Topics

moderated Pending subscription message now including location/other info


 

Hi All,

Just fyi, the pending subscription email notifications now include the pending subscriber's platform, browser, location and IP address in the message, assuming they applied to the group via the website. This is part of some work I'm doing to track people's devices and locations, to increase account security.

Please let me know if you see any funny results.

Thanks,
Mark


Linda
 

Hi Mark,
It would be great if this info was available in the "View Source" of every message, when available.

Thanks,
Linda


 

On Wed, Jun 5, 2019 at 05:25 AM, Linda wrote:

It would be great if this info was available in the "View Source" of every message, when available.

For emails originating on the website, I've replaced the X-Originating-IP header with two new headers, X-Originating-Location and X-Originating-Platform.

Cheers,
Mark


 

I find this grossly intrusive. I can see where people are to the nearest small town, which may be helpful for local associations, but which for my international groups is frankly irrelevant. And their OS is their business, not mine. For certain groups (e.g. certain heath issues), this could even put people off joining.

I vet people via the requirement to respond to a questionnaire, which works just fine. Any way to turn this intrusive monitoring off please?

If it must be on, it should be made clear to applicants that this information is being sent to group mods.

Helen


Duane
 

On Sat, Jun 22, 2019 at 11:50 AM, Helen wrote:
I find this grossly intrusive. I can see where people are to the nearest small town, which may be helpful for local associations, but which for my international groups is frankly irrelevant. And their OS is their business, not mine. For certain groups (e.g. certain heath issues), this could even put people off joining.

I vet people via the requirement to respond to a questionnaire, which works just fine. Any way to turn this intrusive monitoring off please?

If it must be on, it should be made clear to applicants that this information is being sent to group mods.
Most, if not all, of this information can be garnered from many email headers, just takes a little more digging.  Since only Owners (or moderators with sufficient permission) will see this, I don't understand how it is intrusive.  According to the original post by Mark, even if it were removed from the online headers, it would still be on record at Groups.io as a source of troubleshooting and security.  I actually like being able to see it, though I seldom look.

Duane


 

On Sat, Jun 22, 2019 at 09:50 AM, Helen wrote:
it should be made clear to applicants that this information is being sent to group mods.
Isn't this standard for many websites? People understand that their browser info and IP address are available when they apply to various things.

I personally don't care about the location or their OS, but I think having their IP address is crucial. We get spammers who pretend not to be spammers by responding to the pending questionnaire with reasonable-sounding answers. Sometimes these are disgruntled former members who've been banned from the group. There was one such former member who took it upon herself to save all the emails of group members and send out a several-page-long email blast to them about the group and how she'd been unfairly banned. She then sent me an email saying she had several other accounts in my group, under other email addresses, and I'd never find her. She proved it by quoting some of the messages that posted after she'd been banned. 

So I would like to know everyone's IP address at a minimum. Since some people have multiple IP addresses, it would be helpful as backup to also have the geographical info available.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

IP addresses may be available to the host (groups.io in this instance) but not routinely to a user of that host IMO. These are groups, not online shops or banks.

I haven't had to deal with a fake member for years but in such cases I would deal with that person without needing to invade the privacy of the thousands of legitimate members, for whom I have zero interest in whether they really are located where they say they are. But then I'm quite quaint in this modern age in that I am a big fan of online privacy, which is one reason why I don't insist upon people's real names when they join my groups.

Helen


 

On Tue, Jun 4, 2019 at 04:14 PM, Mark Fletcher wrote:
 
the pending subscription email notifications now include the pending subscriber's platform, browser, location and IP address in the message,
Dumb question: where is this info? I just tried to use this feature for the first time and I can't find it.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

On Sat, Jun 22, 2019 at 01:46 PM, Helen wrote:
I am a big fan of online privacy, which is one reason why I don't insist upon people's real names when they join my groups.
You could not possibly be a bigger fan of online privacy than me. :-) I don't even use my own real name in any group, and would never consider doing so, and certainly don't insist on anyone use their real name in my group (in fact, I often suggest that they don't). 

I haven't had to deal with a fake member for years but in such cases I would deal with that person without needing to invade the privacy of the thousands of legitimate members
Without their IP address etc., how would you even know when you had a fake member? FWIW, the member who pulled that stunt in my group was also a member of yours - although I don't know whether she also used her alternative accounts in your group.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Leeni
 

That information can be helpful in some kinds of groups where members join a group for the wrong reasons (spying)
 
I would say while it is good to have the ISP and location on the pending application which unless we write down or save this email which most owners do not, it would be more beneficial to an owner to have that ISP show up on the pending application and then also after the member joins on the membership list for reference.
 
Leeni 
 
  
 
 
 
 

-------Original Message-------
 
From: Helen
Date: 6/22/2019 3:46:36 PM
Subject: Re: [beta] Pending subscription message now including location/other info
 
IP addresses may be available to the host (groups.io in this instance) but not routinely to a user of that host IMO. These are groups, not online shops or banks.
 
I haven't had to deal with a fake member for years but in such cases I would deal with that person without needing to invade the privacy of the thousands of legitimate members, for whom I have zero interest in whether they really are located where they say they are. But then I'm quite quaint in this modern age in that I am a big fan of online privacy, which is one reason why I don't insist upon people's real names when they join my groups.
 
Helen
 
 


 

She probably still is a member of my group, but I'm only concerned if people cause trouble and fortunately that seems to have passed us by. The problem of fake members hasn't happened in years, for which I am very grateful, but if it did happen, it wouldn't be the end of the world. All group crises pass.

Helen


Gerald Boutin <groupsio@...>
 

On the web UI, it is under More >> View Source

The command on your email program varies. eg) Outlook 2010: "View Source", GMAIL: "Show Original".

This is info that is readily available to anyone receiving emails or using a browser. Mark just made it easier to find when an Owner / Moderator is doing their job.

--
Gerald


 

On Sat, Jun 22, 2019 at 06:02 PM, Helen wrote:
She probably still is a member of my group
Not unless she's using one of her aliases. Her groups.io account was disabled/deleted at that point. 

All group crises pass.
True, sort of. This person is still on the warpath outside of groups.io.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

On Sat, Jun 22, 2019 at 06:02 PM, Gerald Boutin wrote:
On the web UI, it is under More >> View Source The command on your email program varies. eg) Outlook 2010: "View Source", GMAIL: "Show Original".
Yes, I found all that, but it's not much help.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

Ok, I found it in the email. (Mark, you can delete my other pending message about not being able to find it.:-)
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

On Sat, Jun 22, 2019 at 06:01 PM, Leeni wrote:
it would be more beneficial to an owner to have that ISP show up on the pending application and then also after the member joins on the membership list for reference.
Agreed. The current access method is of very limited usefulness.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

Helen,

I find this grossly intrusive. ... For certain groups (e.g. certain
heath issues), this could even put people off joining.
I see your point, much as I appreciate having that info in other types of groups.

Any way to turn this intrusive monitoring off please?
I can think of two ways of handling it: a group level control or an individual opt-in/out during the join/apply flow.

If it must be on, it should be made clear to applicants that this
information is being sent to group mods.
As a group level control (which is what I think you are seeking) its status should at the very least be included in the home-page list of Group Settings. Whether that is prominent enough or not I'm not certain.

I think a group like your example would use some language in its group Description to reinforce the reassurance that the option is off. For groups that have the option on, I don't expect them to use their Description for scary warnings. Nor am I really enthusiastic about having a scary disclaimer around the Join/Apply button on their home pages.

However, as things stand, once they've clicked that button the information has been delivered to the mods. So as much as I detest it, the best option might be to have an intervening page (or pop-up) when a user clicks that button.

As an individual control, such a notification page (or pop-up) could include Yes and No buttons to make an individual opt-in or opt-out of sending this info to the mods.

Shal












On 2019-06-22 8:25 AM, Helen wrote:
I find this grossly intrusive. I can see where people are to the nearest small town, which may be helpful for local associations, but which for my international groups is frankly irrelevant. And their OS is their business, not mine. For certain groups (e.g. certain heath issues), this could even put people off joining.
I vet people via the requirement to respond to a questionnaire, which works just fine. Any way to turn this intrusive monitoring off please?
If it must be on, it should be made clear to applicants that this information is being sent to group mods.
Helen


 

On Sun, Jun 23, 2019 at 02:56 PM, Shal Farley wrote:
an individual opt-in/out during the join/apply flow.
That would really defeat the purpose. Plus, if someone opted out I would not approve their membership.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


 

J_Catlady wrote:
On Sun, Jun 23, 2019 at 02:56 PM, Shal Farley wrote:
an individual opt-in/out during the join/apply flow.
That would really defeat the purpose. Plus, if someone opted out I would not approve their membership.
Exactly what I thought. This isn't (or shouldn't be) a choice to give or not this information to the mods. It would then be too easy to a spammer or any person not well intentioned to simple don't give this info and still be able to join the group.

Cheers,
Marcio AKA Starboy

Sent from a galaxy far, far away.


Marina
 

Sorry for being so dumb, but where can I find the Location field in a pending member's message?
A member has just applied to join my group and sent a message to the group owner with a brief introduction, as required. Apparently, the message was sent by a mobile through Groups.io website.
I have checked his message both online, in the Owner's message tab, and through Gmail ("Show original"), but I haven't been able to find any Location field.

Thanks for your help,
Marina