cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
mmalagelada
Level 7

My customers receive "McAfee® Potentially Unsafe URLs Detected" from my mails.

Jump to solution

Dear Sirs:

My customers receive "McAfee® Potentially Unsafe URLs Detected" from my mails.

I work for a company that seeks and elaborates information from Internet. We send them mails containing links to information in our servers.

They get this warning;

McAfee®

Potentially Unsafe URLs Detected

The total number of URLs identified : 75

Information:


Blacklisted URLs : 0
Exceeded low threshold (50) : 0
Exceeded high threshold (80) : 2

Highest URL rating score identified : 127

See your system administrator for further information.


The links are like these: http://v.subdomain.comain.com/?14610572250305081328


How can we prevent this from happening?


(I'll provide subdomain and domain in private message. I'd like prevent my company to be considered spammer. We send mail only to users that contracted our services)


Thanks.


Marc.

0 Kudos
1 Solution

Accepted Solutions
marcus69
Level 9

Re: My customers receive "McAfee® Potentially Unsafe URLs Detected" from my mails.

Jump to solution

Hi Marc,

as i said, You are getting these errors because one of the URLs on Your mail leads to potentially unsafe web content.

To get further information You need to ask Your customer for an excerpt from the Email Gateways conversation log from the affected Mail.

This tells You in detail which URLs are rated with bad reputation.

Best Regards

    Marcus

0 Kudos
4 Replies
marcus69
Level 9

Re: My customers receive "McAfee® Potentially Unsafe URLs Detected" from my mails.

Jump to solution

Hi Marc,

The Webserver that these links lead to are unsafe and rated with high risk on Web Content.

Probably it has been seen on the Internet when spreading Malware or Spam and this is why Your mails are blocked because of a bad Trusted Source Reputation.

Please see http://www.mcafee.com/threat-intelligence/ip/default.aspx?ip=141.8.225.124 (141.8.225.124 is the IP of the mentioned Webserver)

Trusted-Source-Reputation.jpg

You may contact Intel Security by using Threat Feedback to remedy you problem after your Webserver is clean again.

If it is not your Webserver, you may contact the owner.

Otherwise Your Customers have to Whitelist Your Adress in order not to be checked on Email- and/or Web-Reputation.

Best Regards

   Marcus

mmalagelada
Level 7

Re: My customers receive "McAfee® Potentially Unsafe URLs Detected" from my mails.

Jump to solution

Great, looks like this works.

But

http://v.subdomain.comain.com/?14610572250305081328

is only an example

True address for that service is 83.169.91.131 and looks like it does not have bad reputation.

http://www.mcafee.com/threat-intelligence/ip/default.aspx?ip=83.169.91.131

So, why are we getting Potentially Unsafe URLs Detected errors?

Thanks.

0 Kudos
marcus69
Level 9

Re: My customers receive "McAfee® Potentially Unsafe URLs Detected" from my mails.

Jump to solution

Hi Marc,

as i said, You are getting these errors because one of the URLs on Your mail leads to potentially unsafe web content.

To get further information You need to ask Your customer for an excerpt from the Email Gateways conversation log from the affected Mail.

This tells You in detail which URLs are rated with bad reputation.

Best Regards

    Marcus

0 Kudos
mmalagelada
Level 7

Re: My customers receive "McAfee® Potentially Unsafe URLs Detected" from my mails.

Jump to solution

OK, I could find the offending links:

http://www.blitzquotidiano.it/home.php?page=hp&sezione=media

http://www.gazzettadinapoli.it/notizie

http://www.blitzquotidiano.it/foto-notizie/un-montone-per-amico-ettore-ed-elio-de-cecco-foto-2444151...

http://www.gazzettadinapoli.it/2016/04/21/gragnano-nasce-maccheronificio-sociale-per-tramandare-lart...


I checked them here and found that they were classified as High Risk:

https://www.trustedsource.org/en/

Hopefully none of our Servers or services has been classified as risky, only these links that were part of a customer search.

Customer was pretending it was my company that was sending virus to them.

Thanks.

0 Kudos