attachment by clicking "here" in the banner that they see in the mail.</P><P>The configuration for the target of "here" is not done in the Threat Extraction config settings but under "UserCheck" in the gateway configuration.</P><P>I was using a FQDN that points to the LAN interface of the firewall gateway but that of course doesn't help users external of the gateway (like home users, or on mobile devices).</P><P></P><P>So should we use an external URL? What are you using? Does this have security implications?&nbsp;</P><P>UserCheck is also used for other things, should we expect a new issue?</P><P></P><P>Regards,<BR />Jeroen</P></BODY></HTML> Tue, 06 Nov 2018 12:55:50 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Extraction-click-here-location/m-p/13458#M58355 Jeroen_Demets 2018-11-06T12:55:50Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Extraction-click-here-location/m-p/13459#M58356 <HTML><HEAD></HEAD><BODY><P>This and more can be found in&nbsp;<A class="" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk114806&amp;partition=Advanced&amp;product=Threat">sk114806: <STRONG>ATRG</STRONG>: Threat Emulation</A></P></BODY></HTML> Tue, 06 Nov 2018 15:09:17 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Extraction-click-here-location/m-p/13459#M58356 G_W_Albrecht 2018-11-06T15:09:17Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Extraction-click-here-location/m-p/13460#M58357 <HTML><HEAD></HEAD><BODY><P>I know that sk but I must be looking over the exact info. Can you be more specific please?</P></BODY></HTML> Wed, 07 Nov 2018 07:57:50 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Extraction-click-here-location/m-p/13460#M58357 Jeroen_Demets 2018-11-07T07:57:50Z