Mail security

Sender verification

Yandex.Mail verifies the sender's identity by their DKIM (Domain Keys Identified Mail) digital signature. If the email has a digital signature, it means that it was not intercepted and changed after it was sent from the mail server. The signature can only be set by the administrator of the server sending the message.

If you see the or icon to the left of the sender's address, it means that the digital signature is incorrect. Be careful with its contents.

For successful verification, DKIM technology must be supported by both parties — the recipient and the sender. Otherwise, the check may show an untrusted signature message in the email from an “honest” sender.

If you are completely confident about the sender and still see the untrusted digital signature message, ignore this alert. You can also contact Support at the sender's mail service to prevent the alert from causing false alarms in the future.

In Yandex.Mail for domain, email appears with the wrong digital signature

What icon and pop-up message do you see?

Sender data is most likely falsified

Most likely, the DKIM signature and SPF record are not configured for your domain. To configure them correctly, use the instructions in the Yandex.Mail for domain help:

Sender may not be trustworthy

Most likely, the DKIM signature and SPF record are not configured for your domain. To configure them correctly, use the instructions in the Yandex.Mail for domain help:

Note. After you configure the SPF record and DKIM signature, some email may still show the icon. This is due to various reasons, such as forwarding, the importer, or mail alias.
Trusted domain (domain.ru) does not match sender
Make sure that the domains specified in the FROM: field of your email match the SPF record and DKIM signature, including the top-level domain.
Note. After you configure the SPF record and DKIM signature, some email may still show the icon. This is due to various reasons, such as forwarding, the importer, or mail alias.
Trusted sender
Most likely, you started sending email from this domain only recently or users reported your messages as spam. They will be marked with the icon after a long time has passed and when there are fewer complaints about the messages you send.

My mailing list email are marked with the wrong icon

If you send email and see that they're labeled with the or icon, the mailing list most likely doesn't meet the Yandex requirements for honest mailing lists.

Phishing (online fraud)

Phishing refers to a variety of Internet scams that are designed to collect confidential user information (account passwords, credit card numbers, PINs, etc.). Fraudsters send out emails under the names of companies, services, or social networks that closely resemble authentic messages.

Phishing emails

Fraudulent emails may ask you to do the following:

  • Provide your username and password to a given service or site (for example, allegedly due to problems with delivery or system failures). Most often, the From field of these types of messages contains “Customer Support” “support” or “admin”.

    Yandex staff members and Support will never ask you to send your login information.

  • Send an SMS to a short number (allegedly to confirm your identity or activate your mailbox). SMS messages to short numbers usually cost more than other text messages under your rate plan, but information about this inflated cost is usually withheld or given in a part of the message where it is least visible. As a result, an arbitrary amount, most often 100–200 rubles, is debited from your phone account right after the message is sent to the short number. In some situations, money might be debited from your phone account on a daily basis.

    Be careful: Yandex will never ask you to send an SMS. Instead, it will send an SMS to you. You do not need to respond to these messages.

  • Fill in a form (supposedly to participate in a prize drawing or receive a gift). This type of form usually asks for your passport information and credit card number in addition to your full name and contact phone numbers.

    If you receive a message about Yandex giving away prizes, contact us to get more information (http//company.yandex.ru/contacts). If there really is a prize drawing, make sure you are not asked to pay for the prize delivery in advance or to pay a participation fee, because Yandex never asks you to pay for what you have not ordered yourself.

  • Click a link to a website (to enter your login and password, for instance; otherwise they threaten to block or delete your mailbox).

    Be careful: Yandex never sends messages threatening to block or delete an account.

    Don't click such links, as they lead to malicious websites. To check the link's address, hover the cursor over it, but don't click it: the address will be displayed in the lower left corner of the screen.

    A Yandex address looks like https://yandex.ru/section or https://service.yandex.ru/section. There must be a slash (/) after yandex.ru, not a dot. If you see a different address, typos, or a meaningless set of characters, don't click this link.

    If you clicked through to the website, check the site address in the address bar. Phishing websites look like websites of real companies or services, but they are fake. Scam artists can easily get access to any information entered by the user on these types of webpages.

How to prevent becoming a victim of fraud

Carefully view all incoming mail and check link addresses so as not to fall victim to phishing scams. Phishing links often contain a meaningless combination of characters or typos. Never pay for purchases or bills you are not sure about; never send SMS to suspicious numbers; and never give your Yandex password to anyone.

Yandex.Mail marks all phishing emails with a special warning:

If you discover a phishing or otherwise suspicious email that is not marked with a warning, please let us know using the feedback form and include its properties.

What should you do if you fall victim to fraud

  • Contact the police if funds have been unlawfully debited from your account.
  • If you followed a phishing link, check your computer for viruses using free antivirus programs, like CureIt! from Dr.Web and Virus Removal Tool from “Kaspersky Lab”.
  • If you entered your password on a fake page, be sure to change it in your Passport, link your phone number phone number to your account, and change your security question and answer. First you should check your computer for viruses, though. If you lost access to your account, follow the instructions to restore access.

Session history

Yandex.Mail log stores the history of changes made in your mailbox, as well as IP addresses from which authorization was made.

Actions that have no visual implications (e.g., reading previously read mail, visiting a folder, etc.) are not displayed in the log.

You may view the data for the last 7 days (about 2,000 actions).

Attention. Session history contains reference information and makes it impossible to cancel executed actions (for example, to recover deleted emails).

To open the session history, click the Date of last login link at the bottom of the page.

You can also view the session history from the Settings  → Security menu.

The log shows your current IP address and other IP addresses under which you recently logged into this mailbox. All of the log's historical data is grouped by dates.

To view detailed information for any day from the list, click the link with the date. The list displays the time of the action, the IP address of the device from which the change was made, and the name of the action.

Mobile phone confirmation

A confirmed mobile phone number is required to recover your password or receive notifications. If you forget your password, you can specify your phone number to receive a recovery code in SMS.

Note. If you do not use a mobile phone or Yandex does not support sending SMS to your operator, you can recover your forgotten password at an alternative email address or by answering a security question.

You can add your phone number on the Phone numbers page. Enter the number and click Add To confirm your number, enter the code sent in the SMS to your number and your Yandex password, and then click Confirm.

Note. SMS delivery time depends on your network operator and usually takes several minutes (maximum delivery time is 24 hours). If you do not receive the message, try requesting it again some time later.

Potential problems and ways to resolve them are listed in the Problems with phone numbers article.

HTTPS support

If you are using an unsecure HTTP connection and unreliable communication channels (such as public wifi) for internet access, information from your mailbox (personal correspondence, passwords, phone, and credit card numbers, etc.) may be intercepted by malicious users.

Yandex.Mail uses the HTTPS protocol to protect your mailbox. It provides security and confidentiality by encrypting your personal data before sending it to the server. The HTTPS protocol is supported by all modern browsers.

Attention. If possible, avoid connecting your devices to public internet access points that do not utilize the HTTPS protocol.

To reduce the risk of data loss, use only reliable communication channels for internet access that provide a secure HTTPS connection. If your internet provider does not support this protocol for some reason, switch to a more reliable ISP.

If you find that the secure HTTPS connection is disabled when you are using a corporate network, contact your system administrator to find out why and resolve the issue.

Attention. If the HTTPS protocol is not working correctly, the problem may also be caused by viruses on your computer. If all settings are correct and the protocol is not blocked by your provider or administrator, check your computer with an antivirus.

I got a message that my connection is not secure

When a security certificate error occurs, you get the message:

  • “Your connection is not secure”.
  • “This site presents a security threat to your computer”.
  • “Incorrect certificate”.
  • “Error in security certificate”.
  • “This is an untrusted connection”.

Untrusted connection or invalid security certificate errors may occur due to a conflict between the browser and computer settings. These errors may also be caused by your antivirus software. To find out why you are receiving the certificate error, look for its code at the end of the message.

Error code Solution
  • ssl_error_bad_cert_domain
Make sure that the correct address is entered in your browser's address bar — mail.yandex.com or passport.yandex.com, and that the / symbol is after com rather than a period or some other symbol.
  • err_cert_date_invalid
  • sec_error_oscp_invalid_signing_cert
  • sec_error_expired_issuer_certificate
  • sec_error_expired_certificate
  • sec_error_ocsp_future_response
Make sure that your date and time are correctly set on your computer. If the wrong date or time is set, the system may incorrectly determine that the certificate period hasn't start yet or that it has already expired.
  • err_cert_common_name_invalid
  • err_cert_authority_invalid
  • sec_error_unknown_issuer
Make sure that your antivirus settings are not configured to check HTTPS connections. More information about how this can be done in Kaspersky Internet Security and ESET NOD32 Smart Security can be found under the table.

If you don't have an antivirus program on your computer, hackers may replace your security certificate using malware or an MITM attack. Check your computer for viruses using free antivirus programs, like CureIt! from Dr.Web and Virus Removal Tool from “Kaspersky Lab”.

Disabling HTTPS connection checks in Kaspersky Internet Security
  1. Open the antivirus window and click the button in the bottom left-hand corner.
  2. Go to the Advanced settings tab and choose Network.

  3. In the Check secure connections block, choose Do not check secure connections and confirm the action.
Disabling verifications of HTTPS connections in ESET NOD32 Smart Security
  1. Open the antivirus window, go to the Settings tab and click the Additional link.
  2. In the Web and Email → SSL/TLS block, disable the Enable SSL/TLS protocol filtering option.
  3. In the Web and Email → Web access protection → Web protocols → Configure the HTTPS scanning module block, select Enable HTTPS scanning.
  4. Click OK to save changes.