On Apr 2, 2010, at 3:45 PM, Alan Hysinger wrote: > If a pin is compromised, it's only the one pin. I have observed it is different for each mailing, even for the same email address, so it seems the algorithm generating the pins has some defense against being cracked. As the implementor of it, I'd say it's laughably insecure. I'm pretty worried about it, myself. I would like to completely replace it with just a random number, that's saved somewhere and generated when a sub/unsub request is made, instead of a 2-way ...Continue Reading

Well I really hope you don't take that out, it's a very useful feature to me and my non-trivial number of subscribers. That said, in response to your arguments I would say: If a pin is compromised, it's only the one pin. I have observed it is different for each mailing, even for the same email address, so it seems the algorithm generating the pins has some defense against being cracked. If you are concerned about users understanding my proposed option, then it seems it makes more sense to keep it in Config.pm, well ...Continue Reading

On Apr 2, 2010, at 4:19 AM, Alan Hysinger wrote: > > I'm sorry I wasn't clear. I want to maintain the closed-loop opt-out when someone visits the UI on the site, to protect my mailing list from tampering, but if they have their PIN in a link, then I want to trust it and do it in one click. Unchecking that option allows literally anybody to remove email addresses. Hmm, not sure if I have anything to offer to get that working. The, "needs to actually make a confirmation request" is a pretty important ...Continue Reading

I'm sorry I wasn't clear. I want to maintain the closed-loop opt-out when someone visits the UI on the site, to protect my mailing list from tampering, but if they have their PIN in a link, then I want to trust it and do it in one click. Unchecking that option allows literally anybody to remove email addresses. Alan On Apr 2, 2010, at 3:02 AM, Justin J wrote: > > On Apr 2, 2010, at 3:48 AM, Alan Hysinger wrote: > >> Hi, I'm totally new to the list, so if I am in need of a clue, just speak up. I h ...Continue Reading

On Apr 2, 2010, at 3:48 AM, Alan Hysinger wrote: > Hi, I'm totally new to the list, so if I am in need of a clue, just speak up. I have no idea of any etiquette out here, and I am a very direct person. On topic is nice - the list is moderated by a couple of people, so it's usually not a problem. Anyways: > I wanted to provide my users with a single-click unsubscribe option. All you have to do is this: In your list control panel, go to: Your Mailing List -> Mailing List Options and uncheck the optio ...Continue Reading

Hi, I'm totally new to the list, so if I am in need of a clue, just speak up.  I have no idea of any etiquette out here, and I am a very direct person.I wanted to provide my users with a single-click unsubscribe option.  I have received some emails from angry users who don't understand the multi-step unsubscribe process, or worse, the unsubscribe confirmation gets moved to their spam folder.  Additionally, almost all of these people are my customers, who after graciously spending money in my store and op ...Continue Reading

These two bugs have already cropped up in 4.0.4 (thanks to the people who reported them): Subscribers can be subscribed more than once to the black list http://github.com/justingit/dada-mail/issues/closed#issue/38 Subscriptions are not logged in the usage log. http://github.com/justingit/dada-mail/issues/closed#issue/37 I've already issued fixes: http://github.com/justingit/dada-mail/commit/da28a68e155493a9af271c2af30e74207dae9038 http://github.com/justingit/dada-mail/commit/3c5fe179890f866026c51ffd98afea9bf4 ...Continue Reading

Here's the download links: http://github.com/downloads/justingit/dada-mail/dada-4_0_4.tar.gz http://github.com/downloads/justingit/dada-mail/dada-4_0_4.zip Here's the changelog: Changes 4.0.4 UTF-8 Issues MySQL, PostgreSQL, SQLite schema changes Some compatibility issues cropped up, regarding UTF-8/unicode character set/encoding in re: to the SQL schemas. The schemas for all supported SQL backends have been modified to better work, mostly by changing fields with type, text(320), to type, varchar(80). Other n ...Continue Reading

git tag is: http://github.com/justingit/dada-mail/tree/v4_0_4_beta2-2010_03_27 Here's the dl's http://github.com/downloads/justingit/dada-mail/dada-4_0_4-beta2.tar.gz http://github.com/downloads/justingit/dada-mail/dada-4_0_4-beta2.zip Here's the changelog: 4.0.4 Changes 4.0.4 UTF-8 Issues MySQL, PostgreSQL, SQLite schema changes Some compatibility issues cropped up, regarding UTF-8/unicode character set/encoding in re: to the SQL schemas. The schemas for all supported SQL backends have been modified to ...Continue Reading

When I use the "Edit Template" / "Apply the list template to HTML email messages" option, the emails are nicely formatted with the DadaMail screen template, but when you reply to such an email, the reply text is centered (not left justified) and there is a shaded header of a few lines that can't be deleted and everything that gets typed into the reply is centered. Apparently everything in the reply is being caught up in part of the HTML template. Is there a way for the reply text to be unforma ...Continue Reading