We’ve posted a few general tips on how to avoid looking like a phisher, but this one is quite specific to senders using a @gmail.com or Google Apps-managed “From: address”in their campaigns. Recently, emails with @gmail.com From: addresses which did not send from a Gmail mail server have been flagged with the following warning in the inbox:

Gmail's phishing warning

“If you’re sending Gmail messages from anywhere other than Gmail itself, they may look like phishing attempts.”
-‘Stop Looking Like a Phisher in Gmail‘, Lifehacker

Soon after a customer mentioned seeing one of these scary messages, Lifehacker posted an example, explanation and fixes in their post, ‘Stop Looking Like a Phisher in Gmail‘. While this information is relevant when sending from a regular email client, there’s only really one way to avoid these warnings when sending from an email marketing service like Campaign Monitor. That is, use an address other than an @gmail.com address. Or any webmail address, for that matter.

Walk away from webmail addresses

This warning is only one example of how webmail clients are trying to protect their customers from spam and web threats. After all, phishers very commonly use fake From: addresses / spoof mail headers to masquerade as legitimate senders. Gmail has good reason to look dimly upon email that’s labelled as coming from them, but isn’t being sent from their own servers.

We encourage our customers to avoid using a webmail address as their From: email address. Undoubtedly they will trigger warnings like this and potentially, deliverability issues in the future. Instead, we highly recommend purchasing a domain name from a registrar like Namecheap and setting up a you@yournewdomain.com -style email address. It’s still okay to have this domain forward inbound mail to a webmail address, or alternately, you can use Google Apps to send and manage email from this domain directly. Note that Google Apps domains have also been known to throw similar warnings – to avoid this, it’s a good idea to setup email authentication, which we’ll go through in the next bit.

Don’t forget to set up email authentication

Finally, we’d like to remind one and all to authenticate their sending domain in their accounts, especially when using Google Apps to manage their email. In essence:

“All the large ISPs are using email authentication as an important layer in their spam fighting arsenal. By setting up this system as an authenticated sender, you can instantly bypass certain filters, giving your campaigns a better chance of arriving in the destination inbox… Many ISP’s like Yahoo! and Hotmail will flag your email as authenticated, which helps to build trust between you and your subscribers and improves the chances of your emails being opened.”

It only takes a few minutes for you, or your technical team to setup email authentication, but ensuring that your subscribers and ISP’s know that your campaigns are definitely from you is well worth the effort.

Finally, If you have any questions about email authentication, get in touch with our team – we’re here to make sure your campaigns not only look good, but make it into as many inboxes as possible, too.

We’ve posted a few general tips on how to avoid looking like a phisher, but this one is quite specific to senders using a @gmail.com or Google Apps-managed “From: address”in their campaigns. Recently, emails with @gmail.com From: addresses which did not send from a Gmail mail server have been flagged with the following warning in the inbox:

Gmail's phishing warning

“If you’re sending Gmail messages from anywhere other than Gmail itself, they may look like phishing attempts.”
-‘Stop Looking Like a Phisher in Gmail‘, Lifehacker

Soon after a customer mentioned seeing one of these scary messages, Lifehacker posted an example, explanation and fixes in their post, ‘Stop Looking Like a Phisher in Gmail‘. While this information is relevant when sending from a regular email client, there’s only really one way to avoid these warnings when sending from an email marketing service like Campaign Monitor. That is, use an address other than an @gmail.com address. Or any webmail address, for that matter.

Walk away from webmail addresses

This warning is only one example of how webmail clients are trying to protect their customers from spam and web threats. After all, phishers very commonly use fake From: addresses / spoof mail headers to masquerade as legitimate senders. Gmail has good reason to look dimly upon email that’s labelled as coming from them, but isn’t being sent from their own servers.

We encourage our customers to avoid using a webmail address as their From: email address. Undoubtedly they will trigger warnings like this and potentially, deliverability issues in the future. Instead, we highly recommend purchasing a domain name from a registrar like Namecheap and setting up a you@yournewdomain.com -style email address. It’s still okay to have this domain forward inbound mail to a webmail address, or alternately, you can use Google Apps to send and manage email from this domain directly. Note that Google Apps domains have also been known to throw similar warnings – to avoid this, it’s a good idea to setup email authentication, which we’ll go through in the next bit.

Don’t forget to set up email authentication

Finally, we’d like to remind one and all to authenticate their sending domain in their accounts, especially when using Google Apps to manage their email. In essence:

“All the large ISPs are using email authentication as an important layer in their spam fighting arsenal. By setting up this system as an authenticated sender, you can instantly bypass certain filters, giving your campaigns a better chance of arriving in the destination inbox… Many ISP’s like Yahoo! and Hotmail will flag your email as authenticated, which helps to build trust between you and your subscribers and improves the chances of your emails being opened.”

It only takes a few minutes for you, or your technical team to setup email authentication, but ensuring that your subscribers and ISP’s know that your campaigns are definitely from you is well worth the effort.

Finally, If you have any questions about email authentication, get in touch with our team – we’re here to make sure your campaigns not only look good, but make it into as many inboxes as possible, too.

  • SHG

    How does this article pertain to domains that use Google Apps to handle mail? The first sentence of says that the problem is ‘”quite specific to senders using a @gmail.com or Google Apps-managed “From: address”‘ but I can’t see anything in the text that says GApps users are vulnerable to the problem. In fact the article says that using GApps can SOLVE the problem.

    Confused.

  • SHG

    How does this article pertain to domains that use Google Apps to handle mail? The first sentence of says that the problem is ‘”quite specific to senders using a @gmail.com or Google Apps-managed “From: address”‘ but I can’t see anything in the text that says GApps users are vulnerable to the problem. In fact the article says that using GApps can SOLVE the problem.

    Confused.

  • Ros Hodgekiss

    Hi SHG, sorry for the confusion there, that was lazy writing on my part :) I’ve updated the post to explain how Google Apps-managed sending domains can throw up similar warnings, unless you’ve setup SPF records/email authentication. Hope this clarifies things – thank you for pulling me up on this! :D

  • Ros Hodgekiss

    Hi SHG, sorry for the confusion there, that was lazy writing on my part :) I’ve updated the post to explain how Google Apps-managed sending domains can throw up similar warnings, unless you’ve setup SPF records/email authentication. Hope this clarifies things – thank you for pulling me up on this! :D

Want to improve your email marketing? Subscribe to get tips on improving your email marketing delivered to your inbox.
X

Join 200,000 companies around the world that use Campaign Monitor to run email marketing campaigns that deliver results for their business.

Get started for free