My domain is: conciliae.fr
My domain provider is: 1&1
I can login to a root shell on my machine (yes or no, or I don’t know): yes.
We have a website with a valid SSL Certificate delivered by Let’s Encrypt: conciliae.fr.
We send emails with an account activation link. When a Gmail user clicks on the activation link, Gmail displays a popup: “Suspicious link. This link leads to an untrusted site. Are you sure you want to proceed to conciliae.fr?”
On several forums we saw that it probably comes from the SSL Certificate we have, that’s why we publish the question here.
Because of this message we lose all our Gmail users (50% of all the inscriptions requests we have). This is a very problematic issue.
Would be great if someone could help us with this problem.
It's most probably not linked to your certificate.
Did you follow the others advices?
Specifically:
Messages sent from accounts or IP addresses that have sent other spam messages.
If the email/domain is unauthenticated.
Hover over any links before you click on them. If the URL of the link doesn't match the description of the link, it might be leading you to a phishing site.
Besides certificate issue (which would display in browser as “this site is not secure” or “invalid certificate”), as @tdelmas said, it could also be “dkim issue” “spf issue” “dmarc issue” “email content issue (content being identified as email spam, junk, hacking etc)”.
Those issue are more complex than certificate, since you would need to identify those one by one…
Thank you all very much for your responses.
I followed all your advices, but the problem is still persisting.
@stevenzhu
I never heard about DKIM, SPF and DMARC before (my bad!). I spent my day on it. I eventually set them up correctly (mxtoolbox displays results about them as successful).
Maybe the propagation of the related DNS entries may take some time that is the origin of the problem for now?
We simplified the content at most. Now the email has only some text and a link (https://www.conciliae.fr/emailvalidation).
@tdelmas
Gmail used to classify our email as spam but it’s not the case anymore. Could it be the origin of the problem?
Regarding the point 4 (If the email/domain is unauthenticated), now DKIM, SPF and DMARC were correctly set up. Is there something else to do?
For the rest of these points, everything is done (the domain is authenticated to Gmail, like described in the point 7).
@JuergenAuer
I read somewhere that FABELSOURCES is obsolete and not used anymore. As a precaution, I requested the removal of our IP address from the blacklist. The IP address isn’t blacklisted anymore and sadly it doesn’t solve the problem :(. Could it come also from the time the information needs to propagate?
I don’t know what to do anymore. Maybe if I wait some time the problem will be solved.
I will keep you updated. Feel free to reply if you have new ideas.
In any case, thank you all a lot.