Browse by...
Home Resources Blog

We’ve posted a few general tips on how to avoid looking like a phisher, but this one is quite specific to senders using a or Google Apps-managed “From: address”in their campaigns. Recently, emails with From: addresses which did not send from a Gmail mail server have been flagged with the following warning in the inbox:

Gmail's phishing warning

“If you’re sending Gmail messages from anywhere other than Gmail itself, they may look like phishing attempts.”
-‘Stop Looking Like a Phisher in Gmail‘, Lifehacker

Soon after a customer mentioned seeing one of these scary messages, Lifehacker posted an example, explanation and fixes in their post, ‘Stop Looking Like a Phisher in Gmail‘. While this information is relevant when sending from a regular email client, there’s only really one way to avoid these warnings when sending from an email marketing service like Campaign Monitor. That is, use an address other than an address. Or any webmail address, for that matter.

Walk away from webmail addresses

This warning is only one example of how webmail clients are trying to protect their customers from spam and web threats. After all, phishers very commonly use fake From: addresses / spoof mail headers to masquerade as legitimate senders. Gmail has good reason to look dimly upon email that’s labelled as coming from them, but isn’t being sent from their own servers.

We encourage our customers to avoid using a webmail address as their From: email address. Undoubtedly they will trigger warnings like this and potentially, deliverability issues in the future. Instead, we highly recommend purchasing a domain name from a registrar like Namecheap and setting up a [email protected] -style email address. It’s still okay to have this domain forward inbound mail to a webmail address, or alternately, you can use Google Apps to send and manage email from this domain directly. Note that Google Apps domains have also been known to throw similar warnings – to avoid this, it’s a good idea to setup email authentication, which we’ll go through in the next bit.

Don’t forget to set up email authentication

Finally, we’d like to remind one and all to authenticate their sending domain in their accounts, especially when using Google Apps to manage their email. In essence:

“All the large ISPs are using email authentication as an important layer in their spam fighting arsenal. By setting up this system as an authenticated sender, you can instantly bypass certain filters, giving your campaigns a better chance of arriving in the destination inbox… Many ISP’s like Yahoo! and Hotmail will flag your email as authenticated, which helps to build trust between you and your subscribers and improves the chances of your emails being opened.”

It only takes a few minutes for you, or your technical team to setup email authentication, but ensuring that your subscribers and ISP’s know that your campaigns are definitely from you is well worth the effort.

Finally, If you have any questions about email authentication, get in touch with our team – we’re here to make sure your campaigns not only look good, but make it into as many inboxes as possible, too.

This blog provides general information and discussion about email marketing and related subjects. The content provided in this blog ("Content”), should not be construed as and is not intended to constitute financial, legal or tax advice. You should seek the advice of professionals prior to acting upon any information contained in the Content. All Content is provided strictly “as is” and we make no warranty or representation of any kind regarding the Content.
Straight to your inbox

Get the best email and digital marketing content delivered.

Join 250,000 in-the-know marketers and get the latest marketing tips, tactics, and news right in your inbox.


Get started with Campaign Monitor today.

With our powerful yet easy-to-use tools, it's never been easier to make an impact with email marketing.

Try it for free