PuzzleServer / mainpuzzleserver

The main repo for the Puzzle Hunt and Puzzleday servers.
MIT License
9 stars 32 forks source link

Unsubscribe from email #958

Open morganbr opened 8 months ago

morganbr commented 8 months ago

Gmail and Yahoo mail will require senders of over 5000 emails a day (us during an event) to have a one-click unsubscribe link in emails. That requires us to have:

  1. The link added to every email
  2. User page with unsubscribe settings (we need to make sure we understand what "one-click unsubscribe" means for this
  3. The link actually unsubscribes you from mail. @tabascq proposes adding a field to the PuzzleUser table to mark being unsubscribed from emails and using that to filter users out when sending mail (but not in associated queries like on-website notifications)
Vroo commented 8 months ago

What we need to do is add two headers to the mail:

List-Unsubscribe=One-Click
List-Unsubscribe: <https://puzzleserver/unsubscribe/TOKEN>

where TOKEN is signed([email_address,huntid]). We don't need to do it in a per hunt basis but this will reduce the support burden of someone unsubscribing from one hunt and then a year later complaining they're not getting mail.

Mailjet does support adding this header but unfortunately, it appears to only work for mailjet list-based emails which we don't use. I will investigate if mailjet provides an alternative. If not, this would mean we can't use bcc but instead would have to send each mail individually.

royleban commented 8 months ago

Having unsubscribe per huntid effectively treats each hunt as a separate mailing list. That's one way to do it. The other way to do it is to flip the unsubscribe flag off when somebody signs up for a subsequent hunt. Or combine the approaches and have a "first hunt" value — if it's present, somebody only gets email for that hunt and higher. It's NULL by default, unsubscribe sets it to 9999 and signing up for a hunt sets it the hunt number if it's not NULL.

AFAIK, Mailjet does pass through whatever headers are provided, but, as Bruce noted, that does mean sending individual emails, not bcc's. I don't see a reasonable way around that. There are some rate limits on sending mails we have to abide by. When you hit some limits, Mailjet responds by simply ignoring the request, no error (this might be just for free accounts, and we're paying during hunts).

If we were to switch to creating and using a Mailjet mailing list, there are variables that can be used, which might work. But, if so, they would not be secure, and the entire thing would be a huge pain. I recommend against it. We also don't want Mailjet's unsubscribe, which they say is permanent (we can't add the user again). I think the user has to go to a resubscribe page to add themselves after an unsubscribe, but I've never looked into the details.