Emails being flagged "suspicious"


BoomerGal
Asked:
2014-03-18 7:02 pm EST

Hits: 30
When other parties receive emails from a "donimarketing.com" email address, McAfee is displaying the following notice. What is going on?
=================================================
www.donimarketing.com
This link is suspicious. We tested it and found potential security risks. Be careful.
Website Category:
N/A
=================================================

You must login before you can ask a follow up question.

You must login before you can submit an answer.

OTHER ANSWERS

0

Arn
Staff
17,331 Points
2014-03-18 9:25 pm EST
Hello Boomergal,

Apologies for the delay in my answer and sorry to hear about the problem with the emails. There are a few things to consider if you see this happening with emails that you send out (and I'm assuming that you're either sending the emails, or hosting the website that sending the emails):


  • Your account/domain name/email server has been blacklisted because it may have been identified as a source of spam.

  • Something in the email being sent caused the alert - this could be a bad link/attachment or other content



In this case, I went to the internet and ran a check on the domain and it's showing as being blacklisted. Please refer to this article: Email message is classified as SPAM. It gives you a run-down on the possible issues. If possible, try to get a bounceback message or an example email from someone who is receiving the warning. Typically, it will identify where the warning is coming from. With that information, you can either petition to have yourself removed from the list, or take action that they require in order to have yourself removed from the blacklist.

I reviewed your account and it appears that you're on a shared server. I also created a test@donimarketing.com email account and then tried sending to several email accounts to see if I could replicate the problem. I could not replicate the issue. I also tested directly from the server to make sure that it was not being blacklisted and it is not.

Please understand that this does not mean that there might still be an issue with the domain name and the email issues you're seeing. However, from our testing, it doesn't appear to be a specific email server issue. I also checked your email logs and and there's nothing in them that really stands out as a possible cause.

I currently have escalated the issue to a tier2 tech on our live support team to see if there's anything we can do to stop the issue. I'll post again in a few minutes to see if there's anything we can resolve on our end.

Regards,

Arnel C.


You must login before you can post a comment about this answer.

Hello Boomergal,

Thanks for your patience. When our Tier2c tech from the live technical support reviewed the issue they discovered the problem to be your actual website. The problem is that you're being flagged because of an old hacked file on your website. In fact, the website doesn't show anything at this point. The file that was hacked (from almost 3 years ago now) is still in the folder and can be deleted. It's clearly labeled and not accessible from the web, but some security scanners are still picking it up because you listed the website link in the email. The problem isn't the email, but the link that you used. You should review the website and either re-upload it or re-create it. At this point, there are no backups from the server here since this appears to be an issue from 3 years ago (server backups are made every 24-36 hours and they overwrite the previous backup). I checked the notes and the owner of the account was notified of the issue through email (9/6/11).

If you remove the link from the email, you will not see the warning. If you re-load the website or replace all of the files, then you should not have any further problems. Check out this link for an example of a service that can scan your site. This link shows why the site got flagged:

Sucuri.net scan results.

Hope this helps to clear up the issue! If you have any further questions, please let us know.

Regards,
Arnel C.
Arn
17,331 Points
Staff
2014-03-18 9:51 pm EST
Like this Question?

Related Articles

It looks like there are no related articles.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!