Does Gmail show a yellow “Be careful with this message” warning every time you send an email?
This warning implies that Gmail could not verify that it actually came from the actual user/sender. It is also possible that the sender hasn’t authenticated this message, and it could be a phishing attempt, a spoofing attack, or a legitimate email that failed some verification checks. Remember that this warning can also be a false positive.
In today’s blog post, we will explain why Gmail shows this warning and how to get rid of the “be careful with this message” Gmail warning in three easy ways.
Why Does Gmail Show “Be careful with this message”?
Whenever Google detects a potentially harmful/malicious email, it shows the “Be careful with this message” warning for its Gmail users to be alert and cautious.
Gmail uses various methods to authenticate the sender of the emails you receive. Some of these methods are:
- SPF (Sender Policy Framework): This DNS record lists the authorized IP addresses that can send emails from a domain. For example, if your domain is example.com, you can use SPF to tell Gmail that only emails from certain IP addresses are valid and others are not.
- DKIM (DomainKeys Identified Mail): It’s a digital signature that verifies that the email was not tampered with during transit. DKIM uses a pair of keys: a private key for signing emails and a public key for publishing records. Gmail checks the private key against the public key if it’s the same.
- DMARC (Domain-based Message Authentication, Reporting, and Conformance): DMARC is not a DNS record but a policy that tells Gmail what to do with emails that fail SPF or DKIM checks. For instance, you can use DMARC to instruct Gmail or any webmail service to reject, quarantine, or deliver such emails. You can also use DMARC to receive reports on the authentication status of your emails.
If an email fails any of these checks, Gmail shows a warning like “Be careful with this message” to alert you that the email may not be from who it claims to be and that you should not click on any links, download any attachments, or reply to the email.
However, sometimes Gmail might show this warning even for legitimate emails. This can happen for various reasons, such as:
- The sender is using a third-party email service that is not authorized in the SPF record of their domain.
- The email address in the “From” field of your WordPress site looks suspicious to Gmail.
- The sender has not set up DMARC for their domain or has a weak DMARC policy that allows Gmail to deliver unauthenticated emails.
These scenarios can cause Gmail to show a warning even if the email is not malicious. Consequently, this can hurt your email reputation, deliverability, and trustworthiness.
Moreover, your recipients may ignore, delete, or report your emails as spam, which can affect your email marketing, sales, and customer service.
How to Fix ‘Be Careful With This Message’ Gmail Error [3 Easy Ways]
Firstly, let’s make it clear that you can not stop this Gmail warning 100%, but there are a few things you can do that will significantly reduce the chances of your recipients seeing it.
As you are wondering how do I fix “be careful with this message” in Gmail? The following are three easy ways to fix the Gmail “Be careful with this message” error, one of which is by using the Post SMTP plugin.
Method #1: Set Up and Review SPF, DKIM, and DMARC Records
The best part about using the Post SMTP plugin is that it allows you to send WordPress emails via all major third-party email service providers (ESPs), which is great since all these email services add verification to your emails.
Solution:
To ensure that it works properly, you need to configure SPF, DKIM, and DMARC in your domain settings. You can do this from your domain registrar, web host, or DNS provider. Depending on the SMTP service you use, you might need to add different values to these records.
After you set up these records, you need to wait for some time for the DNS changes to propagate. You can use online tools like MXToolbox to check if your records are working correctly.
Method #2: Make Sure the “From Address” is correct in all Plugins
Most likely, you are using multiple plugins for your WordPress site, and each of them has its own templates and settings for sending emails.
For instance, if you use Contact Form 7, you’ve noticed that by default, it uses “wordpress@[your-domain]” as the From Address for all contact form email notifications.
As you can see in the screenshot below:
Solution:
To avoid this, you need to make sure the From address is consistent in all plugins that send emails from your WordPress site.
Method #3: Test Different “To” and “From” Email Addresses
Post SMTP allows you to test your email deliverability with a built-in test email feature.
But sometimes you still see the Gmail warning because, by default, this feature sends test email to the same address as the From address.
Additionally, the same can be the case with other plugins that send email notifications.
Solution:
So, to prevent this problem, use a different “To” email while testing email deliverability in Post SMTP. As shown in the image below:
Conclusion
Keep in mind that you can’t stop it entirely, but by understanding and applying authentication methods like SPF, DKIM, and DMARC and using the Post SMTP plugin, you can easily enforce the same From Email Address for all the email notification plugins that significantly reduce the risk of triggering this cautionary message.