1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 9:47 pm Apr 21, 2026

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Google message warning

Gmail SPF/DKIM issue generates warning message about received emails

         

Wilburforce

6:48 pm on Jul 18, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



A couple of days ago a friend drew my attention to the fact that messages from my domain host had started generating spam warnings when I emailed his gmail account. On checking (by emailing my own gmail account from my domain account) I had the same experience. The message, for anyone who hasn't yet seen it, reads:

Be careful with this message.

Gmail could not verify that it actually came from
mydomainname.com. Avoid Clicking links,
downloading attachments or replying with
personal information.


The warning includes Report spam and Report phishing buttons. If you follow the Information links, it says that the message seems fraudulent or dangerous, and to click (absent from all dialogues) Looks safe or Ignore if you're confident it isn't

I'm not sure when gmail started doing this, but on looking at it more closely it appears to happen with all emails sent from any SMTP server on which SPF/DKIM hasn't been enabled.

On my main domain (where DNS and SMTP share the same host), enabling SPF instantly removed the warning on subsequent messages to gmail. However, on domains where DNS and SMPT are on different servers, I have yet to discover a solution (and tech advisors on SMTP and domain servers have hitherto failed to suggest anything that seems to work).

Does anyone know anything about this issue? It is obviously a big problem for anyone answering client queries where the client uses a gmail account.

Dimitri

7:41 pm on Jul 18, 2022 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



This has been like that since some years. May be it became more and more strict.

However, on domains where DNS and SMPT are on different servers

What do you mean?

It doesn't matter where the DNS is hosted, and where the SMPT server is hosted.

The SPF record list the IP(s) of the server(s) which are authorized to send mail for the given domain name.

The DKIM is a record added to the DNS, and added by your mail server, for outgoing mails.

SPF: [en.wikipedia.org...]
DKIM: [en.wikipedia.org...]

If you using Postfix :
SPF (in/out): [zurgl.com...]
DKIM: [digitalocean.com...]

And you need a DMARC record too : [en.wikipedia.org...]

[edited by: Dimitri at 7:58 pm (utc) on Jul 18, 2022]

engine

7:56 pm on Jul 18, 2022 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



Ive seen that, too, and it is on major services, such as on an ebay message.
It seems to be appearing much more frequently.

Dimitri

8:11 pm on Jul 18, 2022 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



It seems to be appearing much more frequently.

In my opinion, SPF, DKIM, DMARC, DNAME, TLS connection for mail server, should be the minimum, made legally mandatory.

Wilburforce

9:51 pm on Jul 18, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



The SPF record list the IP(s) of the server(s) which are authorized to send mail for the given domain name.


Yes, but authorising the (separate) SMTP server on the domain server doesn't seem to resolve it. Does G take longer to OK it where domain and SMTP server are different?

Dimitri

10:14 pm on Jul 18, 2022 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



I don't know if Gmail is caching SPF records, but I guess "no" , or only for a very short period of time.

What does your SPF records look like ?

It should be something like : 
v=spf1 ip4:xxx.xxx.xxx.xxx -all


with the "xxx.xxx.xxx.xxx" the IPv4 of your mail server (you can also configure an IPv6).

It means, to only accept mails for the domain name, if the mail is coming from a server with the IP address xxx.xxx.xxx.xxx and rejected everything else.

You can check your SPF record here : [mxtoolbox.com...]

Wilburforce

10:30 pm on Jul 18, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



@Dimiri

Thanks! I'll folow this up tomorrow.

phranque

12:45 am on Jul 19, 2022 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



i can't think of anybody i know personally still hosting their own email server for anything serious.

Wilburforce

7:57 am on Jul 19, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



i can't think of anybody i know personally still hosting their own email server for anything serious.

What, in your experience, is standard practice now, and what, in your view, is best practice?

JesterMagic

9:53 am on Jul 19, 2022 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



>> i can't think of anybody i know personally still hosting their own email server for anything serious.

A lot of small businesses still do. Usually works fine if all the records are setup properly. Not as robust as solution below though.

Best practices is for websites to use a transactional email service like postmark, elastic email, or sendinblue. This is for out bound emails only (and are not really actual email accounts as the server just can send emails and will not receive)

You then setup Google Workspace or Microsoft 365 for all the other email accounts.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 9:47 pm Apr 21, 2026