GMail suspects confirmation email in stealing personal information

Posted by Dennis Gorelik on Server Fault See other posts from Server Fault or by Dennis Gorelik
Published on 2012-06-09T00:35:37Z Indexed on 2012/06/09 4:42 UTC
Read the original article Hit count: 711

Filed under:
|
|
|
|

When user registers on my web site, web site sends user email confirmation link.

Subject: Please confirm your email address

Body:

Please open this link in your browser to confirm your email address:
http://www.postjobfree.com/a/c301718062444f96ba0e358ea833c9b3
This link will expire on: 6/9/2012 8:04:07 PM EST.

If my web site sends that email to GMaill (either @gmail.com or another domain that's handled by Google Apps) and that user never emailed to email -- then GMail not only puts the email to spam folder, but also adds prominent red warning:

Be careful with this message. Similar messages were used to steal people's personal information. Unless you trust the sender, don't click links or reply with personal information. Learn more

That warning really scares many of my users, so they are afraid to open that link and confirm their email.

What can I do about it?

Ideally I would like that message end up in user's inbox, not spam folder. But at least how do I prevent that scary message?

IP address of my mailing server is not blacklisted: http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a208.43.198.72

I use SPF and DKIM signature.

Below is the email that ended up in spam folder with that scary red message.

Delivered-To: [email protected]
Received: by 10.112.84.98 with SMTP id x2csp36568lby;
        Fri, 8 Jun 2012 17:04:15 -0700 (PDT)
Received: by 10.60.25.6 with SMTP id y6mr9110318oef.42.1339200255375;
        Fri, 08 Jun 2012 17:04:15 -0700 (PDT)
Return-Path: 
Received: from smtp.postjobfree.com (smtp.postjobfree.com. [208.43.198.72])
        by mx.google.com with ESMTP id v8si6058193oev.44.2012.06.08.17.04.14;
        Fri, 08 Jun 2012 17:04:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 208.43.198.72 as permitted sender) client-ip=208.43.198.72;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 208.43.198.72 as permitted sender) [email protected]; dkim=pass [email protected]
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns;
        d=postjobfree.com; s=postjobfree.com;
        h=          received:message-id:mime-version:from:to:date:subject:content-type;
        b=TCip/3hP1WWViWB1cdAzMFPjyi/aUKXQbuSTVpEO7qr8x3WdMFhJCqZciA69S0HB4
          Koatk2cQQ3fOilr4ledCgZYemLSJgwa/ZRhObnqgPHAglkBy8/RAwkrwaE0GjLKup
          0XI6G2wPlh+ReR+inkMwhCPHFInmvrh4evlBx/VlA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=postjobfree.com; s=postjobfree.com;
        h=content-type:subject:date:to:from:mime-version:message-id;
        bh=N59EIgRECIlAnd41LY4HY/OFI+v1p7t5M9yP+3FsKXY=;
        b=J3/BdZmpjzP4I6GA4ntmi4REu5PpOcmyzEL+6i7y7LaTR8tuc2h7fdW4HaMPlB7za
          Lj4NJPed61ErumO66eG4urd1UfyaRDtszWeuIbcIUqzwYpnMZ8ytaj8DPcWPE3JYj
          oKhcYyiVbgiFjLujib3/2k2PqDIrNutRH9Ln7puz4=
Received: from sv3035 (sv3035 [208.43.198.72]) by smtp.postjobfree.com with SMTP;
   Fri, 8 Jun 2012 20:04:07 -0400
Message-ID: 
MIME-Version: 1.0
From: "PostJobFree Notification"
 
To: [email protected]
Date: 8 Jun 2012 20:04:07 -0400
Subject: Please confirm your email address
Content-Type: multipart/alternative;
 boundary=--boundary_107_ffa6a9ea-01dc-40f5-a50c-4c3b3d113f08


----boundary_107_ffa6a9ea-01dc-40f5-a50c-4c3b3d113f08
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

Please open this link in your browser to confirm your email addre=
ss: =0D=0Ahttp://www.postjobfree.com/a/c301718062444f96ba0e358ea8=
33c9b3 =0D=0AThis link will expire on: 6/9/2012 8:04:07 PM EST. =0D=0A
----boundary_107_ffa6a9ea-01dc-40f5-a50c-4c3b3d113f08
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64

PGh0bWw+PGhlYWQ+PG1ldGEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu
dD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij48L2hlYWQ+DQo8Ym9keT48ZGl2
Pg0KUGxlYXNlIG9wZW4gdGhpcyBsaW5rIGluIHlvdXIgYnJvd3NlciB0byBjb25m
aXJtIHlvdXIgZW1haWwgYWRkcmVzczo8YnIgLz48YSBocmVmPSJodHRwOi8vd3d3
LnBvc3Rqb2JmcmVlLmNvbS9hL2MzMDE3MTgwNjI0NDRmOTZiYTBlMzU4ZWE4MzNj
OWIzIj5odHRwOi8vd3d3LnBvc3Rqb2JmcmVlLmNvbS9hL2MzMDE3MTgwNjI0NDRm
OTZiYTBlMzU4ZWE4MzNjOWIzPC9hPjxiciAvPlRoaXMgbGluayB3aWxsIGV4cGly
ZSBvbjogNi85LzIwMTIgODowNDowNyBQTSBFU1QuPGJyIC8+DQo8L2Rpdj48L2Jv
ZHk+PC9odG1sPg==
----boundary_107_ffa6a9ea-01dc-40f5-a50c-4c3b3d113f08--

© Server Fault or respective owner

Related posts about email

Related posts about spam