Custom URL Links do not function in some ActiveSync clients


As one of the Microsoft Exchange Default Transport rules, email content which is fetched using HTML encoding over Active sync goes though automatic spam detection and URL sanitizing. This rule causes any link from outside of the email domain to be completely stripped and sent to the client as an empty link. Links which are commonly sanitized include ones sent from RSA servers with new tokens to import into the RSA App. Additionally, non-standard links sent from outside of the company's email domain are being sanitized and stripped of their content. 


  • Original Link: <a href=3D"com.rsa.securid://ctkip?url=3D">
  • Sanitized Link: <a href=” “>


Implications for Customers

Until the key value is updated, users will not be able to open RSA links or any other custom URL links sent from servers outside of the email domain when using Boxer.


Workaround for devices using Boxer 4.10+ for iOS

Add the following key and value to the Boxer AW Console custom key(s):

  • Key: AppRefetchEmptyLinksUsingMime
  • Set to true

Note: Applying the workaround will resolve this issue for all users using Boxer 4.10+ for iOS and the app will automatically re-fetch the affected messages using MIME encoding. Updating the key value will cause Boxer to detect and refetch the affected emails without sanitizing the links.

Workaround for devices using Boxer for Android

A workaround is currently under development and scheduled for a future release of Boxer for Android. The work item is being tracked as BINXA-6523.

Support Contact Information

To receive support, either submit a ticket via the My Workspace ONE portal or call your local support line.  


Best Regards,

The VMware Workspace ONE Team

Have more questions? Submit a request


Article is closed for comments.