Why are my emails marked as dangerous in Gmail when using microdata markup?

Key findings

• Direct Causation: Evidence suggests a direct link between the inclusion of microdata markup and Gmail marking emails as dangerous, with emails becoming safe upon its removal. This indicates that while microdata itself is a valid feature, its implementation or surrounding context can trigger security alerts.
• URL Consistency: The issue persists even if the URLs embedded within the microdata are the same ones used elsewhere in the email without markup, and those non-marked-up URLs do not trigger warnings. This points to the markup itself, or its specific usage, as the trigger rather than the URL content alone.
• Gmail Registration: A crucial factor is whether the sender has registered with Google for structured data implementation, which might be a prerequisite for proper functionality and avoiding security flags for some types of markup, especially for interactive elements like Go-To Actions. While Gmail supports both JSON-LD and Microdata, explicit registration for certain actions could be necessary, as highlighted in the Gmail documentation.
• Phishing Detection: Gmail's algorithms may interpret certain microdata configurations, particularly those creating interactive elements, as potential phishing attempts if the sender's reputation or the markup itself is not perfectly aligned with expected patterns. This can lead to a dangerous message alert.

Key considerations

• Sender Reputation: Before implementing complex features like microdata, ensure your sender reputation is robust. A low domain reputation can exacerbate issues with even legitimate markup.
• Authentication Status: Verify your email authentication protocols (SPF, DKIM, DMARC) are correctly configured and aligned. Strong authentication is fundamental to building trust with Gmail and preventing messages from being flagged as suspicious. Learn more with our simple guide to DMARC, SPF, and DKIM.
• Gradual Implementation: When introducing new markup, do so gradually and monitor its impact on a small segment of your audience or using dedicated test accounts, before rolling it out widely.
• Content Review: Beyond the markup itself, carefully review the overall content of your email, including subject lines, body text, and other URLs, for anything that might appear suspicious or phishing-like to Gmail's filters.

Key opinions

• Markup as Culprit: Several marketers report definitively identifying microdata markup as the direct cause of Gmail's dangerous warnings after extensive testing.
• Inconsistent Behavior: The issue often appears suddenly, affecting a small portion of customers despite the markup being in use for years without prior problems. This suggests a dynamic or evolving nature of Gmail's filtering.
• Registration Gap: A common thread is the lack of prior registration with Google for using the markup, especially for older implementations. This might be a missing piece of the deliverability puzzle.
• Content Neutrality: Marketers emphasize that the same URLs and content, when not part of the microdata, do not trigger warnings, isolating the problem to the structured data itself.

Key considerations

• Test Thoroughly: Always conduct rigorous testing, ideally with a variety of real Gmail accounts (new and aged), to pinpoint the exact element causing deliverability issues.
• Consider Registration: If using interactive or advanced markup features, explore if Google now requires sender registration, which might resolve the phishing warning issue.
• Review Old Implementations: Even long-standing markup implementations should be reviewed against current Gmail guidelines, as rules and algorithms evolve.
• Focus on Core Deliverability: Ensure fundamental deliverability factors, such as strong sender reputation and proper email authentication (SPF, DKIM, DMARC), are fully optimized, as these lay the groundwork for successful email delivery regardless of markup usage. For additional context, see how WP Mail SMTP advises on handling 'Be Careful With This Message' warnings.

Key opinions

• Phishing Likelihood: Experts suggest that specific ways microdata is implemented can inadvertently mimic phishing attempts, triggering Gmail's advanced security filters. This relates to how Gmail flags phishing warnings.
• Tool Limitations: While inbox placement tools are useful for trends, they may not provide sufficient forensic data to diagnose specific, granular issues like those caused by microdata interaction with Gmail's filters.
• Registration Importance: The lack of prior sender registration for markup usage, especially for Go-To Actions, is a significant point raised by experts. This registration is critical for Gmail to trust the origin of interactive elements.
• Selective Implementation: As a potential, though not ideal, solution, some experts consider selectively omitting markup for Gmail recipients if the registration process is not feasible or effective.

Key considerations

• Real-Account Testing: Always test with newly created or clean Gmail accounts, beyond automated tools, to get a clearer picture of how Gmail's filters are behaving without prior engagement history skewing results.
• Investigate Markup Type: Differentiate between standard promotional markup and action-oriented markup. The latter often requires more stringent vetting by email service providers (ESPs) and mailbox providers (MBPs) like Gmail. For more on this, consider resources on email deliverability issues.
• Register with Gmail: If you are using markup for Go-To Actions or other interactive elements, ensure your domain and implementation are registered and whitelisted with Gmail, as this builds trust and validates your use of structured data.
• Monitor Deliverability Trends: Keep a close eye on your overall deliverability trends and specific Gmail warnings to identify any shifts that might coincide with markup changes or other sending practices.

Key findings

• Dual Support: Gmail supports both JSON-LD and Microdata for structured data, allowing flexibility in implementation.
• Actionable Emails: The primary purpose of email markup is to enable interactive, actionable elements directly within Gmail, such as confirming purchases or reviewing items.
• Sender Trust: Google's documentation implicitly ties the successful display of marked-up content to sender reputation and compliance with security best practices. Non-compliance can lead to warnings or non-display of features.
• Developer Guidelines: The Getting Started page emphasizes strict adherence to Google's general guidelines for email senders.

Key considerations

• Whitelisting/Registration: For certain interactive actions, Google explicitly requires senders to register and get whitelisted. Without this, the markup may not function as intended or could be flagged.
• Adherence to Best Practices: Ensure your emails comply with all Gmail sender guidelines, including proper authentication (SPF, DKIM, DMARC) and low spam complaint rates.
• Consistent Sender Identity: Maintain a consistent and trustworthy sender identity. Any perceived deviation, such as mismatched URLs or unexpected interactive elements, can trigger warnings like low sender reputation flags.
• Regular Updates: Stay updated with Google's changing requirements for email markup and deliverability. What worked in the past might not work today due to evolving security measures.