Knowledge Base
Community

E-mails from GiffGaff: A better approach?

Started by: thunderdragon
On: 10/12/2018 | 21:33
Replies: 14
Reply

by: thunderdragon
on: 10/12/2018 | 21:33 edited: 10/12/2018 | 21:50
Hi again everyone! Smiley Happy
The events of the last week and the reactions taken in relation to it - Which have called for the sending of over 1,5m e-mails to customers - Has revealed on the side that GiffGaff doesn't have unlimited e-mail capacity, and (It appears) they are limited to sending a specific maximum number of e-mails each day. There's no information on what this figure is of course, but I'm gonna guess it's somewhere in the region of 1MiO/day or something like that.

In addition, it's becoming clearer that a lot of member functions - Particularly charity vote rounds and other things (Like the "We're Sorry" e-mail which some will have got today) - Might be accessible only through links in e-mails and not from links in the account dashboard, like one might ordinarily expect. Smiley Indifferent
For the more security-conscious amongst us - Who'll avoid links in e-mails like the plague, no matter the authenticity of the message - This runs the risk of excluding us from PayBack charity voting and other essential member functions, and might also explain why after searching extensively over the years I've never been able to find the darned Vote for Your Charity page! Smiley Surprised

With the above two items in mind, wouldn't it be a better idea for GG to add a "Members Inbox" to the Account area (With unread items at the head of the Dashboard) where members can view e-mails directed at them, possibly refraining from e-mailing them to the user if they happen to have logged-in and read them before they've been sent out? This'd at least mean GG can bulk-mail everyone at once (As the message remains internal) and the e-mail distribution system can prioritise receipts/legal items (GoodyBag/credit receipts, T&C docs) and group up batches of pending mail to drizzle out bulk/less important stuff using spare e-mailing capability that'd go unused otherwise? Smiley Happy

Just my thoughts on ways to make GG a little better to use and save them some pennies in avoiding surge capacity charges on the side... Smiley Happy
+++ ThunderDragon +++
WARNING: The "Always On" GoodyBag does NOT offer unlimited data. More details Here.

i before e except after Firefox... Smiley Wink                                     German Sausage jokes: They're the Wurst!... Smiley Tongue
Message 1 of 15
by: ujo55
on: 10/12/2018 | 23:52
@thunderdragon
Totally agree with you.
I suspect from what t_will has written in announcements that 'a few hundred thousand e-mails had been sent in the 1st 3 days' and talk of extending the registration deadline the giffgaff e-mail limit is somewhat less than 1.0 million / day.
Some who have received the mail complete with link have raised concerns it may be a scam, particularly given the spate of span texts with similar looking links which have been received by some gg members recently.
Believe your solution whic involves a secure mailbox accessible via the dashboard after logging in is a good option, for some of us at least.
Message 2 of 15
by: inspiron42
on: 11/12/2018 | 08:22
I agree. Emails are an inappropriate medium for these communications.
Get a free Giffgaff Sim
Message 3 of 15
by: shabazmoqsud
on: 11/12/2018 | 16:11

@thunderdragon ur idea is great and supported by me

 

If u can put ur idea in labs i will vote for it.

Get a free giffgaff Sim
Message 4 of 15
by: thunderdragon
on: 11/12/2018 | 18:08 edited: 11/12/2018 | 18:27
@ujo55 @inspiron42 @shabazmoqsud I've just tried to put this into Labs, but for some reason - Even though I'm a full & active member - It seems to have been marked with some kind of Pending status and isn't viewable yet. Can't say I was expecting my Labs submissions to be going through a filter, especially when no searches of Labs bought up a comparable idea for me to support beforehand! Smiley Surprised
( @woodyuk Is this a new measure to prevent duplicate Labs submissions, please? I was active in the Labs group a while ago and I know it was a big problem back then, but I've fallen behind with developments over the past year or so. Smiley Surprised )

All being well - If it's approved (I hope it is!) - It should be appearing at Make GG e-mails viewable from the Account Dashboard soon. (If that link doesn't work, give This one a go. Smiley Happy ) and a preview of what's in that Labs idea follows after my sig, too. Smiley Happy
+++ ThunderDragon +++
 
GiffGaff Ideas > Communications > Make GG e-mails viewable from the Account Dashboard

​A Recent discussion about GiffGaff e-mails revealed that GG are using a few unwise practices in theirs:
  • Important links (i.e: Charity voting rounds) are only sent to members via e-mail, and cannot be accessed by logging into ones GG account.
  • GG have limited e-mail capacity (They can only send out ~500k a day) which leads to delays when lots have to be sent around,
  • Tracking links and code are used extensively (Each image tells GG if a message has been opened) which is a considerable privacy issue,
  • Links used are hard to differentiate from those in scam e-mails, which means security conscious members are unlikely to follow them and thus lose out on whatever function (Charity nomination/vote or outage related remuneration) the e-mail was meant to serve,
  • In addition: The format used (HTML - Encoded Quoted-Printable - With no plain-text fallback) makes these e-mails very hard to read and handle with plain-text/manual methods, making them almost unreadable in Mutt and other terminal-based clients.
Please could GiffGaff consider adding an E-mail Centre to the Account Dashboard, which would allow members to view e-mails GG have sent them by logging-in to their accounts and visiting the E-mail Centre from there. This would offer a number of benefits:
  • Security-conscious members can verify and access e-mails safely by logging-in to their accounts and seeing if the e-mail they've received appears there too. If it doesn't, they'll be able to raise a timely scam warning on Community & with GiffGaff themselves.
  • Members who don't have access to e-mail that day/are out-of-office can still collect service and marketing e-mail from GG if so desired,
  • "Missing" e-mails can be collected from the Dashboard instead, reducing Agent tickets and posts in H&S asking about these.
  • GGs limited e-mailing capacity can be better managed by sending only legal comms & receipts at point of creation (Such as the new member welcome e-mail with T&Cs, or top-up/GoodyBag receipts) and buffering less urgent e-mail (Routine mass mailouts, promos, Community thread subscriptions etc) for sending at times when spare capacity exists.
    In a day when 12,500 e-mails have been sent out directly - For example - The next 487,500 buffered e-mails could be uploaded to the mail provider around 22:45 for transmission, making better use of the spare capacity left over from that day.
  • During times of high e-mail demand (Such as December 2018's network outage) messages which have been buffered for sending but have been read by members through the E-Mail Centre in that time could be moved to a "low urgency" buffer and sent whenever capacity is freed-up, or (If the member has already read it from their Dashboard and acted upon it) perhaps deleted as redundant.
Implementing this would ensure that GiffGaff not only serve members in a more straightforward and secure way that makes a lot of sense (And making the service more accessible to the highly security oriented, and avoiding them missing out) but would also allow them to keep a lot of communications internal, manage/reduce resource consumption avoiding surge pricing completely, and in doing this help to keep operational - And thus; service - Costs low for all of us! :-)
WARNING: The "Always On" GoodyBag does NOT offer unlimited data. More details Here.

i before e except after Firefox... Smiley Wink                                     German Sausage jokes: They're the Wurst!... Smiley Tongue
Message 5 of 15
by: ujo55
on: 11/12/2018 | 18:48
Great thanks for doing that.
Yes all new ideas have to go through a vetting process to avoid duplication and it includes the necessary details.
Seems to take 1 to 2 weeks
Message 6 of 15
by: woodyuk
on: 11/12/2018 | 19:09

@thunderdragon I'm not a member of the Labs group but from what I've read,all submitted ideas are reviewed.

Message 7 of 15
by: thunderdragon
on: 11/12/2018 | 20:11 edited: 11/12/2018 | 20:18
@ujo55 @woodyuk Aye. Given the amount of duplicate suggestions we were having in Labs a while ago, I suppose this makes a lot of sense. It'd be a good idea if they put a notice to this effect on the Labs submissions page, though. Smiley Happy

Following the discussions we had yesterday, I had a dig through my mail earlier and retrieved the e-mails from GG so I could pull the links out of them and finally take part in the current charity voting round and nominate my Compe... *ahem* Remune... *ahem* Entschuldigung for the network outages as a charity donation.

I do need to mention a few things about those e-mails, though. I've directed this at Will in the other thread where we're discussing e-mail matters in parallel, but I'll copy it here as it's relevant to this one as well. @t_will, we might want to move the mail related discussion into this thread. Smiley Happy
Click to reveal
  • I don't know if this is a decision on GG or the mail providers part, but having e-mails sent in html/quoted-printable formats makes the MIME source a PIG to handle by hand or in plain-text clients like Mutt. Locating, extracting and decoding the links from three GG e-mails (By hand in gedit) took me over an hour...And that's an experience I'd rather not have to repeat! Smiley Surprised
  • I was most disappointed to see no text/plain fallback in any of the three e-mails I handled, which should really preceed the HTML version and make use of the Multipart/Alternative wrapper. This'd mean all clients can read these e-mails (Modern clients'll display the HTML version, older/text clients'll get the ASCII fallback, and bit-bangers like myself'll just read the ASCII text after the header) and they'd be much easier for us to handle.
  • Drop the tracking links, and URLs used in embedded images! This isn't just an invasion of the users privacy - I have a right not to disclose whether I've opened an e-mail or not - But also ramps up resource consumption a great deal. If there's a trackable link in there, it should be one the user will follow if they want to perform that action (Putting aside the fact that Click to do this without authentication links should never exist in e-mails) and the use of tracking should be clearly obvious.
  • I'd recommend e-mails be sent wrapped in a MultiPart/Alternative wrapper, carrying the following items in listed order:
    1. text/plain copy of message in human readable form and MIME 1.0 compliant, with a link to view the HTML version via browser given at head of text, and inline links connected to listed links at end of text using annotations. Try to offer URLs shorter than 70 chars, please.
    2. text/html version of message encoded using base64 for ease of use when handling raw source. If one using a terminal requires something from the HTML copy (Not likely, if the text/plain copy is done properly) they can always use the base64 utility to decode this into a local file. Smiley Happy
    3. Binary attachment or inclusion 1 (base64)
    4. Binary attachment or inclusion 2 (base64)
    5. ...
    6. ...
    7. Binary attachment or inclusion X (base64)
    With this in mind, a properly encoded GG mail might look a bit like this (At the MIME source level):
To: A Customer <a.customer AT example,com>
From: GiffGaff <no-reply AT giffgaff,com>
Subject: Just wanted to say hello! :-)
Date: Tuesday, December 11th 2018 13:45:00 -0500
content-transfer-encoding: multipart/alternative; boundary: gg-wrap-a

--gg-wrap-a
content-disposition: inline
content-type: text/plain; charset: utf-8

Want to see this e-mail in it's full glory? Please visit
  https://nomail.example.com/msg?campaign=SayHello&uid=12345678

Just a quick test message from GiffGaff to say hello, and to show how a
*properly* encoded e-mail might look! :-)

--gg-wrap-a
content-disposition: inline
content-transfer-encoding: multipart/alternative; boundary: gg-html-b

--gg-html-b
content-disposition: inline
content-type: text/html; charset: utf-8
content-transfer-encoding: base64

PGh0bWw+PGJvZHk+Cjxmb250IHNpemU9MT5XYW50IHRvIHNlZSB0aGlzIGUtbWFpbCBpbiBpdCdzIGZ1
bGwgZ2xvcnk/IFBsZWFzZSA8YSBocmVmPSJodHRwczovL25vbWFpbC5leGFtcGxlLmNvbS9tc2c/Y2Ft
cGFpZ249U2F5SGVsbG8mdWlkPTEyMzQ1Njc4IiB0YXJnZXQ9Il9uZXciPlZpZXcgaXQgb25saW5lPC9h
PiE8L2ZvbnQ+PHA+Ckp1c3QgYSBxdWljayB0ZXN0IG1lc3NhZ2UgZnJvbSBHaWZmR2FmZiB0byBzYXkg
PGI+aGVsbG88L2I+LCBhbmQgdG8gc2hvdyBob3cgYSA8aT5wcm9wZXJseTwvaT4gZW5jb2RlZCBlLW1h
aWwgbWlnaHQgbG9vayEgOi0pPHA+CjwvYm9keT48L2h0bWw+Cg==

--gg-html-b
content-disposition: inline-attachment; filename=gg-email-example.png
content-type: image/png
content-transfer-encoding: base64

H4sICKwUEFwAA2dnLWVtYWlsLWV4YW1wbGUuaHRtADVQTWvDMAy951eoOWwM1prum+K4x46dBoPtWNRE
jkVtK4sduuzXLwnsINDjIb0P7XLwRp+kGU2hrcQMiX+p2povnPYskIggO05A64DsgSNwvk5gB++h9dKP
e3j3hIlAI7iebFW6nLu0UyrKfLKhHwydp00tQYXU7usJIrex+sDxlbyXq4Gbant3//D49PxSQsa+pVyV
x0iX0nwyXSZJkOg5klZoVlrNTo3uTPE2pAwI3wPXZ8g0gUApYUtgewlwYGsPaO2SBEfQJ+NmRa1O5hYw
Ngvh5ALzIGg2XS8d9X7Uig1QrKWh5j984NZl8CLnFezWN7OB6dNcnlZLk8UfR+G71lEBAAA=

--gg-html-b--
--gg-wrap-a

content-disposition: attachment; filename=gg-email-example.htm.gz
content-type: application/gzip
content-transfer-encoding: base64

H4sICKwUEFwAA2dnLWVtYWlsLWV4YW1wbGUuaHRtADVQTWvDMAy951eoOWwM1prum+K4x46dBoPtWNRE
jkVtK4sduuzXLwnsINDjIb0P7XLwRp+kGU2hrcQMiX+p2povnPYskIggO05A64DsgSNwvk5gB++h9dKP
e3j3hIlAI7iebFW6nLu0UyrKfLKhHwydp00tQYXU7usJIrex+sDxlbyXq4Gbant3//D49PxSQsa+pVyV
x0iX0nwyXSZJkOg5klZoVlrNTo3uTPE2pAwI3wPXZ8g0gUApYUtgewlwYGsPaO2SBEfQJ+NmRa1O5hYw
Ngvh5ALzIGg2XS8d9X7Uig1QrKWh5j984NZl8CLnFezWN7OB6dNcnlZLk8UfR+G71lEBAAA=

--gg-wrap-a--
(Caution: Rather technical textwall behind this spoiler tag! Smiley Happy )

Granted, the above is rather technical and totally bit-banged together (Yes, I can type MIME source out by hand & be fairly close to the standard! Smiley Happy ) but would be interested to see what other techies on the forum think of the recommendation. Smiley Happy
+++ ThunderDragon +++
WARNING: The "Always On" GoodyBag does NOT offer unlimited data. More details Here.

i before e except after Firefox... Smiley Wink                                     German Sausage jokes: They're the Wurst!... Smiley Tongue
Message 8 of 15
by: revjonty
on: 15/12/2018 | 03:27
I submitted an idea along these lines a few months ago when another member asked if someone else would do so.
Unfortunately I was told it was a duplicate, despite not being able to find anything similar myself, and despite asking to be pointed to the duplicate, my pm was ignored.

Ho hum. Maybe your version will get through @thunderdragon good luck!

Order a sim from here & get a bonus £5 credit upon activation


Get a free giffgaff Sim
Message 9 of 15
by: revjonty
on: 15/12/2018 | 03:44 edited: 15/12/2018 | 03:59

Here is the idea I submitted.

https://labs.giffgaff.com/idea/16711927/don-t-ask-customers-to-click-on-links-in-emails-provide-link...

As to what it duplicated I'm still none the wiser.

As you've reminded me of this, I've just submitted a new idea, for people to get a link to the duplicate as a matter of course, when an idea is deemed a duplicate.

 

Edit to add. 

Having just tried that link with an incognito tab (as the site won't log me out) to test if the link was publicly viewable, I'm afraid it isn't.

I'll put the text into a spoiler 

Click to reveal

Don't ask customers to click on links in emails, provide links on the main gg site instead.

vicarCENC.JPG

By: revjonty | 15-07-2018 16:49

all webpages mentioned in emails should be findable from the GiffGaff homepage or "My GiffGaff" and shouldn't depend on customers clicking on links in emails.

 

The benefit to members is better online safety, the benefit to giffgaff is a reduction in agent time fielding enquiries about the legitimacy of emails.

 

This idea was submitted to contribute by an ex member @snozboz after they received an email regarding a refund, which could potentially have been a scam.

They asked that someone else would submit it to labs. I couldn't see a down side to implementation of this as I would consider it best practice, and something of a no brainer, which is why I am posting this as an idea, below is a full quote of their post.


snozboz wrote:

I received an email about this issue:
https://community.giffgaff.com/t5/Announcements/We-ve-recently-identified-a-billing-issue-here-s-how...
which asked me to click on a link in the email. This link took me to a webpage that asked me for personal information. There was no way of finding that webpage from "My GiffGaff" or the GiffGaff homepage, so I was forced to click on that link in the email.

In this case, it turned out to be legitimate - I contacted an agent to check, and they said the email was legitimate, though I still had to click on the link in the email because, as the agent said:
"we'll be able to identify you as one of the members that were affected by this issue"
Surely, if I'd logged in with my GiffGaff credentials, this would have proved this? Though maybe the email in this case went to people, not only who weren't using GiffGaff anymore (like me), but had actually deleted their online GiffGaff account. Anyway...

Emails are extremely easy to fake. Webpages are extremely easy to fake (and make look like legitimate ones). Links in emails are extremely easy to fake and change so they point to fake webpages. Once you're on a webpage that "looks" legitimate and has the padlock icon in the address bar etc, it's very easy to give your personal information to scammers and fraudsters etc. We as end-users are often told to be vigilant for spam and scams and fraudulent emails etc - yet if companies like GiffGaff send us emails that function in the same way as scams, how are we to know the difference? We become trained by GiffGaff and others to do what the scammers want - trust on appearance, click on links in emails, enter our personal information etc. Having to get in touch with an agent (which is what I did to check) isn't quick or convenient, and the need to do so could be avoided.

For instance, in this case, the email from GiffGaff could have asked me to login to "My GiffGaff" and follow the link there - instead of giving me a link to click in the email itself.

It's not just GiffGaff who do this, but as it was GiffGaff this time I thought I'd say something because they might actually listen (unlike my bank!).

So my "idea" is - that all webpages mentioned in emails should be findable from the GiffGaff homepage or "My GiffGaff" and shouldn't depend on customers clicking on links in emails.

As I rarely visit this forum, please would someone else follow this up and post it as an "idea" once it has been debated and refined here.

THREAD HERE:

https://community.giffgaff.com/t5/Contribute/Links-in-emails-should-be-treated-with-suspicion-so-web...

 

Order a sim from here & get a bonus £5 credit upon activation


Get a free giffgaff Sim
Message 10 of 15