Google and other providers have recently started branding web interfaces as unsafe if they don't meet certain security requirements, not simply because malicious content is detected coming from the site. These security requirements could cause your site to be flagged as insecure, even if it doesn't contain malicious content.
One of the security requirements is the use of an SSL certificate on the domain used to host the SmarterMail web interface. Google and other providers no longer consider authentication over plain HTTP to be a "best practice". As such, users may start seeing a bright red warning screen when navigating to SmarterMail from Chrome or other modern browsers. An example of this warning is below, though the actual text and/or reason for the warning may vary:
Solution:
If an unsafe browser warning is seen on your SmarterMail site, you can navigate to the site below to determine why:
More information about the safe browsing requirements can be found at the link below:
Some additional steps that may alleviate this issue as well:
- Implement an SSL certificate for your web interface. For complete steps on this process, refer to the KB article, Configure SSL/TLS to Secure SmarterMail.
- In addition, you can force all webmail traffic to utilize that SSL certificate by following the steps in our KB article, Force Webmail Traffic Over HTTPS. This process involves configuring SmarterMail in IIS and enabling a setting within SmarterMail. When completed, this will force users who type in the standard "http://..." to a secured, HTTPS connection.
- Just to be safe, run a scan for malware infections and malicious pages on the SmarterMail web server.
- Finally, implement domain and user throttles to prevent spam generation from your server in the event of a compromised account. More information about this process can be found in the KB article, Set Up Throttling for Domains.
Remember: just because your web interface is flagged for "malicious content" doesn't mean your web server was compromised. Implementing an SSL connection using an SSL certificate and then forcing that HTTPS connection is probably all you need to restore your web interface.
If all of the above turns out fine, a last resort is to email Google Support and ask them to remove the warning. Customers have found success using this as a template for the email:
Dear Google Support Team,
I am writing to formally request a review and removal of the phishing classification placed on our domain mail.vesnx.com. Our company, VESNX, owns and operates this domain, and we recently deployed SmarterMail from SmarterTools on this subdomain as part of our email infrastructure.
Why This Flag Is Incorrect
Legitimate Business Ownership
Our company, [COMPANY NAME], legally owns [FLAGGED DOMAIN or URL], which serves as our official email platform. The domain is not used for phishing, malware, or deceptive practices.
Recent Deployment of SmarterMail
A few days ago, we installed SmarterMail, a widely used and reputable email server software by SmarterTools.
It is possible that Google's automated systems misclassified our site due to recent changes or temporary setup inconsistencies.
Security Measures in Place
The site uses a valid SSL/TLS certificate (issued by [certificate authority, e.g., Let's Encrypt, Sectigo]).
We enforce SPF, DKIM, and DMARC email security policies to prevent misuse.
The website does not contain any deceptive login forms, phishing attempts, or misleading content.
Verification of Legitimacy
To verify that our site is legitimate, you may check the following:
Whois Ownership: [WHOIS LINK] (confirms our company owns the domain).
TLS Certificate: A valid SSL/TLS certificate is installed (viewable via a browser).
Business Website: Our main corporate website is [COMPANY URL], which provides more information about our operations.
DNS Records & Email Security:
- SPF: Implemented
- DKIM: Configured
- DMARC: Enforced
Request for Review
We kindly request that Google manually review mail.vesnx.com and remove the incorrect phishing flag as soon as possible.
Please let us know if any additional information is required.