Date   

moderated Re: Pricing change question #misc

 

On Mon, Feb 1, 2021 at 02:37 PM, Maritza wrote:

(it's only if we want to upgrade again at any point in the future after Feb. 2 that we would lose our unlimited membership and go into the pay-per-member plan. Yes?)

You will never lose the unlimited free members on the basic plan. If you upgrade again after February 8th, you will be on the per-member pricing for the premium plan.

Thanks,
Mark


moderated Pricing change question #misc

Maritza
 

Howdy all,
I just want to double check that if we switch our current premium plan that was opened after Jan. 15 and downgrade after Feb. 2 whether it's in a few months or years, that we'll be downgraded to the free basic plan with unlimited members and most of the features except subdomains.  Is that right?  

(it's only if we want to upgrade again at any point in the future after Feb. 2 that we would lose our unlimited membership and go into the pay-per-member plan. Yes?)

Thanks,
Maritza
[Mod Note: Edited the message subject, which only contained a hashtag]


moderated Per-member pricing rollout delayed again #update

 

Hi All,

Due to some unexpected child-care challenges, I once again need to push back the rollout of the per-member pricing change. I just haven't had enough time to complete the changes. It will now happen on Monday, February 8th at 9am Pacific Time.

Thanks,
Mark


moderated Minor member-list Actions tooltip display issue #bug

 

Hi Mark,

While in the member list admin page, I noticed two of the multi-select Action menu items have inconsistent tooltips, see attached.

Cheers,
Christos


moderated Inconsistent Activity Log entry when a message is flagged as from a non-member #bug

Andy Wedge
 

Hi Mark,

When we get a message sent to our restricted main group from a non-member it's flagged in the Activity Log as 'Non-member <emailaddress> attempted to send message <subject> via email' which is as expected.  However, a member of our main group sent a message to the Committee subgroup of which they are not a member and the Activity Log entry is 'Non-member sent "<subject>" requiring approval because it was sent by a non-member via email'.

There is no indication of the main group member's name or email address so we seem have two formats of the Activity Log entry depending upon whether the incoming message is bounced (as in the main group) or held for moderation (as in the subgroup).  Could we show the email address of the sender in both cases?

This member is registered on the main group with a gmail address and the message to the Committee subgroup was sent from their googlemail address. From previous conversations with this member, it's possible the googlemail address is an alias of the gmail address and if that's the case then it should also be possible to show the member's name also.


Regards
Andy



moderated Re: Limit number of group aliases #suggestion

Duane
 

On Sat, Jan 30, 2021 at 08:09 PM, Christos G. Psarras wrote:
I don't know the origins, maybe it was just a convenience gifted to the paid groups due to an Enterprise request
Probably.  It was originally only available on Enterprise groups:

On Wed, Nov 23, 2016 at 05:38 PM, Mark Fletcher wrote:
NEW: For enterprise groups, you can set up group aliases, which redirect to your group (for misspellings, prevent sound-alike squatters, etc).
A few months later, it was allowed on Premium groups:

On Fri, Mar 3, 2017 at 11:11 PM, Mark Fletcher wrote:
CHANGE: Premium plans now support having group aliases (previously this was an Enterprise plan only feature).
Duane


moderated "Private" setting not maintained in drafts, although "Private" prefix is #bug

 

If you start to create a private message and then go out and do something else, when you come back to the draft it is no longer set to "private." Obviously this can be pretty dangerous! Also, although the private setting is not maintained, the "private" prefix is still there. So if you notice that the message is no longer set to private and reset it, that results in two "private" prefixes.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

 

Furthermore, you can ban email addresses (or domains) preemptively, before they've been a member or even applied for membership. It makes no sense to notify those banned email addresses or domains a priori.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

 

This decision was made years ago and IIRC, the majority of people were strongly in favor of not notifying people when they are banned. If you feel differently, you're free to set up an active Banned Member notice to be automatically sent to any member you ban.


On Sat, Jan 30, 2021 at 6:23 PM Starchild <sfdreamer@...> wrote:

     What is the point of trying to mislead people about why they can't join groups? If a ban is legitimate, then I see no good reason to hide it. Letting people know what behavior or actions result in bans produces less of that kind of behavior, which, presumably, is the goal. And in the cases where a mistake has been made, letting people know a ban exists allows them to appeal it and try to get the error corrected.

Namaste,

((( starchild )))

-----Original Message-----
From: J_Catlady
Sent: Jan 30, 2021 10:44 AM
To: main@beta.groups.io
Subject: Re: [beta] Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

The other thing I encountered when investigating (aka quizzing Nina about :) what a banned member or domain sees upon trying to join the group was a bad error message when a banned member actually tried to go to the group home page - for example, if someone had sent them a link to it. Nina informed us this morning in Docs that the error has now been fixed, because she had seen it as well and reported it to Mark. I tested this and found that now, when a banned member goes to the group home page, they see "You are not a member of this group." So maybe something like that could happen when an email address with a banned domain tries to apply to the group. It doesn't entirely make sense, because obviously, if they're trying to join the group, they already know they're not a member of it. But the same holds for a banned member trying to visit the group's home page. Perhaps the language could be adjusted slightly so that the same messaging could be applied to both situations, and so that an email addresss with a banned domain would not be explicitly told they can't join the group with that domain.

OTOH, I don't know from domains. I banned the one ex-member's domain because it was his private domain and I know that I didn't want him or anyone from his company joining the group. That is probably not the norm.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

Starchild <sfdreamer@...>
 


     What is the point of trying to mislead people about why they can't join groups? If a ban is legitimate, then I see no good reason to hide it. Letting people know what behavior or actions result in bans produces less of that kind of behavior, which, presumably, is the goal. And in the cases where a mistake has been made, letting people know a ban exists allows them to appeal it and try to get the error corrected.

Namaste,

((( starchild )))

-----Original Message-----
From: J_Catlady
Sent: Jan 30, 2021 10:44 AM
To: main@beta.groups.io
Subject: Re: [beta] Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

The other thing I encountered when investigating (aka quizzing Nina about :) what a banned member or domain sees upon trying to join the group was a bad error message when a banned member actually tried to go to the group home page - for example, if someone had sent them a link to it. Nina informed us this morning in Docs that the error has now been fixed, because she had seen it as well and reported it to Mark. I tested this and found that now, when a banned member goes to the group home page, they see "You are not a member of this group." So maybe something like that could happen when an email address with a banned domain tries to apply to the group. It doesn't entirely make sense, because obviously, if they're trying to join the group, they already know they're not a member of it. But the same holds for a banned member trying to visit the group's home page. Perhaps the language could be adjusted slightly so that the same messaging could be applied to both situations, and so that an email addresss with a banned domain would not be explicitly told they can't join the group with that domain.

OTOH, I don't know from domains. I banned the one ex-member's domain because it was his private domain and I know that I didn't want him or anyone from his company joining the group. That is probably not the norm.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Limit number of group aliases #suggestion

 


I remember/know of one case so far where a group wanting to move from Yahoo couldn't use the old group name.  A 'competitor' used it as an alias here just so the group moving couldn't.  There are liable to be more of these as GIO grows, so I hope Mark has something in place to handle it.  Allowing aliases isn't something I'd do at all because of the ensuing headaches, but a low limit should help.

I would agree with zero as the limit. Name squatting, like domain name squatting, is pretty evil.
 
 
This group alias issue is one of those bits that can get somewhat complicated.

If the aim of the no-more or limited aliases is to disable or discourage/curb squatting (malevolent or not for that matter), that can easily be defeated and the same net effect achieved by smartly creating & configuring groups, it would just be a bit more work; you can't (easily) stop/discourage someone knowledgeable from malevolently doing what that owner did, neither here nor on the net. 

You can however monitor them for recurring/suspect behavior.

I don't want to start a philosophical discussion on the ethics of group name (or domain) parking, there are valid points from both sides of the debate.  Plus after all, Mark implemented it here (and it has remained, so far), apparently it must have some type of value to him.  I don't know the origins, maybe it was just a convenience gifted to the paid groups due to an Enterprise request, I don't know; only Mark knows about the value of this feature to him and whether taking it away could present the potential impact of removing a convenience feature for prospective clients.  And if applied retroactively it could cause complications to existing Enterprise groups using it, so if that was to be avoided it may be yet another grandfathered thing now that needs tracking.

Cheers,
Christos

PS: One of my other selves, the green-eyed one, whispered to my ear "paid optional feature", but he's known to be a troublemaker, I don't know, maybe I should throw him out of the room.


moderated Re: Limit number of group aliases #suggestion

Glenn Glazer
 

On 01/30/2021 14:43, Duane wrote:
On Fri, Jan 29, 2021 at 04:07 PM, Bruce Bowman wrote:
Someone with malicious intent could even create hundreds just to fleece the system.
I remember/know of one case so far where a group wanting to move from Yahoo couldn't use the old group name.  A 'competitor' used it as an alias here just so the group moving couldn't.  There are liable to be more of these as GIO grows, so I hope Mark has something in place to handle it.  Allowing aliases isn't something I'd do at all because of the ensuing headaches, but a low limit should help.

Duane

I would agree with zero as the limit. Name squatting, like domain name squatting, is pretty evil.

Best,

Glenn

--
PG&E Delenda Est


moderated Re: Limit number of group aliases #suggestion

Duane
 

On Fri, Jan 29, 2021 at 04:07 PM, Bruce Bowman wrote:
Someone with malicious intent could even create hundreds just to fleece the system.
I remember/know of one case so far where a group wanting to move from Yahoo couldn't use the old group name.  A 'competitor' used it as an alias here just so the group moving couldn't.  There are liable to be more of these as GIO grows, so I hope Mark has something in place to handle it.  Allowing aliases isn't something I'd do at all because of the ensuing headaches, but a low limit should help.

Duane


moderated Re: Limit number of group aliases #suggestion

 

Bruce,

>>>
Premium/Enterprise groups can create an unlimited number of group aliases. Those names become unavailable for others to use. As GIO grows, this strikes me as increasingly problematic. Someone with malicious intent could even create hundreds just to fleece the system.
<<<

That can be/is a possibility but the good mitigating factor to that is that group aliases are not available in free groups so it would mean someone would have to pay $220 for a year (or monthly) in order to be able to do that "DNS parking", which lowers the probability it could happen.

But you are right, it can.  However,

>>> On that basis I'd like to suggest that 5 group aliases should be more than enough.

5 is too low IMO; regardless of retro-application of it or not, you would be handicapping certain types of groups which use the aliases for what they are useful over here, search keywords for finding the group***, and also prevent "competitors" from causing unnecessary group-related headaches.  For example, see attached, this printer hardware user group of mine, it covers the whole MicroDry (MD) line of ALPS printers plus re-branded ones.  As such, you can tell the aim/intent in my alias names, and by virtue of the whole model line +, it has to be big.  I'm sure there are other types of similar-purpose/function groups that do this, not just me or my type of group only.  I've also done a similar setup on another group which is a Special Interest Group which builds airliner model kits exclusively.

*** (I do know about the group description "hidden-text" trick but many don't)

But I have a relatively simple and easy suggestion to alleviate the concern without altering anything on current group aliases' functionality.  Here's the thing; alias creation/editing is an infrequent task, it may spike after (and a bit after) group creation, but after that, it should be relatively quiet; or the corollary, it may not happen until some time in the group's future and then go quiet again, same end result.  The point is, for all groups, any generated auditing data related to alias editing is not really going to be a large amount, therefore impact should be minimal/very-small on that end.  So,

- Create a "new"* table/place, GroupAlias_ActivityLog or whatever. (* "new" could be a literally-new one or use an existing table like the ActivityLog if it can support this)

- Add a few lines of code to the group-alias-deletion part, so it saves the pertinent info to the GroupAlias_ActivityLog, at the very least date & time, GroupID of where the alias was deleted from, OwnerID of that group, UserID & IsMod/IsOwner status of the person who did the deletion, and the alias text/pointer/whatnot; plus anything else that can be of use for this.

That's it, for now.  This would create the infrastructure needed and would start logging deletions.  Then we figure out how to get the warning light to blink.  My suggestion would be to create a reporting/trend-analysis script/job that at some specified interval depending on how quickly Mark would want to be given a heads-up.  It would compare all the group names that have been newly-created during that interval against the name of any GroupAlias_ActivityLog deletions during that same interval.  Also do a second same comparison but since-beginning-of-auditing-data this time.

1. If the count of matches (interval-only or since-beginning-of-log-data) is 0 all is kosher.

2. Otherwise break down the distribution of that count data based on the combinations of who did what and when, both for just the interval and since-beginning-of-log-data.  For example, how many new groups were created during the two timeframes:
- by the same owner, and the owner was the one who did the alias deletion. (more-or-less OK I'd think)
- by the same owner, and a mod was the one who did the alias deletion. (could point to the mod being cheeky/sneaky/whatnot, unbeknownst to the (possibly AWOL or non-savvy) owner)
- where the new group owner is neither the owner nor a mod of the alias-deleted group. (could be suspect)
- where the new group owner is a mod of the alias-deleted group and the owner was the one who did the alias deletion. (more-or-less OK I'd think)
- where the new group owner is a mod of the alias-deleted group and the mod was the one who did the alias deletion. (could be suspect)
- relationship between new group owner and their group membership in the group where the [owner/mod] alias deletion took place, or a member of any group of said owner/mod. (could be both I think)
And so on, you get the idea, whatever we may think could/would be suspicious.  For example, if the same group owner/mod seems to be consistently deleting aliases only for those to show up as new group names (at any point in time now or later on), by consistently totally unrelated people (i.e. they are not in a group the owner/mod are in), that would definitively be worth IMO having a look at, even if a cursory one at the very least.  It could be innocent (as me for example releasing and giving gratis one of the aliases in my example above to a "competitor" if I wanted to), but it could also be something more sinister afoot, including Bruce's concern, in which case some setup like this should help alert and eventually catch the perpetrator(s).

Cheers,
Christos


moderated Re: Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

 

The other thing I encountered when investigating (aka quizzing Nina about :) what a banned member or domain sees upon trying to join the group was a bad error message when a banned member actually tried to go to the group home page - for example, if someone had sent them a link to it. Nina informed us this morning in Docs that the error has now been fixed, because she had seen it as well and reported it to Mark. I tested this and found that now, when a banned member goes to the group home page, they see "You are not a member of this group." So maybe something like that could happen when an email address with a banned domain tries to apply to the group. It doesn't entirely make sense, because obviously, if they're trying to join the group, they already know they're not a member of it. But the same holds for a banned member trying to visit the group's home page. Perhaps the language could be adjusted slightly so that the same messaging could be applied to both situations, and so that an email addresss with a banned domain would not be explicitly told they can't join the group with that domain.

OTOH, I don't know from domains. I banned the one ex-member's domain because it was his private domain and I know that I didn't want him or anyone from his company joining the group. That is probably not the norm.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Non - Member Posts #suggestion

billsf9c
 

Remember the old clap-boards used to cause a sound matxhing vision to sync sound and movemnt in the film industry?

Sony upped that. Digital display with 60(100?). lights going around it to provide accuracy and visual cues, each.

If you want colors - ok. For the color blind and numatical folks, have a number inside it.

To save my battery and eyes, I am reading in white text and black background. This feature also skews colors even if they are text. Science also shows that eyestrain is caused by active white background of screens.

It would be nice to see a list of all these ideas with a way to vote for priority so important things are ranked and potentially addressed, sooner/est.

BillSF9c


moderated Re: Wrong error/bounce message when member tries to reply to a topic with a "tag only moderators can use" #bug

Bruce Bowman
 

On Thu, Jan 28, 2021 at 09:30 PM, Andy wrote:
At the least, the bounce message from Groups.io ought to tell the sender WHY the message could not be delivered to that topic. 
Andy -- Using GMail, I got this back:



So it does...eventually...tell you why the failure occurred. The main problem is that the failure is not 500-level, so your provider (and mine) keeps trying to deliver the message.

Hope this helps,
Bruce


moderated Re: Limit number of group aliases #suggestion

Malcolm Austen
 

As I was the cause of this being raised, I'll offer a view that 5 might be considered too few but I appreciate that there must be some restriction because they all restrict (or are restricted by) the overall (and finite sized) collection of group names.

For subgroups though, the limit can be higher (but still finite, just for sanity) because they come from a different pool.

Keep safe, Malcolm.

-- 
Malcolm Austen <malcolm.austen@...>

On 29/01/2021 22:07:12, Bruce Bowman <bruce.bowman@...> wrote:

Premium/Enterprise groups can create an unlimited number of group aliases. Those names become unavailable for others to use. As GIO grows, this strikes me as increasingly problematic. Someone with malicious intent could even create hundreds just to fleece the system.

On that basis I'd like to suggest that 5 group aliases should be more than enough.

Thanks for your consideration,
Bruce


moderated Re: Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

 

Not all transparency is good. We (purposely) don’t let people know when they’ve been banned from a grouo.


On Jan 29, 2021, at 10:10 PM, Starchild <sfdreamer@...> wrote:


"So do we want people with banned domains knowing that their domain is banned?"
    In my view: YES! Transparency is good. And I must say, banning entire domains sounds highly dubious to begin with, unless the whole domain is clearly just a vehicle for spam. In that case, I would hope some attempt is made to reasonably ascertain this prior to a domain being blacklisted.

Namaste,

((( starchild )))


-----Original Message-----
From: J_Catlady
Sent: Jan 29, 2021 9:04 PM
To: main@beta.groups.io
Subject: [beta] Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

Mark wrote this in the update today:

BUGFIX: In some cases, people on banned domains were allowed to subscribe to a group.
Banned domains came up for me recently when a former group member whom I had banned, and whose domain I had also banned, tried to resubscribe. I banned both him and his domain, not knowing exactly what the effects would be, but thinking I'd covered all my bases that way. I found out he'd tried to join through the log entry: "Non-member [x] attempted to subscribe with a banned domain via web." I assume that he was not logged in when he tried to rejoin, since had he been logged in, as a banned member the group would not even have been visible to him. (Thanks, Duane, for pointing that out to me in Docs. I had thought that only the Apply button would not be visible.)

Not knowing what happened, and what he saw, if anything, after he attempted to join with a banned domain, and wanting to find out, I tricked Nina into telling me in Docs by suggesting to her that it be documented. :-) As I'd hoped, she found out the answer and put it into the manual. From her message:
"
The Banning domains from a group topic in the Owners Manual now contains a note about what someone who’s not logged in and who tries to join a group from a banned domain sees (a notice that states “You are not allowed to subscribe to the group with that domain”).

I wonder whether this is what we want to happen. Banned users can't even see the group in question, let alone know they're banned from it. So do we want people with banned domains knowing that their domain is banned? In fact, had I known that this person would see that message, I would not have banned his domain. As I said, I wasn't sure what would happen but was trying to cover all my bases. Now that this is documented, it's not such a big deal (no surprises). But I wonder whether the same reasoning applies to a banned domain as applies to a banned user wth respect to letting them know that they're banned. I'm not sure what the alternative would be, since logging in does not apply to a domain, so unlike with a banned user, you can't make the group invisible to anyone from the domain. I just wonder whether the current messaging should be reconsidered somehow.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

Starchild <sfdreamer@...>
 

"So do we want people with banned domains knowing that their domain is banned?"
    In my view: YES! Transparency is good. And I must say, banning entire domains sounds highly dubious to begin with, unless the whole domain is clearly just a vehicle for spam. In that case, I would hope some attempt is made to reasonably ascertain this prior to a domain being blacklisted.

Namaste,

((( starchild )))


-----Original Message-----
From: J_Catlady
Sent: Jan 29, 2021 9:04 PM
To: main@beta.groups.io
Subject: [beta] Rethink the messaging when user from banned domain tries to subscribe #misc #suggestion

Mark wrote this in the update today:

BUGFIX: In some cases, people on banned domains were allowed to subscribe to a group.
Banned domains came up for me recently when a former group member whom I had banned, and whose domain I had also banned, tried to resubscribe. I banned both him and his domain, not knowing exactly what the effects would be, but thinking I'd covered all my bases that way. I found out he'd tried to join through the log entry: "Non-member [x] attempted to subscribe with a banned domain via web." I assume that he was not logged in when he tried to rejoin, since had he been logged in, as a banned member the group would not even have been visible to him. (Thanks, Duane, for pointing that out to me in Docs. I had thought that only the Apply button would not be visible.)

Not knowing what happened, and what he saw, if anything, after he attempted to join with a banned domain, and wanting to find out, I tricked Nina into telling me in Docs by suggesting to her that it be documented. :-) As I'd hoped, she found out the answer and put it into the manual. From her message:
"
The Banning domains from a group topic in the Owners Manual now contains a note about what someone who’s not logged in and who tries to join a group from a banned domain sees (a notice that states “You are not allowed to subscribe to the group with that domain”).

I wonder whether this is what we want to happen. Banned users can't even see the group in question, let alone know they're banned from it. So do we want people with banned domains knowing that their domain is banned? In fact, had I known that this person would see that message, I would not have banned his domain. As I said, I wasn't sure what would happen but was trying to cover all my bases. Now that this is documented, it's not such a big deal (no surprises). But I wonder whether the same reasoning applies to a banned domain as applies to a banned user wth respect to letting them know that they're banned. I'm not sure what the alternative would be, since logging in does not apply to a domain, so unlike with a banned user, you can't make the group invisible to anyone from the domain. I just wonder whether the current messaging should be reconsidered somehow.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

2641 - 2660 of 30651