How to fix an email newsletter marked as possible phishing


EQ Forum Admin
Staff member
I was recently asked:

"If my client has had messages flagged for "phishing" in the past, how do we clean that up?"

There was some tech talk about was there really a problem, creating SPF records, is there any existing good reputation that makes selection a different sending domain or From: a problem, and the Gmail warning:

"Many people marked similar messages as phishing scams, so this might contain unsafe content."

I checked the customer domains for reputation issues and did not find any.

I had their web person check Google master tools for any other issues associated with the domain and they did not find any issues.

The customer is using streamsend to send their newsletters

From what I can see it might be possible that streamsend uses only 1 IP for all customer outgoing newsletters?

StreamSend Newsletter.JPG

With no apparent issues to act on my best advice was to start sending small amounts of good email to addresses who want the email and are hosted by big services (Gmail etc) and slowly ramp up the sending.

Any additional ideas?


Avoiding the chance to say "yeah, it's our competitor's problem!" here...

It's possible that is the issue, but it's by no means certain, and I would go so far as to say it's highly unlikely.

A couple possibilities below. Take them with the knowledge that I haven't seen the email in question and so can't say whether these are the case; they're based on my experiences.

1. The most likely culprit is that the destination URL is displaying in the message, but the subscriber passes through a tracking URL first.

This is phishing in a nutshell: the link looks like it's taking you one place immediately, but it goes to another.

Solution: use linked text like "Click Here" or something else instead of simply showing the destination URL.

2. There's other content in the email that makes the message seem similar to other emails that Gmail's algorithms or team has associated with phishing.

This is a pretty vague scenario, so here's one specific thing to look for: is your client using a public link shortener for links in his/her newsletter? If so, don't do that. These are open to abuse by spammers & phishers, and your emails can potentically get blocked/filtered if you are using the same tools as those guys. More on this here: Are Blacklisted Link Shorteners Getting Your Emails Blocked?

Again, hard to say without seeing the email in question, but these are common mistakes that people make when sending and tracking email campaigns.

Hope this helps!

Justin Premick
Director of Education Marketing
AWeber Communications