Back to Community Threads
Google is flagging webmail as a malware site
Problem reported by Nick Hayer - 1/18/2018 at 7:20 AM
Submitted
N
This is just an fyi in-case you are running SmarterMail Version - 13.3.5535
http://mail.madriveraccess.net/Login.aspx according to Google is malware. On our server login.aspx is dated/last modified on 02/26/2015.   We have obviously requested whitelisting but the up to 72 hrs for removal is not heartening.
 
 
jorge.mx.neto Replied
1/18/2018 at 8:01 AM
S
Scot Desort Replied
1/18/2018 at 2:15 PM
FYI we had a 13.5 site get flagged on Tuesday. We FORCED SSL, removed the FORGOT PASSWORD link, and they denied the review. It's still red-flagged. IN the process of upgrading to 15.x tonight. Very frustrating. Something in the 13.x code is causing this.....
S
Scot Desort Replied
1/18/2018 at 2:25 PM
We did those steps Nick. No dice. They won't remove the red flag

Something in the 13.x code is suddenly causing google to flag the smartermail Login.aspx file specifically - NOT for malware. They Flag it as "DECEPTIVE" under the "social engineering" class of deceptiveness (phishing/password collection/etc).
S
Scot Desort Replied
1/19/2018 at 8:22 AM
UPDATE: In case anyone is interested, we upgraded our customer's site last night from 13.5 (which was red flagged as "DECEPTIVE" by Google (in the "social engineering" sub-category), to 15.7.x. We then requested a rescan of the site and they cleared the flag.
 
We had previously:
 
- turned off "password recovery" which removed the FORGOT PASSWORD link (and the associated javascript) from the login page
- forced SSL for all webmail traffic through a modification to the web.config file
- scanned the entire server for malware
- manually inspected the files in the SM webroot and /scripts folders for any new or changed files
- ran the SM web URL through external scanners (such as quttera.com, sucuri.net and aw-snap - all clean)
 
The only thing that solved the problem was getting off of 13.x. If you are in a position to do so, that may be your only option, unless SM can figure out what is tripping this particular Google alarm in the 13.x code and providing a hotfix file of some kind.  13.x, I imagine, is no longer officially supported, so I don't know of any other recourse for you. And Google did not disclose any specifics about what code on the site it read as "deceptive". Lastly, let's hope that Google doesn't suddenly find something in 15.x or 16.x it deems as dangerous.
 
 
 
Kyle Kerst Replied
1/19/2018 at 8:43 AM
This Google alarm is triggered by the lack of an SSL certificate 9 times out of 10. Since your web interface asks users to complete a password field, if you're not running an SSL certificate your browser will throw this warning. Install an SSL certificate, and force HTTP-->HTTPS redirect in IIS. 
Kyle Kerst 
Cameron Solutions LLC
www.cameron-solutions.com
Paul Blank Replied
1/19/2018 at 9:47 AM
FYI, I have an client on SM v11.x, forced SSL enforcement (for years now), and have had no issues of this type.
S
Scot Desort Replied
1/19/2018 at 9:57 AM
let me repeat. WE HAVE SSL AND IT IS FORCED. If you try to connect with http, we redirect you to https using IIS.
S
Scot Desort Replied
1/19/2018 at 9:58 AM
1. 11.x may not have the code issue
2. Google may not have crawled your webmail URL.

It is not an SSL issue.
Paul Blank Replied
1/19/2018 at 10:11 AM
I totally believe you! I was responding to Kyle's comment as if it was a valid explanation. I stand humbly corrected. Thanks for posting all your research here!
S
Scot Desort Replied
1/19/2018 at 10:47 AM
no problem Paul!
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Google Safe Browsing Warning and SmarterMailSmarterMail > Troubleshooting
Force Webmail Traffic Over HTTPSSmarterMail > Server Configuration and Management
Key Feature and Version Milestones in SmarterMailSmarterMail
Browser Behavior and Mixed Content Email MessagesSmarterMail > Troubleshooting
Set up SmarterMail as an IIS Site in IIS 8SmarterMail > Server Configuration and Management