Segmentation And Mass Mailing in Dada Mail

Dada Mail has the ability to send to only part of your mailing list (Segmentation).

We’re going to start with a list set up with a few Profile Fields:

first_name, last_name, city, state, favorite_color, _secret

Here’s a sampling of the csv file I’m going to import into my own mailing list:

angelina.mcintyre376@yahoo.com,Angelina,Mcintyre,Vernon,NV,,that,IAMneoTj
alex.holt126@yahoo.com,Alex,Holt,Milton,ID,,watch,kDaCRtzm
isaiah.rodriguez161@blah,Isaiah,Rodriguez,Kingston,MT,yellow,day,TiepsAau
caroline.albert564@aol.com,Caroline,Albert,Ashland,DC,,place,nkg5PhuY
angelina.hudson750@gmail.com,Angelina,Hudson,Salem,WA,,house,wfHs5ZaC
payton.mcguire914@msn.com,Payton,Mcguire,Riverside,NV,,more,ZpxOkY2f
lucas.barnes666@pobox.com,Lucas,Barnes,Mount,WI,,this,4CQ3wQ97
ariana.conley204@blah,Ariana,Conley,Marion,NV,violet,well,UJquFGAF
madelyn.hale435@hotmail.com,Madelyn,Hale,Milford,MS,,year,bkJjbY3R
aidan.woodard52@blah,Aidan,Woodard,Washington,AL,,stop,8JeipYPC

The first column is the actual email address of my subscriber; the last is the profile password of the address. The column named, _secret won’t show up in my subscription form, as it begins with an underscore. This data is correctly formatted to be easily imported into my list.

Here’s how my subscribers look, once I do import it into my mailing list and viewed in Membership: View:

segmentation

This screen also allows me to do an advanced search across all my subscribers. I’m going to search and see which subscribers have, favorite_color set to, red. My results will be shown below this search form:

segmentation2

So that’s how advanced search works in the Membership: View screen. How would I search for subscribers to send a mass mailing to?

Let’s go into the Mass Mailing: Send a Message screen. Once on that screen, click the Options tab, then click the, Partial Mailing List Sending tab within the Options tab. You’ll be greeted with a search form that looks similar to the advanced search form in Membership: View screen:

segmentation3

Just like we did in the Membership: View screen, we’re going to search for subscribers with a favorite_color of, red. Click the, “Preview…” button to get a preview of the subscribers we’ve found:

segmentation4

Now, when we send out our mass mailing, only the subscribers listed in these results will receive your message.

That’s how easy it is to segment out your mailing list!

Dada Mail also allows you to have different content in your mailing list, depending on the value in each address’s profile fields. For our, favorite_color example, we can use the following snippet of HTML and Dada Mail’s template tags to only show this message to subscribers with favorite_color set to, red:

<!-- tmpl_if expr="(subscriber.favorite_color eq 'red')" -->

<h1>Red Lovers, A Deal You Cannot Pass Up:</h1> 

<p>
Lorem ipsum dolor sit amet, consectetur adipiscing elit, 
sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
</p>

<!-- /tmpl_if -->

The magic is in this line:

<!-- tmpl_if expr="(subscriber.favorite_color eq 'red')" -->

This way, you can send to your entire list, but have messages custom for practically every subscriber you send to.

Dada Mail’s templating system follows the rules documented here, which should give you a good idea on what it’s capable of.

Experiment with these two advanced features, and let us know how they’re working for you!


How to turn any Dada Mail install into a Pro Dada install

Pro Dada is a distribution of Dada Mail that is shipped without any mailing list, or subscriber quotas, as well as direct email support available. It’s our commercial offering of Pro Dada, and what funds further development of the app. Here’s more about Pro Dada

Many people start with Dada Mail (in fact, we suggest to try Dada Mail first, to make sure it’s what you’re looking for, and that Dada Mail is compatible with your server setup!), then want to upgrade to Pro Dada. But, the idea of upgrading to Pro Dada isn’t always attractive, as it may mean more work, or flubbing up the current, perfectly working configuration. Luckily, this isn’t something you need to worry about, as Dada Mail has the ability to be, “transformed” to a Pro Dada installation easily. Here’s how to do that:

Log into one of your mailing lists, using the Dada Mail Root Password. On the top bar menu, look for a big red button labeled, “Transform This Install Into Pro Dada“:

transform

Click that button! You’ll be directed to a screen that will ask you for you to submit Pro Dada username and password, which are provided to you, once you’ve purchased a Pro Dada subscription:


transform1

Click the Verify… button, and when your login credentials have verified, you’ll be presented with a single button to transform your install. Click that button,

transform2

and you’re done!


How to Send Personalized Emails with Dada Mail

Dada Mail fully supports sending personalized mass email messages to your entire maling list, or just a segment of your mailing list. Let’s go through how to set this all up!

Profile Fields

By default, Dada Mail only captures and stores a subscriber’s email address, but we can add additional fields to capture and save in the List Control Panel. Log into your mailing list (use your Dada Mail Root Password!), and navigate to, Profiles: Profile Fields. In this walk through, we’re just going to make one field called, Name. I’ll then show you how to create a salutation in your message.

Here’s the Profiles: Profile Fields screen, with our new field filled out,

profiles_add_new

Field Name is the internal name used when working with profile fields, and has few constraints on what you can use. In this example, I’ll be using, name.

Label is what you’ll see on things like the subscription form, and is much more free-form. In this example, I’ll be using, Name (notice the capitalization!)

Fallback Value can hold a value used, if there isn’t a value for the subscriber, for this profile field. We’re not going to use it here, but I’ll show you how to add a default value, when using this in our actual message.

Finally, there’s a checkbox to tick, if you would like this field to be required.

Adding Subscribers w/Profile Fields

OK, now that our field is created, let’s add a few subscribers to our mailing list.

I’m going to navigate to the Membership: Invite/Subscribe/Add screen. This screen allows you to subscribe new members one at a time, and en-mass. We’re going to add three at a time in this demo, by adding a CSV (Comma Seperated Value) file. Here’s what that file looks like:

dadamailtest@gmail.com,Dada Mail Test
john.smith@example.com,John Smith
el.mysteriouso@example.com,

I created this file in a spreadsheet, then just exported the data as a .csv file. Our first two subscribers have both an email address and name, and our third subscriber, el.mysteriouso@example.com doesn’t have a name at all.

profiles_add_new2

After pasting the content of my .csv file (you can also just upload the file itself), I’ll click, Verify Addresses…, which goes through the black magic of making sure the data I’m submitting is valid, that these addresses aren’t already subscribed, etc. Once done with the entire process, I can see all my subscribers, in the Membership: View screen,

profiles_add_new3

You’ll see our new, “Name” field in the last column of the table of subscribers. Great! Now that we can capture and save new fields, let’s use them!

Sending out a Personalized Message

We’re now going to go to the Mass Mailing: Send a Message screen, and write a new message. Now that we have the Name field, let’s use it to add a simple salutation up front – “Hello, ” and then the name of my subscriber. How do we do that?

Enter template tags.

Template tags allow you to put placeholders into your message that will then be replaced with the value that they represent. In Dada Mail, a template tag to represent our, Name field will look like this,

<!-- tmpl_var subscriber.name -->

(Notice we’re using the Field Name, and not its Label!) So, to make that salutation we would like to create, we just have to write,

Hello, <!-- tmpl_var subscriber.name -->!

And that’s all there is to it. What about our subscribers, like el.mysteriouso@example.com that are nameless? We can add a default value to our template tag, to let Dada Mail know what to write, if there isn’t a name. Here’s what that looks like,

Hello, <!-- tmpl_var subscriber.name default="Subscriber" -->

In our example above, if there’s no name saved for an address, “Subscriber” will be written instead. Here’s how it all looks, when writing my message:

profiles_add_new4

Let’s see what this looks like, when we send our message out. Checking my test account, dadamailtest@gmail.com:

profiles_add_new5

And that’s all there is too using template tags!

Many other template tags are available to you, and a collection of them can be easily inserted via the rich text editor. Look on the rich text toolbar for a popup menu labeled, Tags. Clicking this popup menu will reveal some of the tags available. Selecting a tag will insert that tag into your message:

profiles_add_new6

Delving Deeper

We’ve only touched upon Dada Mail’s features for Profile Fields, Personalized Email Messages, and Email Template Tags. Check out the doc links, as well as the Pro Dada Manual, which comes with a Pro Dada Subscription.


Introducing Email Theme Layouts in Dada Mail

Easily wrap your mass mailing message in one of the provided layouts that come with Dada Mail. Layouts provide the necessary information for your mailing list message, so you don’t have to: things like making sure the unsubscription link is included correctly in every single mass mailing message you send out. Layouts and Dada Mail’s support for the Zurb Foundation for Emails framework makes your mass mailing email messages look great without any extra work from you.

Layouts can be found in both the Mass Mailing -> Send a Message, and Mass Mailing -> Send a Webpage screen. Look for the row tabs:  HTML Version, PlainText Version, Attachments… – the next tab will be labeled, Layout.

Clicking the Layout tab will reveal the layout choices available:

  • Full Layout
  • Minimal Layout
  • For Discussion List Messages
  • Don’t use a Layout

Let’s use a simple email message with a header, an image, and some text to illustrate how these layouts all work. I’ve put together this message as my HTML Version:

rockclimb_example1

Now, let’s see what this message will look like when we apply one of the included layouts. In v10, there’s a new button on the top bottom bar labeled, Preview. Clicking this button will show a preview of your mailing list message in a modal window with your selected layout applied. This saves you quite a bit of time with testing: no need to send yourself test email messages anymore, just to double-check that your email looks good!

Here’s what our message looks like with the Full Layout applied:

rockclimb_example2

Looks great! With the full layout, we’ve made a simple email message look professional, with minimal effort. Let’s break down what we’re looking at:

The top banner shows our company’s logo (set this in Mailing List -> List Information), as well as the preheader. The preheader will also show up in mail readers as the first bit of text revealed in the email message, like this:

rockclimb_example3

After the banner, there is a small (literally!) line of text, which gives a link to the publicly available archived message, so that if the message below isn’t viewable, you can still see the message from the archive.

Then, there’s your fine message. You’ll notice that the text has been styled to use what’s set in the email theme, so there’s no need to do that while authoring your message in the Send a Message screen (although, you can, if you’d like!)

Afterwards, there is a section that has buttons and links to forward the message to a friend, manage the subscription, and unsubscribe from the mailing list. These links are specific to the  individual subscriber. You won’t have to handle this yourself.

Below this information is the message footer, which has contact information, and social networking links. This information can also be added to, and edited in the Mailing List -> List Information screen.

Let’s try the Minimal layout:

rockclimb_example4

If your main content deserves front and center treatment, this is the template to use. Gone is the top banner and bottom social networking links for a more clean appearance. The unsubscribe link is still present, to keep with mailing list best practices.

For Discussion List Messages is similar to the Minimal layout, but as you may have guessed, is designed specifically for discussion list messages, with a large button to start a new post. This theme is used by default if you’re running a discussion list.

Don’t use a Layout is really the absence of a layout. Let’s try it on the message we have now:

rockclimb_example5

As you can see, no layout or styling is applied. One curious artifact of this is that a unsubscribe link is added to the top of the message, since Dada Mail did not detect one in the mailing list message itself. This is done since Dada Mail enforces the rule that all public mailing list messages MUST be sent with an unsubscribe link. For our message, Don’t use a Layout wouldn’t be the best suggest for a layout, but if you have a full-blown message with its own layout that you don’t want encased in one of the other provided layouts options, this would be a good option choose.

We can move that unsubscribe link from the top, to the bottom of our message by just adding our won unsubcribe link. To do that in Dada Mail, we use the following tag,

<!-- tmpl_var list_unsubscribe_link -->

When the message is sent, this tag will be replaced with an unsubscribe link that is unique to the subscriber and specific mass mailing. Here’s the source of my simple message, with that unsubscribe link added at the bottom:

<html>
<head>
    <title></title>
</head>
<body>
<h1>Learn to Rock Climb Today!</h1>

<p style="text-align: center;"><img alt="" src="http://dancingindigochild.local/dm/dada_mail_support_files/file_uploads/images/climbing(1).jpg" style="width: 500px; height: 283px;" /></p>

<p>Climbing is the fastest growing sport world-wide! Scale our incredible, 20 meter walls - your first visit is free!</p>

<p><a href="<!-- tmpl_var list_unsubscribe_link -->">Unsubscribe Automatically - click here</a></p>
</body>
</html>

Now when we preview the message, the automatically inserted unsubscribe link is gone, leaving only our link:

rockclimb_example6

So that’s an introduction to layouts! What’s your take on layouts, have you found them useful for your own mass mailings?


How to create your own email theme in Dada Mail 10

Dada Mail 10 introduces Email Themes, as well as also allowing you to create your own custom email theme. We cover how to to work with email themes in the docs at: http://dadamailproject.com/support/documentation-10_x_x/features-email_themes.pod.html

In this post, we’re going to go over how to do the actual customization, and start using our new theme live on our own site.

First, we’re going to make a project using the Foundation for Emails Sass workflow. In the command line, I need to type in the following:

foundation new --framework emails

I’ll be prompted for a new name for my project. I called mine,  dada_mail_site.

We’ll then download the starter theme, and merge these two directories together, as we’ve documented here. We’ll then start the build process,

npm run build

The build process will detect whenever we’ve changed any of the source files of the project, and recreate the distribution files (located in, dist) so they’re always up to date.

Now that everything is all set up, let’s do some customization!

I’d like the header and footer of my messages to have the same deep red that Dada Mail’s default UI has. I also want the text in the banner and footer to be white, rather than black, to stand out with the darker background. Finally, I’d also like the default text to be a little larger and a dark grey, rather than black.

Let’s work on the default text size and color first. This is controlled in the, src/assets/scss/_settings.scss file. This file contains Sass, which will be transformed in the cascading style sheet (CSS) that the theme will eventually use.

Among many things, Sass adds variables to vanilla CSS, letting you write less CSS, and do it more simply. For the color of the text, look for the following line:

$global-font-color: $black;

There’s a few ways to change this, but for this demo, we’re just going to change $black to a hex value that represents a dark grey:

$global-font-color: #808080;

Let’s now change the default size of our text. Look for,

$global-font-size: 14px;

We’re  going to change this to,

$global-font-size: 15px;

Now, let’s tackle that banner and footer color. For that, we’re going to open up the, src/assets/scss/app.scss file. There’s a few css classes that have the background set to the default grey, like this one:

.banner {
  background: #e9ebee;
}

We’ll want to change those, to our dark red. Here are the lines with the changes I’ve made – the original have simply been commented out,

.banner {
  //background: #e9ebee;
  background: #990000;
}

.banner .container {
  //background: #e9ebee;
 background: #990000;
}

.wrapper.secondary {
  //background: #e9ebee;
  background: #990000;
}

That takes care of the banner and footer background color.

Now for the color of our text inside the banner and footer. In the same app.scss file, find,

.banner p {
  color: #000000;
  margin-bottom: 0;
}

This css snippet sets the color to black. Let’s make ours white:

.banner p {
  color: #ffffff;
  margin-bottom: 0;
}

And, we’re all done! If the build process has been running, we can now just simply upload our new theme into Dada Mail’s support files directory:

On our site, we’ll navigate to the dada_mail_support_files directory, then go to themes/email. I’ll create a new directory with the same as the name of my Foundation for Emails project: dada_mail_site. I’ll change into that directory, and copy over the entire dist directory my project has made, inside the dada_mail_site directory. Once that’s complete, my theme is essentially, “installed”!

Let’s set up my mailing list to use it. I’m going to log into my list, then navigate to, Appearance -> Email Themes. Our new theme should now be listed when we click on the popup menu. Select it, and Save!

select_an_email_theme

Done! Let’s test it out o the Mass Mailing -> Send a Message screen. This screen has the ability to preview a message, before sending it out. On this screen, I wrote a simple message, clicked the, Preview button:

template_preview_1

Looks pretty good! I’m going to add the following as my Login Image URL in, Mailing List -> List Information:

dada_mail_email_logo

Let’s try the preview again:

template_preview_2

Looks great!

We’ve just scratched the surface on how to create a custom email theme for Dada Mail. Please try it yourself, and let us know if you have any questions or comments!


Dada Mail’s Subscription Abuse Prevention Systems

Web apps are a target for abuse by individuals or other nefarious apps/bots. Dada Mail is no exception. Although we haven’t discovered a vulnerability in the app itself, it’s true that attempts are made, however unsuccessful they are. Here are a few ways to safeguard Dada Mail from these attacks.

Closed-Loop Opt-In Confirmation

The first line of defense doesn’t seem like one, but it’s the best defense against abuse of your app by hackers and spammers. Always makes sure Closed-Loop Opt-In Confirmation  is enabled for your public mailing lists – there’s no excuse not to use it.

Closed-Loop Opt-In Confirmation main job is to make sure only valid email addresss are adding to your mailing list, and confirms that the actual person who owns the email address wants to receive your mailing list messages. Without this feature enabled, anyone may subscribe anybody to your mailing list, leading to all sorts of problems.

It’s enabled by default, but this option can be found inside the list control panel in, Mailing List: Options. Look for the checkbox labeled, Require Closed-Loop Opt-In Confirmation

Disallowing  Multiple Confirmation Requests

By default, Dada Mail does not allow a user to try to subscribe to the same mailing list twice. This is to prevent simple abuse of your subscription forms, neglectful users, or automated processes that have run amok. If an additional confirmation attempt is tried, the user will still be allowed to have another subscription request, once a CAPTCHA is solved.

This option can be found inside the list control panel in, Mailing List: Options. Look for the checkbox labeled, Limit subscription confirmation sending. We suggest that this option is always enabled.

StopForumSpam

StopForumSpam is a third party service that keeps a database of usernames, email addresses and IP addresses that have been submitted as being abusive when used throughout the Internet. Dada Mail has support to look up both the email address and IP address of subscription requests. If either come up as positive, the subscription request is blocked from being completed.

This option is also enabled by default (see a trend?) and the option can also be found in the list control panel in, Mailing List: Options. Look for the checkbox labeled, Enable StopForumSpam Protection. StopForumSpam does require you to have the Perl CPAN module, LWP installed. But, even on shared hosts, this is usually available without additional installation. If you can send a webpage, you will be able to use this feature, as both rely on LWP Tools.

Rate Limiting

Rate Limiting is a feature in Dada Mail tracks where requests for various functions of Dada Mail comes from (not just subscription requests), and sets limits on what it’ll allow, before it senses there may be an attempt to abuse the app. Think Denial of Service (DOS) attacks, or brute-force password cracking. Rate Limiting can help nip this in the bud.

Rate Limiting is enabled by default, but its options can be customized during installation from within the Dada Mail installer. See the installer’s advanced configuration docs for more information.

Blocking Suspicious IP Address Activity

Sometimes, none of the above tests seem to help. Requests for subscription are from different email addresses, or a long time frame, and the email address and IP address aren’t listed on StopForumSpam. Still, there seems to be something fishy about all these different requests coming from the same IP Address. Enter, Suspicious IP Address Activity Protection. This features looks at the records for subscription requests and sees if there’s a strange correlation between requests of different email addresses from the same IP over a large amount of time. If there is, the subscription request is blocked.

This feature is also enabled by default and the option can also be found in the list control panel in, Mailing List: Options. Look for the checkbox labeled, Enable Suspicious IP Address Activity Protection.


Dada Mail v9.5.0 Released

Dada Mail v9.5.0 has been released – download and install using the instructions here. Changelog is below:

Features

StopForumSpam Integration

The StopForumSpam service (http://stopforumspam.com/) keeps a database of email addresses, locations, and usernames known to be used for abuse attempts on web apps like forums, blogs, and mailing lists.

Dada Mail now supports looking up this information when a user goes through the subscription process. If the IP address or email address of the user is returned by the StopForumSpam service as being known to be abusive, the first step of the subscription process fails.

This new feature can help stop your mailing list from being abused, curbs the wasting of server resources, and keeps your mailing list cleaner. StopForumSpam integration should definitely be seen as a security enhancement, as these users being marked as abusive are possibly part of a botnet, trying to find vectors for attack.

This integration of StopForumSpam is currently enabled by default, and requires the LWP Perl CPAN library – if you can send a webpage using Dada Mail, you most likley have this library installed!

Options to enable/disable StopForumSpam integration can be found in the list control panel under Mailing List – Options. Look for the checkbox labeled, Enable StopForumSpam Protection.

If WWW::StopForumSpam needs to be installed, a notification will be shown below this option to alert you.

Viewing the Unconfirmed Subscribers sublist

Dada Mail keeps track of subscribers that have started the subscription process, but haven’t yet confirmed their subscription by clicking the confirmation link that’s sent to them via email. Internally, this sublist type is called, sub_confirm_list (catchy name, huh?). It’s used primarily to make sure the same address isn’t repeatedly submitted to be subscribed again and again by some automated process. Curbing abuse is a big part of web apps like Dada Mail!

We’ve now added the ability to view and interact with this sublist. In the, Membership – View screen, you will see a new tab labeled, Unconfirmed Subscribers. You may view, search, delete, and export addresses from this sublist. You may also resend the subscription confirmation email message: look for the button to the left of the email address. Pressing the button will resend the confirmation email message.

This sublist is tightly coupled with the subscription confirmation process itself. Dada Mail’s subscription confirmation system works with a unqiue token embedded in the confirmation email that corresponds with records in its database. These records do expire after a while (60 days by default). When these tokens expire, addresses in this sublist will also automatically be removed, keeping your mailing list tidy, and your database trimmed and fast, without any additional work by you.

Viewing this tab can be enabled/disabled in the list control panel under, Membership – Options. Look for the checkbox labeled, Show “Unconfirmed Subscribers” sublist.

New Subscriber Export Options

In previous versions, Dada Mail could export your Subscribers (as well as other sublists), but the data it exports is not customizable. It would include the added/subscribed date (timestamp), the email address itself, profile fields, as well as the delivery preferences (if that option is enabled). Some users have problems then utilizing this information as-is, since some of the information is not needed. Although this exported informaton is in CSV format, which you can open the exported file into a spreadsheet app, and do more manipulation, but many users were having trouble with this cumbersome extra step.

Now, Dada Mail also allows you to specify what data you would like exported:

  • Email Address (always exported)
  • Date Added
  • Profile Fields
  • Delivery Preferences (if enabled)

Among other things, this allows Dada Mail’s exported data to be easily read and imported back into Dada Mail itself – something it couldn’t do (embarrassingly) before!

Using this new functionality is simple: instead of exporting the data right away, after you click the Export button, a modal menu will open up, allowing you to choose what data you would like the exported data to hold.

Email Parsing Engine Advanced Tuning Options

Dada Mail now allows you to easily tune the underlying email parsing engine (called, MIME::Tools), so that you can either have a faster parser that’s more memory intensive (the default), or a somewhat slower parser that uses less memory.

We’ll be experimenting with the latter, as it should help with working with large, complex email messages with large attachments, as well as running Dada Mail as a long-running process.

More information on how to change these options are available at,

http://dadamailproject.com/d/install_dada_mail-advanced_configuration.pod.html#Configure-Email-Parsing-Engine


Dada Mail v9.4.0 Released – Rate Limiting

Dada Mail v9.4.0 has been released – download and install using the instructions here. Changelog is below:

Rate Limiting

We’ve enabled a Rate Limiting in Dada Mail! This is a safeguard against perhaps nefarious attempts at attacking the Dada Mail when there are many requests done in a short space of time. Before v9.4.0, Dada Mail would happily try to serve each request, and sometimes this would cause problems. One scenario:

Say you have a subscrption form, and say that form has been targeted by a bot in an attempt to exploit it. There aren’t any currently known exploits out there in the wild for Dada Mail, but perhaps the bot doesn’t know that, so it just tries to fill out your form multiple times a second. This can cause problems with resources on your hosting account reaching their limit, and cann also cause multiple emails to be sent to bogus addresses, and probably bounce back, which cause much annoyance. If you utilize a third party email service, like Amazon SES (which we highly recommend!), this can work against you, as this service monitors bounce rates closely and will not allow the rate to go too high. If it does, you’re in hot water with Amazon AWS.

Dada Mail’s Rate Limiting now monitors who is requesting what, and how many times. If it notices what could potentially be signs of abuse, it’ll deny the request for a small amount of time. This stops flagrant and out-of-control abuse of the app and does so easily.

Rate Limiting is enabled by default, and its options can be customized in Dada Mail’s included installer. More Information: http://dadamailproject.com/d/install_dada_mail-advanced_configuration.pod.html#Rate-Limiting


v9.4.0 Beta 1 is out – Rate Limiting!

Hello everyone, v9.4.0 Beta 1 is out.

Download and Install:

http://dadamailproject.com/support/documentation-9_4_0-beta1/install_dada_mail.pod.html

(Pro Dada versions are available)

This version has the new Rate Limiting feature built in. Seems to work really well! Now that it’s a part of the app, seems a little naked to run without it. Rate Limiting is currently enabled by default, and also has settings that can be customized in the installer. I’d love to get some more real-world feedback in seeing if the feature is working at all/as intended. I’m running it myself and seems to work well. It’s one of those, “Behind the scenes” features though, so nothing out of the ordinary seems to be different, unless something is terribly wrong!

Here’s what you need to know:

http://dadamailproject.com/support/documentation-9_4_0-beta1/install_dada_mail-advanced_configuration.pod.html#Rate-Limiting

Rate Limiting

When enabled, rate limiting keeps track of the requests of certain features in Dada Mail – features like trying to log into the list control panel, or subscribing to a mailing list. Dada Mail keeps track of these requests by IP Address and can be configured to have a maximum amount of requests per timeframe. If more than the maximum amount of requests are made within the timeframe, the rate limit is said to be exceeded, and further requests will be denied.

This feature is especially important in any feature that involves filling out a form, then having that feature send out an email, like a subscription confirmation. Potentially nefarious bots may be filling out your subscription form quite blindly, with various bogus email addresses, causing all this unneeded email to be sent, then bounced back. If you’re using a third party email sending service, like Amazon SES, this out of control behavior could potentially lead to problems with you not following their Terms of Service.

Although rate limiting in Dada Mail was first implemented for the above scenario, it’s used in many other places:

• Running the Cronjob Schedule

• Subscription by the classic subscription form

• Subscription via the RESTful API

• Subscription and Unsubscription Confirmation via the token URL (or any URL with a token in it)

• Logging in and out

• Encrypting a password

• Requesting to download a file attachment

• Profile activation/registering/resetting password/login and out

• Accessing the list control panel login screen

Enable Rate Limiting

Check this option to enable Rate Limiting. Enabled by default

Timeframe (in minutes):

Timeframe is the amount of time a number of requests for a certain feature/function can be made

Max Hits

Max Hits are the amount of requests for a certain feature/function that may be done in the Timeframe set above.

If more requests than the Max Hits happens within the Timeframe, the feature/function will be inaccessible, until the number of requests is below the Max Hits threshold. Any other feature mentioned will still be available to the user, and any other users of the app will not be affected (unless of course they’re being tied to that same IP Address)

Config Variable:

$RATE_LIMITING .

That’s it! Give it a try,


Dada Mail v9.3.0 Released

Dada Mail v9.3.0 has been released – download and install using the instructions here. Changelog is below:

Features

Subscriber Delivery Preferences editing on Membership – View screen

For discussion lists that have digest enabled, editing individual delivery preferences can be done on the Membership – View screen, rather than having to visit the individual subscriber’s membership screen to make the edit.

Delivery Preferences are now also exported, when you export Subscriber data via csv.

Changes

No Directory Listing in dada_mail_support_files directory

During installation/upgrade and when using the included Dada Mail Installer, the Installer will now create a .htacess file, with the following directive:

        Options -Indexes

This stops a directory listing to be returned for anyone/anything visiting the root of this directory. Since files/directories of older installs are backed up, and since some of the files in these backed-up directories could have exploits fixed in the more recent versions being installed, this simple removal of the directory index may stop these potential exploits.