That sounds quite reasonable to me
I agree that if you have an option for double opt-out then you certainly should do your best to make sure that it can not be circumvented
For those of us who are more daring a one click single opt-out
Although a two click process where the first click took the unsub to a form with their email address filled in and a second click was required to actually unsub might help prevent accidental unsubscriptions
For subscriptions I would argue that you require double opt-in
Thanks for giving us a voice in the development process Can't wait to start kicking the tires
--
// Rob Taylor
\
>
On Nov 16, 2007, at 5:02 PM, Rob Taylor wrote:
>
I personally think double opt-out is really a bad idea As a recipient of email from a source that I do not want to have contact with anymore it seems a little ridiculous that I would be required to receive yet another email from the unwanted source in order to get off the list
Point well taken
I think an acceptable compromise would be if the unsub form was automatically populated with the email address This would create a two click unsub process but would not require the unsub to manually enter in their email address If I forward a mail message, I am already voluntarily sharing my email address so the risk/security associated with embedding the email address in the unsub url in that situation is a non-issue in my opinion
This is what I'm sayin':
If you've selected Double-Opt-Out unsubscription, you're: not going to be able to use a confirmation URL with the pin in it, meaning - no one click unsubscription You'll have to fill out a form and confirm the unsubscription via email Thus the double-opt-out If you were snarky, yeah, you could get the form prefilled, and also just have this confirmation email automatically sent, once you've clicked the URL in the email message
If you have NOT selected Double-Opt-Out unsubscription, Yeah, you're not going to be be able to use a confirmation URL with a pin in it But! There will be no need You will be able to create a unsubscription link that, if you click, will take you off the list automatically I'm OK with this idea, although it does pose the problem of people who aren't subscribed clicking this link and unsubing someone else There's nothing I can really do to change that, and I guess it's the discretion of the list owner to do something about that
Right now, what I think is happening is people have double opt out unsubscription enabled (it's the default), but! are using the full unsubscription confirmation link w/pin in their mailing list messages
I think what I am going to require is that if you use double-opt-out unsubscription process, it's going to be enforced, instead of the somewhat liberal way it can be used now If you don't use double-opt- out, you don't have to
The problem is that there is currently a hole in the pin confirmation system My concern is that if it's gonna be in place, it might as well work, even if it's an optional step and unwanted (it seems) in the unsubscription side of things
For subscriptions I think you'd be silly not to have double opt in enforced It's quite a liability not to
Hmm All this is going to be very confusing to people
-- Justin Simoni
Dada Mail - Write Once: Distribute Everywhere Software url: http://mojo skazat com
On Nov 16, 2007, at 5:02 PM, Rob Taylor wrote:
>
I personally think double opt-out is really a bad idea As a recipient of email from a source that I do not want to have contact with anymore it seems a little ridiculous that I would be required to receive yet another email from the unwanted source in order to get off the list
I can tell you in the hundreds of thousands of emails we have sent using the dadamail system I have never encountered a case where somebody was unsubscribed by another person who was forwarded the message Maybe our emails just aren't viral enough :~>
I think an acceptable compromise would be if the unsub form was automatically populated with the email address This would create a two click unsub process but would not require the unsub to manually enter in their email address If I forward a mail message, I am already voluntarily sharing my email address so the risk/security associated with embedding the email address in the unsub url in that situation is a non-issue in my opinion
-- // Rob Taylor \
TD Media // http://www tdmedia com \ 760 438 9393
>
On Nov 15, 2007, at 3:56 PM, Rob Taylor wrote:
Hi Justin:
If I understand your analysis correctly, these modifications would disable a "one click" list unsubscription process
That's what this will do, if you've selected to have double-opt-out unsubscriptions If you don't want this behaviour - and I can be sympathetic to those that don't, you can just turn double-opt-out confirmation off
There's already problems with having this enabled and active even now: If you forward the message, that unsubscription confirmation URL will be alive and well in the forwarded message and someone else could potentially unsubscribe you
If you don't have double-opt-out unsubscriptions, you have two choices (basically), you can use the:
http://mojo skazat com/cgi-bin/dada/mail cgi/u/dadadev/
for unsubscription requests, the user will have to visit Dada Mail and fill out their email address and press a button,
Or you could use something like this:
http://mojo skazat com/cgi-bin/dada/mail cgi/u/dadadev/rt/
tdmedia com
Which (I think) should give you one-click unsubscription again I'm a little up in arms as to whether having the email address automatically entered into a form is a good idea or not One one hand: it makes things real convenient, on the other, it's just another place where the email address is embedded in the email message, in a url, ready to be clicked, by anyone (the forwarding problem, again)
Having the ability to have the List Unsubscription Confirmation URL tag in a mailing list message isn't really double-opt-out, it's single opt out, since there's no real confirmation
The behavior really stems from the fact that the pin isn't randomly generated, but is generated using a formula that uses the subscriber's email address as a variable It's main weakness is that it's easily (probably?) reversible I should probably fix that asap Fixing it does mean changing the behavior of the program from something A LOT of people have been doing I'll get angry letters about it, if I go through with it, I'm certain
-- Justin Simoni
Dada Mail - Write Once: Distribute Everywhere Software url: http://mojo skazat com
On Nov 15, 2007, at 3:56 PM, Rob Taylor wrote:
>
Hi Justin:
If I understand your analysis correctly, these modifications would disable a "one click" list unsubscription process
I think that this might be a mistake
I, for one, always use the list_confirm_unsubscription_link in the bottom of my emails My feeling is that if somebody wants off the list then they should be able to do so without jumping through a lot of hoops It always seems a little bit odd to me when I see unsub mechanisms that require me to enter my email address before I unsub I have dozens of email addresses and I simply can't be bothered to take note of which one was used in this particular message I shouldn't have to do the work
That being said I think the points you make concerning security of list subscriptions is important Ideally the modifications you are talking about would only apply to subscriptions I don't think there is as much of a risk with unsubs
Of course this is just one persons perspective
Thanks for all your hard work
-- // Rob Taylor \
TD Media // http://www tdmedia com \ 760 438 9393
>
Heya everyone
I've been hard at work, getting Dada Mail ready for the next alpha release
The more things I add, in terms of features - and right now, it's just one big feature: multiple subscriber fields, the more things I find I have to tweak to make the system work (still) This gives good opportunity to tune some of the code and get rid of stuff that's not even needed
Along the way, the new features do call for some decisions on how the program works Right now, Dada Mail has quite a few options on how the current subscription process works For example, you can subscribe with, or without confirmation, with extra checks for blacklisting, CAPTCHAing challenge/responses, confirmation request limits, etc and also have different options on how to report that a subscription works out - URL redirects/showing a result via HTML - and all this works in a portable way in a few methods you can call in any Perl program
It's actually quite a headache to keep straight
One of the glaring problems is that the confirmation authentication isn't as strong as it could be It'd like to work specifically on that problem, but it would impact quite a few things in the program:
Currently, there's the idea of a, "Subscription URL" and a, "Subscription Confirmation URL" The "Subscription Confirmation URL" is the URL with the pin number in it Looks like this:
http://example com/cgi-bin/dada/mail cgi/n/list/user/example com/123456789/
As it stands, the pin number (123456789) is fairly unique per email address and is probably unique in the pairing of this email address with this Dada Mail installation - meaning, trying to confirm an address using this pin with this email on a different Dada Mail won't work
I'm not an expert in security, but the pin number in Dada Mail has some shortcomings First off, it's computed using the email address itself as some of the data The rest you can set, but it's always the same data for the rest of the computation for every email address If I was snarky, I could figure out how to make pins for every address per Dada Mail installation No one has, that I know of, but it's just a matter of time
What would be better is a completely unique and random pin number for each subscription request There's a few things that stop me from implementing that - well, really just one: there's no where to save this pin request temporarily, since the subscription back end does not support multiple fields
Well - in the Very Near Future, Dada Mail will support this It's not such a big deal to get this in now for the SQL backends that also support Multiple Subscriber Fields
The PlainText backend won't Still I'm basically going to give up trying to shoehorn multiple fields-like behavior for the PlainText backend and say, "Hey, if you're using the PlainText Backend, this is how pins are made"
As it stands right now, when someone makes a request for a subscription, their email address, along with any other subscription fields, is saved in the "sub_confirm" sublist and is moved from this sublist to the actual subscription list once the confirmation process is complete
When creating the multiple fields feature, I realized that there's nothing to really stop someone from faking a confirmation I want to suggest that a check is made to see if the subscriber is on this "sub_confirm" sublist, before actually being able to subscribe to a list This would basically guarantee that the subscriber actually went through the subscription process, before getting on It would also provide some sort of protection to the pin authentication stuff
Sounds great to me
There are a few drawbacks that I'm able to swallow, but I wanted you guys/gals opinions on:
If a subscription and/or unsubscription confirmation is going to need the email address to be on a confirmation list, the "Subscription Confirmation URL" won't be allowed in your mailing list messages In other words, you won't be able to use this tag anymore:
[list_confirm_unsubscription_link]
only this tag:
[list_unsubscripton_link]
In fact, the only place you'll be able to use this tag is in the List Subscription/Unsubscription Confirmation Message No where else
It also means that every single subscription/unsubscription a person makes will require going through the entire process I know that at least in testing, I just use the same message over and over again to subscribe myself (after, somehow, removing myself)
There are some benefits to this With the multiple subscriber fields especially, it makes sure, upon subscription, the information they first submit in the beginning of the confirmation process will still be around when they finish it
I've said quite a bit Thoughts?
-- Justin Simoni
Dada Mail - Write Once: Distribute Everywhere Software url: http://mojo skazat com
--
Post: dadadev@PROTECTED
Unsubscribe: http://mojo skazat com/cgi-bin/dada/mail cgi/u/dadadev/
List Information: http://mojo skazat com/cgi-bin/dada/mail cgi/list/dadadev
Archive:
--
Post: dadadev@PROTECTED
Unsubscribe: http://mojo skazat com/cgi-bin/dada/mail cgi/u/dadadev/
List Information: http://mojo skazat com/cgi-bin/dada/mail cgi/list/dadadev
Archive:
--
Post: dadadev@PROTECTED
Unsubscribe: http://mojo skazat com/cgi-bin/dada/mail cgi/u/dadadev/
List Information: http://mojo skazat com/cgi-bin/dada/mail cgi/list/dadadev
Archive:
--
Post: dadadev@PROTECTED
Unsubscribe: http://mojo skazat com/cgi-bin/dada/mail cgi/u/dadadev/
List Information: http://mojo skazat com/cgi-bin/dada/mail cgi/list/dadadev
Archive: http://mojo skazat com/cgi-bin/dada/mail cgi/archive/dadadev
--
Post: dadadev@PROTECTED
Unsubscribe: http://mojo skazat com/cgi-bin/dada/mail cgi/u/dadadev/
List Information: http://mojo skazat com/cgi-bin/dada/mail cgi/list/dadadev
Archive: http://mojo skazat com/cgi-bin/dada/mail cgi/archive/dadadev
Start a new thread, email: dadadev@dadamailproject.com
This is the developer discussion mailing list for Dada Mail.
If you are just looking for support Dada Mail, consult the message boards at:
https://forum.dadamailproject.com
Documentation for Dada Mail:
Specifically, see the Error FAQ:
https://dadamailproject.com/d/FAQ-errors.pod.html
To post to this list, send a message to:
mailto:dadadev@dadamailproject.com
All subscribers of this list may post to the list itself.
Topics that are welcome:
Dada Mail is on Github:
https://github.com/justingit/dada-mail/
If you would like to fork, branch, send over PRs, open up issues, etc.
This Privacy Policy is for this mailing list, and this mailing list only.
Email addresses collection through this mailing list are used explicitly to work within this email discussion list.
We only collect email addresses through our Closed-Loop Opt-In system.
We don't use your email address for any other purpose.
We won't be sharing your email address with any other entity.
Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.
All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.
All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.