|
Hi All, Our group here - with over 2000 members - is in the middle of a series of some of the worst rainstorms in recent history in our area. As we are a neighborhood group, we're getting a lot of new signups as people ask about road conditions, etc. That's all good. But, we also have a bunch of signups that are less clear to us. Our group is configured so that all signups have to be approved by the moderators, and we have a Pending Subscription message that goes to each person signing up, asking for just enough information to confirm that they are really a human and really part of our community. Usually people get that Pending Subscription notice and respond to it within a day or two, and we let them in. Often they will respond within minutes. Right now, however, we have a stack that haven't been responded to in days. ?But just as I am about to deny all the old ones, some user will actually reply to an old one with real information and I let them in. So the question is, has groups.io been found by the spammers and are they signing up for accounts here in some quantity?? Or, alternately, are Pending Subscription notices going into spam folders more often than I would have thought, and people aren't finding them? ?(And yes, we resend those notices regularly. I have even hand sent emails to those people myself - rather than through groups.io, and I still get no response from most of them. And that really does seem to indicate these are spammy signups, since spammers won't rely as a rule. But...) What is the experience of other moderators and owners here? Are you seeing more spammy membership requests of late? Thanks. --jeffp
|
Yes, they're going into spam!!! We have this problem in our group, too. J
|
I haven't really seen this because most of my groups allow immediate membership. I do have them set to moderate the first few messages from a new member (NuM), so I could catch spammers (though there haven't been any so far ;>) I'm not sure if this would work for you or not. The only spam posts I've gotten are non-members trying to send to the groups.
Duane
|
Understood. That's partly why I sent email by hand, from my personal account (not from groups.io) to the subscribing addresses. I figured such emails wouldn't be as obviously routed into the spam folder, though they do mention groups.io by name in the body of the message. I wish there was a way to prove or disprove this. I figure if someone really wanted into our group and they don't get in, they will come back and ask again. We don't ban them... just not allow them in. It's not the end of the world in any case. I wish there was a way to really confirm this sort of thing. If I cannot get people to reply to the Pending Subscriber message - despite resending it 5 or 6 times and sending them a personal email on the same topic - maybe I should just fail their request and move on. I would think there is a way for groups.io to track overall membership failure rates. If lots of people are requesting membership and not getting it, that would probably imply lots of spammers out there in the world. And those I am happy to ignore. --jeffp
|
Jeff,
In our group's case, several times after contacting the pending member through my own email address (outside of the system) and asking them to check their spam file for the notice, they've either found the notice in their spam or, what's more concerning, have not found it at all in several cases. It seems to elude the system entirely sometimes. I think Shal once speculated that this is a deeper sort of spam filtering by certain email providers. But it's been impossible to prove.
We now have on our home page a bold-faced notice that people who apply for membership should be sure to check their spam folders for the questionnaire.?
Another Groups.io message that often seems to go into spam as well is the confirmation email. So in the pending member notice (assuming they got it), we also tell the member to be sure to look for and click on the confirmation email.
J
On Sun, Jan 22, 2017 at 2:19 PM, Jeff Powell <jrpstonecarver@...> wrote: Understood. That's partly why I sent email by hand, from my personal account (not from ) to the subscribing addresses. I figured such emails wouldn't be as obviously routed into the spam folder, though they do mention by name in the body of the message. I wish there was a way to prove or disprove this. I figure if someone really wanted into our group and they don't get in, they will come back and ask again. We don't ban them... just not allow them in. It's not the end of the world in any case. I wish there was a way to really confirm this sort of thing. If I cannot get people to reply to the Pending Subscriber message - despite resending it 5 or 6 times and sending them a personal email on the same topic - maybe I should just fail their request and move on. I would think there is a way for to track overall membership failure rates. If lots of people are requesting membership and not getting it, that would probably imply lots of spammers out there in the world. And those I am happy to ignore. --jeffp
|
p.s. There is another group I'm a member of which also carries this warning on their home page ("please look for the questionnaire and notify us if you didn't receive it" etc.). So I don't think this is an uncommon problem.
J
On Sun, Jan 22, 2017 at 2:35 PM, J_Olivia Catlady <j.olivia.catlady@...> wrote: Jeff,
In our group's case, several times after contacting the pending member through my own email address (outside of the system) and asking them to check their spam file for the notice, they've either found the notice in their spam or, what's more concerning, have not found it at all in several cases. It seems to elude the system entirely sometimes. I think Shal once speculated that this is a deeper sort of spam filtering by certain email providers. But it's been impossible to prove.
We now have on our home page a bold-faced notice that people who apply for membership should be sure to check their spam folders for the questionnaire.?
Another Groups.io message that often seems to go into spam as well is the confirmation email. So in the pending member notice (assuming they got it), we also tell the member to be sure to look for and click on the confirmation email.
J
|
Jeff, I wish there was a way to prove or disprove this. Me too. 1) I was going to suggest looking at the Email Delivery History tab for the pending member, to see if Groups.io delivered it to his/her email service successfully or not. But in a trial in my test group just now the pending message isn't logged there one way or another. I'm not sure if that's a bug or a missing feature, but in either case I'm cc'ing this message to support because all such notices ought to be tracked. 2) Said pending message was not received by my test email address. Not Inbox, not Spam. As far as I can determine Groups.io never sent it. Yet I did verify that my test group does have a Pending Subscription notice marked as Active. So something is rotten, and likely not in Denmark. One possibility is that I've jumped the gun a bit and the Pending notice has been "greylisted" by my email service: meaning I'll get it later. I'll be disappointed to learn that my email service engages in this practice, but even if it does that initial rejection ought to appear in the Email Delivery History. Mark: You should be able to see the activity I've described in shalstest@, if you need more info off-list let me know. Hopefully your logs will show what happened with the pending notice I should have received. Shal
|
On Sun, Jan 22, 2017 at 04:41 pm, Shal Farley wrote: So something is rotten, and likely not in Denmark. This is what I've been saying for a long time. And not just the pending member notices - the confirmation emails, too. I think those might be even worse. I've often re-sent and re-sent them, to no avail. J
|
Well, again, I have gone to the same lengths that J_Catlady has, and sent a personal email - from my personal account, not via groups.io - to try and prod people to look for the message in their spam folders. So far that seems to elicit no response either. I am starting to suspect that email as a communications vehicle is breaking down. It might be time to investigate something else entirely. Slack, perhaps. *sigh*
|
Jeff, I am starting to suspect that email as a communications vehicle is
breaking down. It might be time to investigate something else
entirely. That's not at all my experience. At work the vast majority of my communication with clients, and some coworkers, is via email. The incidence of lost, misdirected or delayed email is nearly zero. Granted though that nearly none of my correspondents are using consumer email services such as Gmail, Yahoo Mail, AOL, Outlook, or the like. Nor do I for work. Nearly all are using corporate email domains, either self-hosted or hosted by a commercial hosting service. So there may be a bit of "you get what you pay for" in play here. But even in my personal email I've seldom had a problem. Whether via an ISP or (for the last couple years) via Gmail, I've had a very low rate of spam and no or nearly no (detected) loss. The snarky side of me wants to say that people who won't check their email, or don't know how to control features like their email service's spam filter, perhaps ought not sign up for email lists. But I recognize that in many cases that might amount to blaming the victim, where it is the service that ought to be publicly shamed. Shal
|
So, I need to point out that, at least for our group, the things in groups.io are definitely not work related. People sign up for our group as individuals, not for work. And while there will be groups for work, I am sure, they definitely won't apply to everyone. Then we have all kinds of workplaces that don't want people using work email for personal matters. So, for many groups, people will sign up using personal - not work - email addresses. Next, have you ever actually run email server software? I have, and I have zero desire to do it again, ever. No, really... ever. The continuously changing spam situation, the constant need to update things to keep the spammers from finding their way through again, and so on. I've done it, and I can't imagine doing it again on my own. Now put that responsibility into the hands of millions of people who are not technical. The resulting spam apocalypse would completely ruin the system. So I, personally, would much rather put my trust in Google, or Apple, or Microsoft (though perhaps not in Yahoo... whose slogin is starting to look like an older McDonald's sign: "Over 1.5 Billion Compromised!") and let them manage email for me. Any ISP, in fact, is better than letting millions of people run their own mail software and all that would go with that. As it happens, I would also be happy to *pay* for the service. Thus far Google isn't requiring that of me, at least until I need more storage. And when that happens I will be happy to pay them. Honestly, if I want the product, I should pay, and I'd rather give them (or anyone else) a bit of money than all my personal information. But most people aren't willing to do that. "Moar free stuff, pleez!" seems to be the American motto of late, at least about the internet. We get what we get at some level. I guess one issue is whether the free services - Gmail, Live Mail (Or whatever MS is calling it now), Apple's setup (dunno the name... never bought into the Apple ecosystem), Yahoo, and the other ISP provided services are doing well at running things. Are the avoiding dropping important messages? Are the calling things spam that aren't? Are they cooperating with each other on issues to reduce spam? And so on. From my personal experience so far, Gmail is pretty good, at least as a user. The others I can't speak to as much, except for Yahoo and there penchant for letting user information get stolen. Repeatedly. In gigantic blocks. They've lost me forever as they appear to be utterly incompetent. Another question is how well to users actually know what they are doing? By way of example, in our group we have a couple of people who regularly mark group messages as spam and are immediately ejected. Then they immediately turn around and click on the link in the email to get back in. They do this all the time. (I know because I get notified when it happens.) Apparently some people think marking something as spam is a fine way of throwing email away. What some of us would do instead is delete it, but for these folks, it's spam, despite repeatedly being told by an automated system they shouldn't be doing that. Thus, I am not at all sure people are that good at working with email. They don't check their spam folders, and they don't manage their inboxes. In such an environment, messages from groups.io (confirmation messages and pending member messages, at least) can easily be missed, and their is nothing to be done for it but suffer. Sorry, I have wandered way off topic here. My original conjecture seems to remain open: there is some chance that groups.io has been found by spammers in a significant way. In fact, I know I have seen it mentioned in Mark's messages in the past. Our group's huge mail volume and media presence during the fire in the Santa Cruz Mountains a few months back might well have encouraged that issue, sadly. One of our wiki pages was being used to disseminate the best fire information we had, and links to that made it to various media outlets, as well as twitter and the Red Cross. If we were the proximal cause of more spammers finding the site, I apologize, but it would probably have happened anyway. Still, it seems that there ought to be stats available at some level about spam user signups. And perhaps some other things could be done. Imagine, for example, that a spammer signs up for a bunch of groups hosted here with the same email address at the same time. That's at least a risk flag, right? I don't care if they sign up for GMF and Updates and a few others, but if they sign up for our group, and (making names up) PuppyLove, LondonUndergroundTrainSpottersUnlimited, MathHeads, and PunkCabaretFans, well... maybe we've got a spammer on our hands. What if groups.io told us - right in the pending member list how many groups the user has signed up for (not counting the support related groups)? And how many they have been approved for? No group names are needed - no privacy violation - but if I see a signup from someone where they're trying to join 40 groups at once, I don't think I am going to let them in. Interesting thought. Might be helpful. And I would think the information is effectively in the database already and just needs to be shared with owners & moderators who approve membership requests. Thoughts?
|
Jeff, So, I need to point out that, at least for our group, the things in
groups.io are definitely not work related. Neither are mine. I was just talking about the utility of email overall. Next, have you ever actually run email server software? I have, and I
have zero desire to do it again, ever. No, really... ever. No, but I do know a few who have. Their reaction is similar to yours. Now put that responsibility into the hands of millions of people who
are not technical. Ack, who would even suggest such a nightmare? When I said self-hosted I was referring to corporate entities that can afford the necessary technical resources. I don't really know how many of my work clients host their own email domain and how many (like my company) contract with a hosting service. I guess one issue is whether the free services - Gmail, Live Mail (Or
whatever MS is calling it now), Apple's setup ... Yahoo, and the
other ISP provided services are doing well at running things. My experience with Gmail has also been very good in that regard. I've had some systematic false positives (e.g. all "new member joined" messages going to spam) but they've been easily corrected by marking them Not Spam. Otherwise I can't find fault with their spam discrimination, nor much with their inbox segregation of Social and Promotional messages into their own tabs. Another question is how well to users actually know what they are
doing? By way of example, in our group we have a couple of people who
regularly mark group messages as spam and are immediately ejected.
... Thus, I am not at all sure people are that good at working with
email. If they persist in making that mistake that might be a sign that their email service's UI is deficient in some way that encourages the incorrect handling of messages. Or they just might not be paying attention. In this case I'll paraphrase a well known statement: I doubt you'll find a foolproof communications channel - the fools are too damned clever for that! My original conjecture seems to remain open: there is some chance
that groups.io has been found by spammers in a significant way. Possibly. But I agree that it would be inevitable as the service grows. What if groups.io told us - right in the pending member list how many
groups the user has signed up for (not counting the support related
groups)? And how many they have been approved for? No group names are
needed - no privacy violation - but if I see a signup from someone
where they're trying to join 40 groups at once, I don't think I am
going to let them in. At first glance I'm not particularly fond of this idea. I think it is a kind of privacy invasion. Shal
|
On Tue, Jan 24, 2017 at 08:37 am, Jeff Powell wrote: have you ever actually run email server software? I do. in our group we have a couple of people who regularly mark
group messages as spam Ban them, please.
|
in our group we have a couple of people who regularly mark
group messages as spam Ban them, please.
Absolutely ban them! Not only ban then, but share their information with other group owners. Group members need to understand that they must NEVER mark a group message as spam, even if it is spam. If a group owner can't/won't/doesn't control spam, then leave the group, but don't destroy a group.
|
Xaun, Lena, Absolutely ban them! I understand your point, but Jeff's purpose seems to be quite the opposite: to help those people remain members. Group members need to understand that they must NEVER mark a group
message as spam, even if it is spam. If a group owner
can't/won't/doesn't control spam, then leave the group, but don't
destroy a group. In its way, it is worse than destroying the group. With many email services one user marking messages as spam can adversely affect the reputation of the list service as well. And that makes it more likely that members of other groups using that service will find their group messages in the spam folder, or not delivered at all. Some of the email services understand this problem, and are trying to push forward a protocol feature ("one-click") and corresponding User Interface changes intended to help users make the right choice (unsubscribe, not spam) but I don't know if the members Jeff's talking about use one of those email services, nor if the changes would help those members. Shal
|
Duane
Shal Farley
Lena