ClassCreator.com | Blockbuster sites, amazing reunions

Share Tips

New Topic Reply Subscription Options  

Automatic emails sent in our name without our knowledge or consent

Forums: Suggestions and Feedback
Created on: 06/16/11 04:37 PM Views: 1244 Replies: 23
Thursday, June 16, 2011 at 4:37 PM

All automatic emails should be under the control of the admins. If, for some reason, CC designers believe it is absolutely necessary to send out an email to website members, the email should say it was sent by CC. Saying it was sent by the root administrator is really unconscionable.

The case in point is a recent email sent to all of our members reporting a change in password. The admin of another class’s CC website had loaded our members’ names, email addresses, and a password in anticipation of making us unlisted guest members. The password was not to be given out until a final decision was made on the guest membership. The email was incomprehensible to most of our members and made them guest members in the other class's site before either class had made a decision on a guest membership exchange with the other class.

Reply
Edited 06/16/11 5:18 PM
Thursday, June 16, 2011 at 5:03 PM - Response #1

I interpret this to say that someone not an admin of your site downloaded member's names and email addresses and they do not have admin rights?

I'd be curious how that was done without your permission since email info is hidden.

OTOH, if they do have admin rights, then that's probably the person that sent the message - not CC. Or it's some sort of bogus thing?

Reply
Thursday, June 16, 2011 at 6:54 PM - Response #2

Right John, I didn't think of giving the list awayExclamation But the rest is similar. Email was not initiated by CC.

Just an OOPS - Stuff happens. I'd email the class and explain what happened - while explaining/clarifying whatever the email said. Look at the positive. You have a legitimate reason to contact ALL your membersIdea

Reply
Thursday, June 16, 2011 at 9:28 PM - Response #3

Any admin can induce this automatic CC email. Upload (or enter) a new member with a name and your own email addr. The default for an uploaded member is to show the name on the class list. In Enter/Edit Details for this new member, click on the No button for Show on Class List, save, enter a password, and save password. You will soon receive the automatic email.

Reply
Edited 06/16/11 10:04 PM
Thursday, June 16, 2011 at 10:07 PM - Response #4

Hi Lane,

I believe you are referring to the Welcome email. That email is under control of the root admin - you can edit the welcome email contents at any time under the Preferences link if you are the root administrator.

Jessica
Class Creator Support


Reply
Thursday, June 16, 2011 at 10:20 PM - Response #5

Hi, Jessica.

Thanks for answering. It's not the Welcome email. Can you try what I suggested in my previous response?

Reply
Edited 06/16/11 10:22 PM
Friday, June 17, 2011 at 2:58 AM - Response #6

I believe I understand now, through experimentation, that any admin change in an existing password, or a new password given by an admin to a new member, generates an automatic email to inform the member.

There are at least three things seriously wrong with this automatic email. The first two are apparently by design. The third is apparently a simple oversight on the part of the programmers but still contributed to the mess that I described in the first post on this topic.

1. We had no control. As I said in the first post, automatic emails should be under the control of the admins. They should be able to edit and deactivate the emails. This is true of all automatic emails but especially those that say they were sent by the admin.

2. We had no way of knowing about this feature until it was too late. Admins shouldn’t have to learn by experimentation what will generate an automatic email. As I indicated in the first post, sending any email in someone else’s name without their knowledge or consent is simply wrong.

3. The automatic email was more confusing than informative. The subject line on the email was “Your login information has changed.” There was no change. The password was new. There was also no indication in the email that it was about a new account. But the programmers had access to this information because a new password given by an admin indicates an account that has never been used.

Reply
Edited 06/17/11 1:05 PM
Friday, June 17, 2011 at 1:50 PM - Response #7

A few comments here.

First, Lane, let me apologize for this incident. I fully understand what happened here and it shouldn't have happened. It's not so much a bug really but more of an oversight. The programming is doing exactly what it's coded to do. Please let me explain: Under normal circumstances the "Password" field does not appear at all until a member has actually joined the web site. Thus an Administrator has no ability to change it. If the Root Admin goes in and changes the password for an existing member then yes, the email is sent out and that needs to continue to happen. Many systems send a similar email when a password is changed. It's simply one of several security features intended to keep email private and ensure Root Administrators are not attempting to read Classmates' emails. Yes, we've had Administrators attempt it in the past, and although I realize 99% of Admins are never going to do something like this, we created several email security features to ensure it doesn't happen and the password change notification is one of those security features.

Second, having said that, there's two things that absolutely need to change here. You're actually the first case I'm even aware of where an Admin went in and created invisible guest members, created a password for those members, and then went in and changed the password. You certainly did nothing wrong whatsoever by doing this, but unfortunately the password security email that fired was really intended for existing members. And that of course is what caused the confusion and I can certainly see why these folks had no idea what was going on.

I'm going to propose two fixes below but before I do, note that on the Preferences page many of the automatic emails are there and can be edited or disabled. The SEND name is also editable there. Auto emails should go out using the FROM name you've specified there but the email address actually used is noreply@classcreator.net (unless you're a Platinum Member, in which case you can have those come from noreply@yourdomain.com). So here's what needs to change here:

1) An Administrator changing the password for an INVISIBLE Guest Member should NOT trigger the security email. There's absolutely no reason to (especially when the individual might not even know the account exists at all yet). The Admin created the password in the first place with the express intent to directly provide it to the Invisible Guest. There's simply no reason for a security email to ever be issued to an Invisible Guest Member.

2) The email that gets generated when an Admin changes a password needs to come from the FROM name specified on the Preferences page (if one has been entered by the Root Admin). It sounds like that email used the Root Admin's personal name instead of the specified FROM name, and that needs to be fixed.

Bottom line, if we disable the security email to Invisible Guests and fix the FROM email name on that particular email we'll have this issue solved. Again I apologize this occurred, you're absolutely correct on your points and concerns, and we'll make the revisions slated above as soon as possible.


Reply
Edited 06/17/11 2:01 PM
Friday, June 17, 2011 at 2:28 PM - Response #8

APPLAUSE to Brad. This is the kind of customer support that makes Class Creator exceptional. What an absolute gift. Thank you CC - you are the best.

Reply
Friday, June 17, 2011 at 9:01 PM - Response #9

"I'm going to propose two fixes below but before I do, note that on the Preferences page many of the automatic emails are there and can be edited or disabled. The SEND name is also editable there. Auto emails should go out using the FROM name you've specified there but the email address actually used is noreply@classcreator.net (unless you're a Platinum Member, in which case you can have those come from noreply@yourdomain.com). So here's what needs to change here"

OK BRAD when I click on the noreply@classcreator.net A class members name showed up in the TO: for the e-mail address and when I click on noreply@yourdomain.com that is what showed up for the TO Address. Does that make since!.IdeaQuestion

Reply
Friday, June 17, 2011 at 9:15 PM - Response #10

Thanks, Brad. I really appreciate your sincere efforts. But several problems remain, including the main ones.

You didn’t address the most offensive part of this issue – sending emails in someone else’s name without their knowledge or consent. You can accomplish all of your stated goals without doing that.

Saying the email was sent by anybody other than CC is simply wrong wrong wrong. It’s lying plain and simple. Why is that so hard to see? Maybe more importantly from your point of view, nothing is gained toward accomplishing your security goals by doing that. If you can't say it was sent by CC, you can simply leave it unsigned.

There is also no reason not to inform the admin that the automatic email is going to be sent. Nothing is gained by keeping the admin in the dark.

I just noticed that changing an email address elicits the following popup. Why can't the same be done for changing a password?

"After you click SAVE CHANGES, the original email address will be notified of this change so they will be able to log in again with the new address. If they are currently logged in, they will be instantly logged out. Unless this classmate is unable to do so, we highly recommend letting them change their own email address themselves."


Quote:

If the Root Admin goes in and changes the password for an existing member then yes, the email is sent out and that needs to continue to happen. ... It's simply one of several security features intended to keep email private and ensure Root Administrators are not attempting to read Classmates' emails.

The automated email affects security only marginally if at all. The email doesn’t prevent the admin from changing a password, and it can’t provide any disincentive to the admin if the admin doesn’t know about it. Even if the admin does know an email will be sent, that is not much additional disincentive. The admin can’t hide the change in any case. The admin can’t change the password back to the original, so the next time the member tries to log on it will be clear the password was tampered with.


Quote:

You're actually the first case I'm even aware of where an Admin went in and created invisible guest members, created a password for those members, and then went in and changed the password.

Just as a matter of accuracy here, the admin didn’t change any password. He only entered a new password where none existed. This is the only way I can think of to give new, unlisted members access to the site. That generates the automated email, and this is the case where there is really no security reason for the automated email to be sent.


Quote:

Under normal circumstances the "Password" field does not appear at all until a member has actually joined the web site.

How do unlisted members join a website without a password under "normal circumstances"?

On your proposed solutions:


Quote:

1) An Administrator changing the password for an INVISIBLE Guest Member should NOT trigger the security email. There's absolutely no reason to (especially when the individual might not even know the account exists at all yet). The Admin created the password in the first place with the express intent to directly provide it to the Invisible Guest. There's simply no reason for a security email to ever be issued to an Invisible Guest Member.

This is OK with me, but I don't see why unlisted guest members don't need security protection as much as anyone. They can send messages through the website that an admin might want to read.


Quote:

2) The email that gets generated when an Admin changes a password needs to come from the FROM name specified on the Preferences page (if one has been entered by the Root Admin). It sounds like that email used the Root Admin's personal name instead of the specified FROM name, and that needs to be fixed.

This is absolutely not a solution. The Site Email Address and Email "From" Name are, or should be, for automated emails that the admins can control and edit. If CC sends an email that is controlled entirely by CC, it should clearly state it was sent by CC. If you can't do that, don't say it is from anybody. That wouldn't be completely open, but at least it wouldn't be dishonest.

Thanks.

Reply
Edited 06/17/11 9:56 PM
Friday, June 17, 2011 at 9:35 PM - Response #11

Mmm, didn't even know about invisible guests. I imagine they don't show up?

Regardless, I agree with Brad that password changes to classmate accounts (or ANY change that affects logging in) needs to be reported back to the classmate automatically - and should never be suppressed. Whether it says CC or not is missing the point here .. it's to keep things on the up and up. If anything, it should say the name of the admin that made the changes.

Since this is sort of a rare event, I'd much rather have CC fix the gallery backup and add the Admin Name to each backup created to track who made changes.

Priority has to do with the significance and the breath of any change. What I'm referring to affects ALL CC users. Then there's the reunion reports and the way things are ordered. I could go on and on.

IOW, there's a long list of other issues that really should come ahead of this one. I do not consider the notices offensive - even though clearer information is always welcome in any area of CC. There are many areas that need better instruction - but that's just normal development.

I encourage wise deployment of finite resources that help areas that are more broad spectrum, that's allCool

Reply
Friday, June 17, 2011 at 9:55 PM - Response #12

William Leggett wrote:

"I'm going to propose two fixes below but before I do, note that on the Preferences page many of the automatic emails are there and can be edited or disabled. The SEND name is also editable there. Auto emails should go out using the FROM name you've specified there but the email address actually used is noreply@classcreator.net (unless you're a Platinum Member, in which case you can have those come from noreply@yourdomain.com). So here's what needs to change here"

OK BRAD when I click on the noreply@classcreator.net A class members name showed up in the TO: for the e-mail address and when I click on noreply@yourdomain.com that is what showed up for the TO Address. Does that make since!.IdeaQuestion

Actually yes. It's because noreply@classcreator.net is linked to that Classmate's name in your own email program's Contact List. If you go in and remove it you'll no longer see noreply@classcreator.net linked to a Classmate's name.


Reply
Friday, June 17, 2011 at 10:20 PM - Response #13

You didn’t address the most offensive part of this issue – sending emails in someone else’s name without their knowledge or consent: My solution for this was to use the FROM name provided on the Preferences page for this. More below but the email has to come from your site it cannot come from Class Creator.

There is also no reason not to inform the admin that the automatic email is going to be sent. Nothing is gained by keeping the admin in the dark: Agreed! We can put in the popup that an email will be sent if an Admin makes this change for an account with a password (i.e. an existing member who is not a Non-Displaying Guest). That's a fine idea. At that point the Admin will have the option to cancel if he or she chooses, thus not releasing the email. Of course this will also stop them from changing the password.

The email is only one of several things we did to ensure Admins don't read Classmate's emails. As the system was, the email certainly puts the Classmate on notice that somebody was changing his or her password. But with the proposed popup and ability to Continue or Cancel I definitely think this will discourage the less than 1% of Admins who are up to no good from continuing. Clearly continuing is about to inform the Classmate that something fishy is going on. Although you're right, they'd find out something changed when they try to log back in, this email makes it known far more quickly. Believe me if you could hear some of the internal phone calls we take regarding issues like this you'd hear why it's more important than ever that this email and other security measures are in place.

Normal Guest Members (Displaying Guests) join the web site the exact same way Classmates do of course. They simply click on their own name and join. Since Non-Displaying Guests clearly can't do that, they have to be given their password by the Administrator who created it. An Admin can't create a password for a Displaying Guest. Only the Guest can. Conversely, only the Admin can create the password for the Non-Displaying Guest.

Non Displaying Guest members don't need the security email because clearly the Root Admin created the account and password in the first place. So they already can log in as the Invisible Guest. They know the password... There's no sense in letting the member know somebody is messing with the password when that somebody already has it to begin with. Plus as I mentioned in my first place, the release of the email could potentially go to an Invisible Guest Member before that person has even been informed an account has been created on their behalf.

Email has to come from somebody. All emails either come from an Administrator (such as when you're using the Email the Class feature) or from your web site FROM name (e.g. you've specified a FROM name on your Preferences page and a Classmate has signed up to receive forum notifications or Classmate Profile Update notifications). No emails ever come from Class Creator to your Classmates. You'd be surprised how many people kind of hide the fact that there even is a Class Creator. Believe me if we changed this to send emails from Class Creator that would be bad. Most Classmates have never heard of Class Creator. Why not let the emails come from the FROM name specified on the Preferences page by the Root Administrator? Every other automated site email already comes from this same name and is therefore recognizable by the Classmate. Especially working in tandem with the proposed popup where the email can be released or the entire process stopped at the discretion of the Admin, I see this as a perfectly viable final solution. It's very common on many systems to notify a user when his email address or password has changed -- many times even if the individual did it him or herself. In a case where Admins can change this information on behalf of a Classmate it's more important than ever that the Classmate be notified (for that unfortunate less than 1% where possible wrongdoing may be being attempted). This will all be a non issue momentarily as it pertains to Non-Displaying guests anyway, but in a real life scenario there's little reason for an Admin to go in and change an existing member's password. More often than not this is being done because a Classmate can't remember his or her password, they no longer have access to their registered email address so they can't use the Forgot Password tool, and has requested the Admin help them change it. When that's the case, which it is probably 9 out of 10 times, the Admin should have little problem with the security email going to the Classmate under the same FROM name that all other automated site emails come from.

That's my take on it. Comments?


Reply
Edited 06/17/11 10:23 PM
Friday, June 17, 2011 at 11:26 PM - Response #14

Same comment as before. There has to be better priority established here. Just because someone got upset is no reason to bump it up past all the others (which is what I'm inferring - perhaps incorrectly?). The other issues I listed are WAY more important. I mentioned those way back in OCTOBER 2010 - you said it was an oversight, would be fixed and yet nothing has been doneExclamation Maybe I need to rant moreRolling Eyes

All things take time, no matter how "quick" someone says it can be done, it will always take at least 2X longer. So please put this in perspective.

Reply
Friday, June 17, 2011 at 11:59 PM - Response #15

Gallery backup is coming with the 3.0 updates. Solutions above are minor changes.


Reply
Saturday, June 18, 2011 at 12:17 AM - Response #16

I owe Lane and the other site admin an apology for mis-understanding and mis-characterizing what was happening as their fault.

Please accept my apologies.

John Chidester

Reply
Saturday, June 18, 2011 at 12:53 AM - Response #17

BRAD: The individual in not on my e-mail list and not a member of my Class of 1963,

She belongs to Roswell High School
Class Of 1964 She was on my regular e-mail list for some reasonQuestion BUT NOT ANY MORERolling Eyes

Reply
Saturday, June 18, 2011 at 12:57 AM - Response #18

Hey, thanks, John. I wouldn't say you owe me an apology, but it's accepted anyway. No problem. I don't know if the other admin saw any of this discussion, but I'll tell him.

Lane

Reply
Saturday, June 18, 2011 at 3:06 AM - Response #19

Brad, no problem. I just changed the automated emails’ Sender Name to Brad Switzer and the Email Address to brad@classcreator.com. OK, I haven’t done that – yet – but it’s the only solution I can see that’s honest and should be acceptable to both of us. I just don’t have the time or energy to deal with these issues anymore. My main point is I can’t tolerate, and don’t deserve, people being given the false impression that they’re reading something that came from me.


Quote:

No emails ever come from Class Creator to your Classmates.

Not true, of course. Some emails simply lie about their origin.


Quote:

Why not let the emails come from the FROM name specified on the Preferences page by the Root Administrator?

Because some of these emails are written or edited by me and some I cannot control.


Quote:

Every other automated site email already comes from this same name and is therefore recognizable by the Classmate.

And therein lies the problem. Classmates cannot distinguish which ones I’ve written and which I have not.

Reply
Saturday, June 18, 2011 at 4:18 AM - Response #20

Brad Switzer wrote:

Gallery backup is coming with the 3.0 updates. Solutions above are minor changes.

Until I see 3.0, I rest my caseWink

Reply
Saturday, June 18, 2011 at 6:35 AM - Response #21

I think this whole email thing is being blown way out of proportion!! It sounds like just Lane is upset and a hand full of alumni??? That my take. QuestionQuestion
I guess maybe I don't understand who Lane is trying to blame for this email mess! Rolling Eyes
I don't remember any one else in the help forums coming across this problem. And I think it's a minor problem.
The way I understand it when you mass email the class it comes from the admin who sent it and everyone's password was changed.Which #1 is a no no!!! to do. Twisted Evil Yes..there are automated ones like if your password was changed..which to me is an important one. All websites have that type of automated emails for security purposes. And I am dam glad I found out that CC has that email, too!!
I have a question for Lane..why the heck would you want to upload all your alumni from your site to another site as guests??? Sounds crazy to me!!
I'm with Jack..get CC 3.0 rolled out first..before bumping up other minor problems.
I guess I am missing the point.
Just my 3 cents!!!
Brad..I see brownies in your future!!!! WinkWink

Reply
Friday, June 24, 2011 at 5:44 AM - Response #22

Brad and the rest of the CC crew: Thanks! I didn’t expect any change this fast.

The new procedure for adding unlisted guests is a great improvement. I just added a test guest with my email address and didn’t get an automated email. The popups for a new password and changed password are perfect too. For the automated email with the changed password, the message is informative and using the email address and sender name of the automated emails is much better than the personal information.

Since I'm going to be adding more than 150 unlisted guests in the next couple of days, this is all very much appreciated!

Reply
Friday, June 24, 2011 at 11:12 AM - Response #23

Good to hear Lane. Thanks


Reply
New Topic Reply  
Subscription Options: Have all new forum posts sent directly to your email.
Subscription options are available after you log in.