This article applies to recent versions of Smartermail (Window Hosting Webmail)  



Problem


Google and other providers have recently started branding web interfaces as unsafe if they don't don't

meet certain security requirements, not simply because malicious content is detected coming from the

site. These security requirements could cause your site to be flagged as insecure, even if it doesn't

contain malicious content.

One of the security requirements is the use of an SSL certificate on the domain used to host the

SmarterMail web interface. 


Google and other providers no longer consider authentication over plain HTTP to be a "best practice".


As such, users may start seeing a bright red warning screen when navigating to SmarterMail from

Chrome or other modern browsers. An example of this warning is below, though the actual text and/or

reason for the warning may vary:





Solution:


If an unsafe browser warning is seen on your SmarterMail site, you can navigate to the site below to determine why:

https://www.google.com/transparencyreport/safebrowsing/diagnostic/ .


More information about the safe browsing requirements can be found at the link below:https://www.google.com/transparencyreport/safebrowsing/?hl=en .


Some additional steps that may alleviate this issue as well: 


  • Implement an SSL certificate for your web interface. For complete steps on this process, refer to the KB article, Configure SSL/TLS to Secure SmarterMail
  • In addition, you can force all webmail traffic to utilize that SSL certificate by following the steps in our KB article, Force Webmail Traffic Over HTTPS. This process involves configuring SmarterMail in IIS and enabling a setting within SmarterMail. When completed, this will force users who type in the standard "http://..." to a secured, HTTPS connection.
  • Just to be safe, run a scan for malware infections and malicious pages on the SmarterMail web server. 
  • Finally, implement domain and user throttles to prevent spam generation from your server in the event of a compromised account. 



How to identify Smartermail Hostname


Window OS 


Start -> run -> type CMD -> In the command prompt environment type "telnet mail.yourdomainname 25"  





Mac OS


Open Applications -> Utilities -> Terminal > In the command prompt environment type "telnet mail.yourdomainname 25"  



More detail about telnet at here


The hostname will show as example below


Hence you need to use https://hostname.mschosting.com to access the Smartermail. 



Note


If you are unsure of your Smartermail hostname, please do not hesitate to reach our support

by providing your domain name.