HSTS (HTTP Strict Transport Security) is a new, really cool security policy which keeps sites protected from man-in-the-middle attacks. It basically ensures any browser visiting your site will do so using a secure HTTPS connection. That's great news! :)
However, when you added E-goi's CNAME to your domain, (which both increases deliverability and displays your domain across all our trackable links in your email), HSTS thinks you're trying to bypass its security policy. This means people clicking those links will get something like this:
And that's a bummer! :(
How can I fix it?
Easy enough! Simply ask your hosting staff to remove "includeSubDomains" from your domain's HSTS header. Right now, you probably have something like this:Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Have it changed it to:
Strict-Transport-Security
max-age=63072000; preload
Keep in mind this will turn HSTS off on all your subdomains (if you've got any)! To re-enforce HSTS, just add it to each subdomain separately.