The authentication links that COCPA emails to end users are one-time-use only. Certain email security platforms like ones made by Barracuda or Mimecast are capable of crawling these authentication links, thereby invalidating the link and preventing the end user from logging in to COCPA.org. The solution to this is to configure these systems to bypass URL scanning for authentication emails sent from COCPA.
For Barracuda: Add *.cocpa.org to the “Link Protection Domain Whitelist” field under “Mail Security”.
For Mimecast: Under Administration -> Gateway | Policies -> URL Protection Bypass, create a URL Protection Bypass policy with the option “Disable URL Protection” for email addresses based on cocpa.org.
Refer to your mail security system’s documentation for more specific instructions.