¿ªÔÆÌåÓý

  1. GroupManagersForum
  2. Messages
Expanded Topics Messages Polls
Date
Still don't understand how to STOP posts from showing up on Google!! Help.

 

I did a search and found this recommendation from 2019: "It sounds like you don't have the proper privacy setting chosen.? Go to Admin > Settings and scroll down to the Privacy section.? In the Visibility box, you want the last part of the choice to say ", private messages".? Before you change it, be aware that this is a one-way change.? You can never make the archives public again."

But all I see is #3 and #4 below with private messages at the end. Is #4 the best one??

1) Group listed in directory, publicly viewable messages

2) Group not listed in directory, publicly viewable messages

3) Group listed in directory, private messages

4) Group not listed in directory, private messages.?
Re: Posting an Owner message to the group

 

On Mon, Nov 2, 2020 at 07:22 PM, Christos G. Psarras wrote:
absolute total number of groups (~32K) as the value for calculating how many result pages with link info to display, but the "fetch data" code returns less because it checks for group visibility; there are 9980 visible groups
Based on some tests I just did, that's incorrect.? There were 81,592 groups as of this morning (here), with 31,987 of them visible.? It is a bug, but has to do with the number of results going into 5 digits (over 9999).? I thought I had reported this #bug on beta, but can't find it now.

Duane
--
The official Groups.io user documentation is in the Groups.io Help Center.
GMF's Unofficial Help Wiki: /g/GroupManagersForum/wiki
Re: People are asking me to remove them from my group....but they are not members!

 

¿ªÔÆÌåÓý

That's a spam technique that started being heavily used just a couple of days ago.

If you open up the complaint email to display the hidden message routing history, you will see a reference to the email address of your group as the address that email systems are supposed to use to complain about that email.

Google explains how to display the hidden message routing history -- whether you are using Gmail, Yahoo Mail, Apple Mail, or Outlook, etc.


Ignore those messages. (Don't click on any links in those messages -- may send you to a poisoned website that will attack your system.)

--cg
Re: People are asking me to remove them from my group....but they are not members!

 

FWIW, I just had the same issue in my group. I have requested a copy of the offending message. This was from an AOL email user.

Has anyone sent this issue to Mark or posted it to the Beta group?

Scott
Re: A way to pre-authorize subscription requests? #addmembers

 

Thanks, Shal, for the clear and helpful reply!

Not trying to game the system. Just wanted to be sure that I had not missed such a feature when going through the excellent Owners Manual. (I was concerned because -- when I searched on subgroups -- some of the key info turned out to be located in wiki entries rather than in the Owners Manual.)

I got the pre-authorization idea because, at one point the now-living-dead LinkedIn Groups system had pre-authorization, which worked quite nicely.

We will switch to the Premium level. First, in fairness to Mark.?

And we want subgroups.?(We have a website, so we don't need calendar, database, photos, files, or wiki. Our members are not into chat. Unlike many other groups, we've found that an archive of old posts is not very useful for us due to the continually-changing info. Polls would be useful. We have Eventbrite for donations, which works very well.)?

In short, we need an email-based, moderated discussion system with reliable email delivery.

Agree about spamtraps. Given the care our team has taken in vetting applications over the 20 years, we would only have a spamtrap if a legit account has been taken over.

Agree on people marking invitations as spam. Given the varying level of email literacy -- and that many are set to "no email" -- there will be people who do this.?

Deliverability is the Achilles heel for any email-based system.?

For example,?Gmail, marks confirmation emails from Yahoo Groups as spam -- and the spam folder is hidden. Our directions say: "If you don't see the confirmation emails within an hour, check your Spam or Trash folder. (In Gmail, click "More" in the left-hand menu to find the hidden Spam folder.)"

My bet is that, as Groups.io grows in membership and volume, Gmail will do the same with Groups.io's confirmation emails.

Thanks again,
--cg
Re: A way to pre-authorize subscription requests? #addmembers

 

Curt,

I know we could send invitations via Premium Groups.io ...
Invite you can use in a Basic group. But to use Direct Add you need to pay for at least one month of Premium.

... however, that would increase the chance that email providers (and
public and private blackhole lists) block the Groups.io IP address ...
I can only think of three ways this can happen.

One would be if one or more of those addresses turn out to be spamtraps. How one of those could get onto a Y!G's member list is a mystery to me.


Another would be if a some of the recipients of the Invite (or Direct Add notice) mark that message as spam.

The third is that the receiving service notices many messages sent to invalid addresses from the same IP address, and flags the IP address. I think this is the one Mark is citing in the topic on beta:


He did not react to my comments, so I'm not sure to what extent he might agree or disagree with me.

Is there a way to upload a list of email addresses to pre-authorize
approval of subscription requests?
No.

My unease with this topic is that Invite is the means designed into Groups.io to do exactly what you're trying to do. That you and others may feel compelled to work around it strikes me as a major failing.

Were it me, I would be inclined to use the facilities as intended (Invite or Direct Add) and let Groups.io figure out how to deal with consequences, if any. That's kind of rude to members of email services that use RBLs, but my opinion is that the fault is with those services: they should not apply RBL-like rules against a known legitimate email source such as Groups.io.

I'm a little excitable on this subject because I believe that many years ago (maybe 15 years) Verizon was doing something of the sort against Yahoo Groups, causing me to miss a fraction of group messages. I quit Verizon as my ISP in part for that reason - and the fact that I could never get a straight answer out of their tech support on the subject. My attitude then (and now) is that I signed up for these messages, and if you (my ISP) can't or won't deliver them to me, then you are failing to deliver the service I'm paying for.

Shal


--
Help: /helpcenter
More Help: /g/GroupManagersForum/wiki
Even More Help: Search button at the top of Messages list
A way to pre-authorize subscription requests? #addmembers

 

We have some 40,000 theoretical members of our various Yahoo groups, accumulated over 20 years -- but many of the addresses are very old and no longer valid.
I know we could send invitations via Premium Groups.io -- however, that would increase the chance that email providers (and public and private blackhole lists) block the Groups.io IP address -- as I understand Spamhaus did three times last week.
Ideally, we'd like to send posts to each group via Yahoo with instructions on how to join the corresponding new Groups.io group. That way, Yahoo would take the hit rather than Groups.io *smile*
Is there a way to upload a list of email addresses to pre-authorize approval of subscription requests?
I went through the Help files and didn't see a way.
That would be useful for many group owners and would reduce the impact on Groups.io's spam reputation.?
Thanks, --cg
Re: Is there a way for subgroup members to message other subgroups? #subgroups

 

Deb,

>>> you can check the "Allow Parent Members to Post" box.

Shal's suggestion should do what you want, because it allows any parent group member to send messages to any subgroup (that now has that setting ON), so a member of one committee subgroup can now send a message to any other subgroup with that option ON.? However, because of that, the small potential side-effect of this setting is that, provided that they know the posting email address, anyone in the parent group can now post to the subgroup(s) (not just the committee/subgroup members).? So even if the subgroups may have private archives, if they are listed in the parent group, it's easy for anyone to find out the posting address.? But even if the subgroups are not "publicly" listed in the parent group, one can still send a message to them with this setting on.? So if you want to avoid the potential "anyone" part, reset the posting permissions on the subgroups to Moderated, and reset the posting permissions of the subgroup/committee members to Override:Can Post, for the subgroups you turn this setting on.? This will keep the uninterrupted flow of messages within the group and group members, but anyone else who posts will land in the Moderation queue.? This way you can catch and prevent possible cross-contaminated postings or non-subgroup members which shouldn't be posting in a particular subgroup.

Think of it this way:? Beforehand, you had 5 rooms where committees met in closed-door meetings.? In order for a member from one committee/room to present somethng to another one, they would have to physically leave one room and go to another, open the door, go in, close the door, do their biz.? Now, they don't, all they have to do is slide the presentation material under the door without having to physically go in.? However anyone else in the office can do the same, so you now have someone that pre-checks whatever is slid under the door, to ensure it is related to the committee, before presenting it.

Cheers,
Christos
Re: People are asking me to remove them from my group....but they are not members!

 

On Wed, Nov 4, 2020 at 10:52 AM, Bernardino wrote:
?Que es un?spambots?
a computer program that collects email addresses from the internet in order to send spam (= unwanted emails) to them

un programa inform¨¢tico que recopila direcciones de correo electr¨®nico de Internet para enviarles spam (= correos electr¨®nicos no deseados)

Bruce
Check out the groups.io Help Center?and?groups.io Owners Manual
Re: People are asking me to remove them from my group....but they are not members!

Bernardino
 

Perdonen mi ignorancia.?

?Que es un?spambots?.?

Soy nuevo en la materia.

En mi¨¦rcoles, 4 de noviembre de 2020 06:35:09 CET, Shal Farley <shals2nd@...> escribi¨®:


Mark,

> Adem¨¢s, no s¨¦ c¨®mo se est¨¢n registrando los servicios de asistencia de las empresas:
> Todas las listas requieren un correo electr¨®nico de confirmaci¨®n para que quien las registre
> de alguna manera tenga acceso al correo electr¨®nico de confirmaci¨®n.

No necesariamente.

Si todo lo que se requiere es una respuesta al correo electr¨®nico de confirmaci¨®n, eso podr¨ªa
suceder autom¨¢ticamente como parte de la respuesta del servicio de asistencia a cualquier caso nuevo.

El truco, si esto lo hace un malcontento / bromista, es falsificar la
direcci¨®n del servicio de asistencia como la direcci¨®n De en una solicitud de suscripci¨®n a la
lista. Dicha falsificaci¨®n sol¨ªa ser bastante f¨¢cil con la mayor¨ªa de las cuentas de correo electr¨®nico de ISP,
aunque muchos se han endurecido en la ¨²ltima d¨¦cada.

Puede hacerlo mediante un spambot de direcciones aleatorias si la lista tiene una
direcci¨®n de correo electr¨®nico separada para la suscripci¨®n (como la direcci¨®n de suscripci¨®n + de un
grupo de Groups.io). Si el spambot tiene tanto la direcci¨®n del servicio de asistencia t¨¦cnica como la
direcci¨®n de suscripci¨®n a la lista en su colecci¨®n, entonces es solo cuesti¨®n de
tiempo antes de que env¨ªe un mensaje de correo no deseado (virus, phishing, malware, etc.) A:
la direcci¨®n de suscripci¨®n de la lista De: el servicio de asistencia habla a.

En el ¨²ltimo caso, no hay otra intenci¨®n que la amplia distribuci¨®n
del mensaje de correo electr¨®nico no deseado inicial. El resto son solo aut¨®matas que se golpean
entre s¨ª. La falla principal es que (aparentemente) ni el
software de la lista ni el software del servicio de asistencia hicieron suficiente autenticaci¨®n de los
mensajes entrantes.

Hace una d¨¦cada y media, este problema casi inutilizaba los Grupos de Yahoo
antes de que Yahoo implementara la cantidad m¨ªnima de autenticaci¨®n necesaria
(DNS inverso) para rechazar los mensajes entrantes de los spambots.

Pero en estos d¨ªas no me sorprender¨ªa saber si eso ya no fuera
suficiente: muchos spammers est¨¢n usando cuentas de correo electr¨®nico comprometidas en
servicios leg¨ªtimos para enviar spam. Por lo general, no pueden falsificar la direcci¨®n De
en ese caso, pero tal vez haya algunos servicios laxos que no
restrinjan esa capacidad.

Shal


-
Ayuda: /helpcenter
M¨¢s ayuda: /g/GroupManagersForum/wiki
A¨²n m¨¢s ayuda: bot¨®n de b¨²squeda en la parte superior de la lista de mensajes


- = - = - = - = - = - = - = - = - = - = - = -
Groups.io Enlaces: Recibes todos los mensajes enviados a este grupo.
Ver / Responder en l¨ªnea (# 34816): /g/GroupManagersForum/message/34816
Silenciar este tema: /mt/78009416/3974073
Propietario del grupo: GroupManagersForum + [email protected]
Darse de baja: /g/GroupManagersForum/leave/defanged [ bernarsua@... ]

-=-=-=-=-=-=-=-=-=-=-=-
Re: Automated welcome message to subscribers of a new subgroup?

[email protected]
 

Case closed.

I was able to test it
Re: Automated welcome message to subscribers of a new subgroup?

 

I have a second GIO account with a separate gmail address that I use for testing. It's been very helpful.

Pete
Re: Automated welcome message to subscribers of a new subgroup?

[email protected]
 

Is there a way I can test it?

Regards,
Michael W Jones
Re: Photos and Files in the 1G frre grouip

 

On Tue, Nov 3, 2020 at 10:25 PM, billsf9c wrote:
Albums, Photos, Attachments, Files.and more, all exist and arenalive and well, in IO...
But not on newly created groups, unless they upgrade to premium.

Duane
--
The official Groups.io user documentation is in the Groups.io Help Center.
GMF's Unofficial Help Wiki: /g/GroupManagersForum/wiki
Re: People are asking me to remove them from my group....but they are not members!

 

¿ªÔÆÌåÓý

Shal,

On 04/11/2020 05:33, Shal Farley wrote:
Mark,

> Also, I don't know how the companies' helpdesks are getting signed up:
> All the lists require a confirmation email so whoever signs them up
> has to somehow have access to the confirmation email.

Not necessarily.

If all that is required is a reply to the confirmation email that could happen automatically as part of the helpdesk's response to any new case.

Good point. This is a possibility and I've been foolish not to think of it!

You are correct. See below.

The trick, if this is done by a malcontent/prankster, is to forge the helpdesk's address as the From address in a subscribe request to the list.

Most Mailman lists allow initial signup via web. You can of course enter any email address you wish in the web form.

This results in an authentication email being sent to the given address with a "confirm <authcode>" string in both the Subject and message body. All that the receiver has to do is to reply to the message and include the "confirm <authcode>" string anywhere in the message body and/or Subject and the email address will be successfully signed up.

Thus, as you say, if the helpdesk software automatically replies to any new email it receives (which most do) then it is trivial to fraudulently sign them up to any Mailman 2 mail list. (I say Mailman 2 because I've not confirmed whether or not this vulnerability still affects Mailman 3).

It could be done by a random-address spambot if the list has a separate email address for subscription (like the +subscribe address of a Groups.io group).

The initial signup could also be done with a web bot, since most MM2 mail lists have exactly identical layouts to the signup page.

it is only a matter of time before it sends a spam (virus, phishing, malware, etc.) message To: the list's subscribe address From: the helpdesk address.

What I have observed is that no spam or malware of any sort seems to be sent to the mail lists using this method. Indeed, there's no point signing up an innocent company's helpdesk in order to send spam/malware to a mail list since anyone can sign up to the mail list anyway with a disposable email address and send spam/malware that way if they want.

If this thing is an attack then it is definitely an attack on the companies (or the companies' helpdesks). I.e. It would seem to be a very feeble DoS attack against the helpdesks.

Thanks for causing me to think it through properly. :-)


-- 
Mark Rousell
Re: Photos and Files in the 1G frre grouip

 

¿ªÔÆÌåÓý

Can you please confirm whether you are talking about creating a new free group now, or using the free group you started in 2018?

Frances

On Nov 3 20, at 1:43 PM, Stan Gorodenski <stanlep@...> wrote:

I need to create a group for a small group of automobile enthusiasts. I could not find a good description of the features in the??web site for the free 1G group. I know there have been changes made since I created my group in 2018. Since the free group has 1G of space, I assume this means photos and files can still be attached to a post/email message. I know that photo and file albums do not exist anymore.
Stan


--
GMF wiki for help.?Search box at the top of each page.

Check out the?new groups.io Help Center??Use your browser to search or download?the PDF.
Re: Photos and Files in the 1G frre grouip

 

Stan,

The spreadsheet only seems to indicate what is available for 'albums'
which does not answer my question.
The spreadsheet doesn't mention 'albums', so I'm not clear on why you haven't found your answer. Anyway, going back to your original post:

Since the free group has 1G of space, I assume this means photos and
files can still be attached to a post/email message.
Correct. Also images can be embedded in message bodies.

I know that photo and file albums do not exist anymore.
That's only the case for Basic groups created after August 24th. Those created earlier retain those features (and many others).

Shal


--
Help: /helpcenter
More Help: /g/GroupManagersForum/wiki
Even More Help: Search button at the top of Messages list
Re: Photos and Files in the 1G frre grouip

 

I could not find anything that addresses whether photos can be attached to email messages. Since no one knows with a simple answer I'll create the group and find out if this exists. Probably what I should have done from the beginning.
Re: Photos and Files in the 1G frre grouip

 

The spreadsheet only seems to indicate what is available for 'albums' which does not answer my question.
Re: People are asking me to remove them from my group....but they are not members!

 

Mark,

Also, I don't know how the companies' helpdesks are getting signed up:
All the lists require a confirmation email so whoever signs them up
has to somehow have access to the confirmation email.
Not necessarily.

If all that is required is a reply to the confirmation email that could happen automatically as part of the helpdesk's response to any new case.

The trick, if this is done by a malcontent/prankster, is to forge the helpdesk's address as the From address in a subscribe request to the list. Such forgery used to be quite easy with most ISP email accounts, though many have tightened up on this in the last decade or so.

It could be done by a random-address spambot if the list has a separate email address for subscription (like the +subscribe address of a Groups.io group). If the spambot has both the helpdesk address and the list subscribe address in its collection then it is only a matter of time before it sends a spam (virus, phishing, malware, etc.) message To: the list's subscribe address From: the helpdesk address.

In the latter case there is no intent other than the wide distribution of the initial junk email message. The rest is just automatons beating on each other. The primary fault is that (apparently) neither the list software nor the helpdesk software did sufficient authentication of the incoming messages.

A decade and a half ago this problem nearly made Yahoo Groups unusable before Yahoo implemented the minimal amount of authentication needed (reverse DNS) to reject incoming messages from spambots.

But these days it wouldn't surprise me to find if that were no longer sufficient: a lot of spammers are using compromised email accounts at legit services to send spam. Usually they can't forge the From address in that case, but maybe there are some lax services out there that don't restrict that ability.

Shal


--
Help: /helpcenter
More Help: /g/GroupManagersForum/wiki
Even More Help: Search button at the top of Messages list
14421 - 14440 of 49131