Back to Community Threads
Google malware false positive
Problem reported by sam - 5/3/2017 at 2:25 PM
Submitted
Hi all,
I see this has also been posted by a few others in the past.

Google has deemed our Smartermail 14.5 login.aspx webmail page as "Deceptive site ahead".
This is obviously a problem for our users.
 
I have checked the Smartermail files and server over many times and there are no changed files, no malware, no code injections etc.

The only conclusion I can come to is that the way that login.aspx is coded and the way some javascript variables are named it is deeming it to be injected.

I submitted the site for re-review with Google and it came back fast with the same problem.
I re-submitted it again explaining it was a Smartermail login page and was clean and not heard back from them for over 48 hours...

Any ideas how I can resolve this annoying issue?
 
Thanks for any help.
 
 
Employee Replied
5/3/2017 at 3:24 PM
Employee Post
Hi Sam.  This KB Article should help you.   Google Safe Browsing Warning and SmarterMail
 
sam Replied
5/3/2017 at 4:38 PM
Thanks for the prompt response Rod.
As I am using a version behind the latest SM, I have implemented IIS Redirect in the MRS web.config to HTTPS.

I have now resubmitted a review to Google.
Hopefully this will fix it.
W. T. Leaver Replied
5/31/2017 at 9:56 AM
I'm experiencing this problem today with our webmail URL. I ran a scan at quttera.com which reported the following as suspicious:
 
/mobile/Scripts/jquerymobile.js
 
[[me==="title")b.document.title=d.title;}catch(a){}};};h.stop=n;t=function(){returne(b.location.href);};k=function(g,c){vare=b.document,h=a.fn[f].domain;if(g!==c)e.title=d.title,e.open(),h%26%26e.write('<script>document.domain="'+h+'"<\/script>'),e.close(),b.location.hash=g;};}();returnh;}();})(jQuery,this);(function(a,c){if(a.cleanData){varb=a.cleanData;a.cleanData=function(f){for(vard=0,g;(g=f[d])!=null;d++)a(g).triggerHandler("remove");b(f);};}else{vare=a.fn.remove;a.fn.remove=]]
I'm just wondering if SmarterTools can confirm this is their code and not an injection? I suppose I could install a separate version and compare, but would like to save the hassle if possible.
W. T. Leaver Replied
5/31/2017 at 10:04 AM
Actually I googled and found someone else's login on enterprise version 15 and compared the two files, and they are identical, so I'm more comfortable this is truly a false positive.
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Reducing ClamAV False PositivesSmarterMail > Troubleshooting
Google Safe Browsing Warning and SmarterMailSmarterMail > Troubleshooting
Remote Server returned: '602' errorSmarterMail > Troubleshooting
Integrating Google Apps with SmarterMailSmarterMail > Domain/User Configuration and Management
Troubleshooting Tips for Online MeetingsSmarterMail > Troubleshooting