Be careful with this message

How to Fix ‘Be Careful With This Message’ Error in Gmail

Are you seeing a yellow ‘be careful with the message’ warning in Gmail?

Gmail displays different variations of this warning if it thinks someone might be misusing your email address. Sometimes this can be a false positive.

In this article, we’ll explain how to set up your emails to reduce the number of Gmail errors or warnings.

Fix Your WordPress Emails Now

Why Do I See ‘Be Careful With This Message’?

Google automatically adds ‘be careful with this message’ to emails that could be suspicious.

When Google detects a potentially malicious email, Gmail and G-Suite users see a warning in a colored bar at the top of the email.

Be careful with this message error in Gmail

Along with the warning, you might see text like:

  • This email claims to come from example.com, but replies will go to an email address at another domain.
  • This may be a spoofed message. The message claims to have been sent from your account, but example.com Mail couldn’t verify the actual source.
  • Gmail couldn’t verify that example.com actually sent this message.

Sometimes senders will be marked with a question mark icon. When you hover over it, you’ll see the text  ‘yourdomain.com couldn’t verify that example.com actually sent this message (and not a spammer)’.

Gmail question mark icon next to sender

If you’re seeing ‘be careful with this message’ warnings, don’t worry: your emails will likely still be delivered.

But any Gmail warning or error is still a problem because:

  • People might think your emails are spam or not trustworthy
  • They might hit the Report Spam or Report Phishing button in the warning box, which could cause problems with email deliverability
  • You might have missed a step when setting up your contact forms, and that could mean important messages are already being filed as spam. This can affect deliverability for any contact form plugin such as Ninja Forms (see Ninja Forms emails not sending).

You can’t shut these warnings off completely, but you can correct your email and contact form settings. This reduces the chance that your recipients will see them.

How to Fix ‘Be Careful With This Message’ Error in Gmail

We’re going to step through a 3-point checklist to reduce the Gmail errors you’re seeing.

  1. Check Your DMARC, DKIM, and SPF Records
  2. Check the From Address in All Plugins
  3. Use Different From and To Addresses

Let’s start with the most important.

1. Check Your DMARC, DKIM, and SPF Records

The WP Mail SMTP plugin lets you send emails from your WordPress site through a 3rd party mailer service. This is a great way to improve email deliverability from WordPress because these mailer services can apply verification to your emails.

But for this to work properly, you may also need to set up DMARC, DKIM, and SPF on your domain.

DMARC, DKIM, and SPF add verification data to the email header, which is the technical part of the email we don’t normally see. Without that data, Gmail will assume the email is suspicious because the From address doesn’t match the server that was actually used to send the message.

Email header example

You can run into this issue any time you use a 3rd party mailer service to send emails. For example, it’s also quite common when you send out email newsletters.

The best way to fix this is to check that your DMARC, DKIM, and SPF records are working.

Solution: Check Your DNS Settings

DKIM, SPF, and DMARC are TXT lines in your domain name’s DNS record.

To learn how to edit the DNS, check the documentation for your mailer service. If you’re using WP Mail SMTP, you can jump to the instructions using these links:

Review the requirements for setting up DMARC, DKIM, and SPF records, then check each record using MXToolbox to make sure it’s valid.

Check SPF record in MXToolbox

If you need some extra help, check out our tutorials on:

2. Check the From Address in All Plugins

In WordPress, you might have multiple plugins all sending emails using their own templates and settings.

For example, your contact form plugin and your backup plugin might have different From email addresses. One might be sending email from your preferred From address, but another might be sending emails from the site admin email address – or even a completely made-up one.

For example, Contact Form 7 defaults to using a From address of [email protected][your-domain], which is the default From address in WordPress.

Contact Form 7 email defaults

To resolve email problems and make your WordPress site easier to manage, we highly recommend that all of the plugins on your website should use the same From address. This should ideally be an email address at your domain that actually exists.

Solution: Force the From Email in WP Mail SMTP

WP Mail SMTP makes it easy to send all of your emails from the same From address.

You can easily enable this by clicking Force From Email checkbox in the plugin settings.

Force From email in WordPress

When you click this, every plugin on your WordPress site will use the From address you’ve chosen instead of their own random or invalid address.

This helps to make sure that all of the emails from your site are validated.

If the Force From Email checkbox is grayed out, it means that your mailer requires this setting to be turned on and WP Mail SMTP has already taken care of this for you.

3. Use Different From and To Addresses

WP Mail SMTP has a test email feature that makes it easy to check that your WordPress emails are working.

But you might see a Gmail warning if you send the test email to the same email you used as your From address.

Be careful with this message email example

This can also happen with some plugins that send notifications. They might send emails to and from the same address like this:

Identical from and to addresses

This email has a G-Suite From address, but it isn’t sent from Google servers. So if you send it to yourself, it might trigger a ‘be careful with this message’ warning.

Nobody else will see this particular error, but it can be confusing because it looks like there’s a problem with your emails.

Solution: Use a Different Address for Testing

In WP Mail SMTP, try sending your test email to a different email address – not the From address you set up in the plugin.

Send email test in WP Mail SMTP

This should remove the error and reassure you that your emails are working.

Additionally, if you’re seeing this error from specific plugin notifications, take a look and see if you can change the sender address for the notifications.

Here’s an example from MailPoet. In the settings, we can send newsletters from the From address that matches the domain, but we can also have plugin notifications sent to a different email address.

Change MailPoet notification email address

WP Mail SMTP also has an email error logging feature that helps you troubleshoot problems if your WordPress emails aren’t sending for any reason.

And that’s it! We hope these tips helped you to reduce the number of ‘be careful with this message’ warnings in G-Suite or Gmail.

Fix Your WordPress Emails Now

Next: Fix WordPress Emails Going to Spam

Are your WordPress landing in the junk mail folder? This often happens if your DNS records aren’t set up correctly, or you’re on a spam blacklist.

To troubleshoot this, check out how to fix WordPress emails going to spam. You can also see this in-depth guide if your Divi contact form is not working.

Or if you’re using Gravity Forms and need troubleshooting help, check out our post fixing Gravity Forms notification issues.

Ready to fix your emails? Get started today with the best WordPress SMTP plugin. WP Mail SMTP Elite includes full White Glove Setup and offers a 14-day money-back guarantee.

If this article helped you out, please follow us on Facebook and Twitter for more WordPress tips and tutorials.

Comments

  1. This doesn’t really do me any good at all and it’s a real pain. I run a small online store. I’m the only one in my “organization’ so ALL my emails come from outside my domain. Messages from MY online store all get branded with “Be Careful With This Message” that wastes space and takes time to get rid of. I really want to disable it but apparently I can’t.

    1. Hi Kent

      I’m sorry to hear you haven’t been able to resolve this issue on your site.

      This could be happening because you’re sending emails FROM and TO the same email address. For example, if your store emails are sending from “[email protected]”, and they’re also sent to[email protected]”, you’ll typically get this warning in Gmail. Nobody else will see this warning except you. If you wanted to remove it, you could change the FROM email to another valid email in WP Mail SMTP, which should stop it from happening.

      If everyone is seeing this message on your emails, it’s likely an issue with your DNS records. Our support team can help you to track this down. If you have a WP Mail SMTP license, you have access to our email support, so please submit a support ticket.

      Otherwise, we provide limited complimentary support in the WP Mail SMTP WordPress.org support forum.

      Thanks 🙂

  2. I am not receiving messages sent from my word press in my google email.
    When I set up I sent an email and got a message it had been successful.

    Several emails have come with a message warning that google was suspicious about abs when I’ve opened them their is no message and it’s come from my email address ?

    1. Hi Christina,

      If you don’t see any messages, you may have configured the form plugin incorrectly. If you’re using a plugin like WPForms on your site, here’s how you can set up form notifications correctly. If you’re using a different plugin, you need to check their documentation to set up form notifications accordingly.

      Also, make sure that you have configured a mailer by following our complete guide to mailers.

      If you need some extra guidance with this and you have a WP Mail SMTP license, you have access to our email support, so please submit a support ticket.

      Otherwise, we provide limited complimentary support in the WP Mail SMTP Lite WordPress.org support forum.

      Thanks! 🙂

  3. I’m getting that spam bar that you showed from addresses I know are good. The problem I’m having is that when I click on the “It looks OK” on that bar, it still disables all the links in the email, such as resetting my password links.

    1. Hi Amy,

      What’s the email client (or browser) that you’re using to view your emails? Also, did you experience that issue on your desktop PC or on a mobile?

      Once we have more information, we should be able to assist you further.

      Thanks!

  4. Greetings!
    I already followed the steps given above, unfortunately the issue still persisted.

    Actually previously not issue at all , but lately this issue show up on my gmail.

    Kindly advise, what the root caused?
    Thank you!

    1. Hi Faiz,

      Most probably your SPF, DKIM, and DMARC records are not set up correctly. Try sending a test email (WP Mail SMTP -> Tools) to this online tool and check your report. Based on the report, you should be able to fix it.

      Thanks!

  5. I run a couple of websites for local government with .gov.uk domains – I also provide email services through the same ISP. It being government they are pretty hot on secure config of email via the National Cyber Security Centre. I have had my DMARC, SPF and DKIM configs checked and they are all reported as well configured.
    CPanel on the server also reports good config and no issues.
    However one member of staff for the organisation this has been set up for receives ‘Careful With this Message’ with every message from me or her colleagues from that domain . She uses Gmail to receive these messages. This only started happening a few weeks ago. When I send the same messages to my Gmail account and use the same app I do not get a warning.
    When I examine the headers on the message received to my Gmail everything passes – when I look at the headers on the message with a Gmail warning there is a DMARC temperror
    Any help would be appreciated

    1. Hi Leo,

      The TempErrors are normally caused by DNS issues that cause DNS record lookups to fail. Fail messages that result in the Fail result should apply the action defined by the domain owners DMARC policy.

      In your case, ask that user to click on the “Looks Safe” link.

      Thanks!

  6. We have a domain. Lets call it bob.com.us and it has nothing to do with gmail. I check [email protected] emails with pop3 through the gmail interface. Any messages from another user @bob.com.us now gets this annoying banner. The messages are not marked as secure cause they are not leaving the bob.com.us server until they get to gmail. This is so frustrating.

    1. Hi Mikey,

      As explained in this article, you need to set up SPF, DKIM records correctly on your domain to resolve this issue.

      Get in touch with your hosting support and they should be able to assist you accordingly.

      Thanks!

  7. I’ve tried many times but Issue remained the same. I think this due to my business uses Yandex mail server and Yandex is Russian company.

    1. Hi Attique,

      Could you please try sendig a test email (WP Mail SMTP -> Tools) to this online tool to check your email deliverability? According to the report, you may adjust your SPF, DKIM records.

      Or else, you can try reporting this issue to the Yandex support, and they should be able to assist you further.

      Thanks!

Add a Comment

We're glad you have chosen to leave a comment. Please keep in mind that all comments are moderated according to our privacy policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.