[dmurray]

Also, it would allow bad actors to just opt out of malware scans - the main vector whereby these insecure URLs were leaked.

[fullspectrumdev]

So there was an interesting vector a while back where some email firewalls would reliably click on any link sent to them that was abused by spammers.

Spammers would sign up for services that required a click on a link using blabla@domainusingsuchservice

The services bots to check phishing would reliably click on the link, rendering the account creation valid.

One particularly exploitable vendor for getting such links clicked was one that shares the name with a predatory fish that also has a song about it :)

[rkagerer]

SharkGate?

Why coy about naming them?

[reaperman]

Barracuda. And for plausible deniability so they don’t have as much of a chance of catching a libel suit. Not sure how necessary or effective that is, but I do understand the motivation.