Google and other providers have recently started branding web interfaces as unsafe if they don’t don’t meet certain security requirements, not simply because malicious content is detected coming from the site. These security requirements could cause your site to be flagged as insecure, even if it doesn’t contain malicious content.

One of the security requirements is the use of an Ssl Certificate on the domain used to host the SmarterMail web interface. Google and other providers no longer consider authentication over plain HTTP to be a “best practice”. As such, users may start seeing a bright red warning screen when navigating to SmarterMail from Chrome or other modern browsers. An example of this warning is below, though the actual text and/or reason for the warning may vary:

What are the workaround on this issue? Get a SSL Certificate installed on your SmarterMail web server. Adding the SSL certificate not just only to take away the browser warning throw to your webmail users, it also protect all your webmail by ensuring every time they logged on to the webmail, their userid and password is encrypted instead of being send over as plain text via the Internet – such as at any Free public Wifi or hotspot. If you sell SmarterMail as one of the email solution, adding the SSL Certificate to your SmarterMail will just be an extra value adds for you to protect your customers.

As one of the SmarterTools official partner that provide 10% off all SmarterMail license, we wanted to make sure all SmarterTools subscribers are being well protected. We are giving away 1 year of FREE SSL certificate if you have not had any SSL Certificate installed on your SmarterMail installation.

Some other useful resources link from SmarterTools official support portal that could help you to set this up :

• Implement an SSL certificate for your web interface. For complete steps on this process, refer to the KB article, Configure SSL/TLS to Secure SmarterMail.
• In addition, you can force all webmail traffic to utilize that SSL certificate by following the steps in our KB article, Force Webmail Traffic Over HTTPS. This process involves configuring SmarterMail in IIS and enabling a setting within SmarterMail. When completed, this will force users who type in the standard "http://..." to a secured, HTTPS connection.
• Just to be safe, run a scan for malware infections and malicious pages on the SmarterMail web server.
• Finally, implement domain and user throttles to prevent spam generation from your server in the event of a compromised account. More information about this process can be found in the KB article, Set Up Throttling for Domains.