hashover-next icon indicating copy to clipboard operation
hashover-next copied to clipboard

Published 20 hours ago verified publisher icon jacobwb

User email subscription management (unsubscribe links)

Open da2x opened this issue 3 years ago • 2 comments

Emails must contain unsubscription links to comply with the CAN-SPAM Act and similar regulations worldwide. The largest email providers also strongly recommends the use of the unsubscription email header (List-Unsubscribe: http-management-linky) too.

So, a few things are needed:

  • [ ] A new persistent non-public identifier that can be mapped to the users’ email_hash on the backend. I suggest a new table called subscribers with two columns (uid and email_hash) for this purpose.
  • [ ] A new user-facing management page that accepts the uid as a GET parameter and looks up all subscribed comments from the corresponding email_hash . The page should have an unsubscribe all button at the top, and then a list of subscribed titles and checkboxes for unsubscribing from individual threads.
  • [ ] Include a link to the page at the bottom of each outgoing message (except for moderation notices to the admin).

This is a two-step confirmation opt-out. Ideally, the user should also be required to do a two-step confirmation opt-in before they ever receive any emails. That’s yet another issue, and one that might be better addressed by #312; serving two purposes in one.

This shares a lot of properties with #312, except that the security requirements are different. Worst-case scenario, someone can get a hold of your email management token from your inbox and unsubscribe you from every discussion.

da2x avatar Dec 02 '21 23:12 da2x

I have started taking Hashover into use and the missing unsubscribe function is a big issue. If a user subscribes to thread, he/she will receive notification emails forever - no way to unsubscribe.

Maybe we need two more tables: users (with uid and all user-related attributes) and subscriptions (with uid and thread name). And a link to every notification email which removes the user's subscription from a specific thread. A user-facing management page would then be unnecessary.

Subscription emails should also be sent only when a comment status changes from pending to approved.

nsuomine avatar Nov 21 '22 13:11 nsuomine

It's been two years. Any plans to implement this?

I'm deploying Hashover, and I've already made some changes which I will turn into PR's soon, changes that have to do with privacy notices. A way to unsubscribe is necessary for GDPR compliance. I'll need to handle it manually for now.

A 2-step confirmation isn't strictly necessary by law, AFAIK. It's enough to send an email saying they're now subscribing and providing a way to unsubscribe.

leancept avatar Oct 22 '23 19:10 leancept