Understanding Amazon SES Opt-In and Verification

1. Examples of System Emails
2. How to Opt Into the Email Service
3. If Patrons or Staff are Still Not Receiving System Emails
4. Frequently Asked Questions

Due to best practices and industry standards for email privacy and security evolving and becoming increasingly strict, Evanced has been forced to update how our email service is implemented and opted into by staff and patrons. The core of these new guidelines revolve around the additional requirement of a one-time human interaction or "manual" opt-in before any additional emails can be received from the system.

The purpose of this article is to make you aware of the changes in process required before a user can continue to receive emails from our software's email service.

Examples of System Emails
List of emails a patron will not continue to receive until they choose the one-time opt-in to the email service:

• SignUp
  • Registration confirmation
  • Cancellation
  • Waiting list status change
  • Event reminder
  • Upcoming events
• Spaces
  • Account Creation
  • Reservation request
  • Reservation confirmation
  • Reservation payment request
  • Reservation reminder
  • Reservation status change
  • Patron password reset
• D!BS
  • Reservation confirmation
  • Reservations status change
  • Reservation reminder
  • Eviction
  • Patron password reset
• Events
  • Registration confirmation
  • Cancellation
  • Waiting list status change
  • Event reminder
  • Upcoming events
• Room Reserve
  • Reservation request
  • Reservation confirmation
  • Reservation payment request
  • Reservation status change

List of emails a staff member will not continue to receive until they choose the one-time opt-in to the email service:

• SignUp
  • Event contact notification emails
• Events
  • Registration summary emails
• Room Reserve
  • Reservation request emails
  • Contact emails

Note: Even if a patron or staff member has previously received in-app emails from the system (such as those outlined above), the user will still need to perform the one-time manual opt-in to receive any additional emails from the software. Once his or her email address has been verified, the user will begin seeing emails from the software.

How to Opt Into the Email Service
Below is an example screenshot of what the verification email will look like to your staff and patrons. The subject line of the email is "Please confirm your email address." The sender email domain will appear differently depending on which product the patron or staff member is using.** Note that this verification email will not be sent to a user until the user completes an email-triggering action in the system (e.g. register for an event, place a reservation request, etc.) Once the patron or staff member has verified his or her email, any emails which have been queued will be sent out. 

The patron or staff member should click the "here" link in the email and click the "Verify" button on the resulting page to complete the verification process. Note: The link within the email will expire after 72 hours.

If Patrons or Staff are Still Not Receiving System Emails

1. If a patron or staff member is not receiving emails, he or she can first be directed to search for the verification email in his or her inbox, spam, and trash folders. The subject line of the verification email is "Please confirm your email address" (see email example pictured above.)
2. If the link has expired, the staff member will need to follow the workflow outlines either within the New Core Approach or Classic Product Approach of assessing a patron's verification status.
3. If a patron has already received a verification email and the link therein has expired, they have the ability to request another verification email by sending an email to verify@evancedsolutions.com directly from their email account

Frequently Asked Questions

Are patrons able to resend the verification email themselves?

How do I start receiving emails again?

• Engage in an email-triggering action within the software (e.g. register for an event, place a reservation request, etc.). You should receive a verification email. Follow the instructions outlined in the How to Opt Into the Email Service section.

What happens if my patrons do not opt-in before the 72-hour expiration?

• If the link has expired, the staff member will need to follow the workflow outlined either within the New Core Approach or Classic Product Approach of assessing a patron's verification status. 

How does the verification email process affect phone text notifications?

• If your patron submits their phone number for text notifications, the verification email has no direct affect on the text notifications.  The patrons should continue to receive the same notifications.  

How does the verification email affect the patrons registration or reservation request? 

• The verification email has no direct affect on the patron's event registration or reservation request.  Not verifying the email would simply prevent the patron from knowing the status of their reservation request (if it was approved or not, or if payment was pending), or if there were any changes in their registration status.

What if my patron did not receive the verification email?

• If your patron did not receive the verification email, he or she either entered the email address incorrectly or the email is not being directed to his or her inbox. Depending on your product usage, you will be able to follow the New Core Approach or Classic Product Approach to assess a patron's verification status. Next, make sure the patron checks his or her inbox, spam, and trash folders for the verification email with the subject line "Please confirm your email address."

Why does the verification email expire?

• The link in the verification email has to expire in order to prevent the link's accessibility to bots and their abuse. The chosen 72 hour allotment is lengthier than the industry standard of 24 hours, but still within the acceptable limits of industry guidelines. Failure to protect this link with an expiration time can result in a verification other than the required "manual" human interaction which would put our email service in violation of industry standard guidelines.

Why can't a verification email be sent each time a patron makes an email-triggering action in the software until they choose to verify?

• We are only authorized to send one automated email to any unverified email address. This one-time automated email is sent when the user makes their first email-triggering action in our software. In order to have a second verification email sent, the email has to be sent manually and at the request of the recipient. By industry standard guidelines, this manual verification email re-send cannot be triggered from a publicly accessible page, and sending multiple verifications "automatically" is considered spam. Within our newly assessed verification workflow there is now the ability to have an Admin or Staff member initiate a manual private re-send of this verification email.

Why can't we have a list of emails that have not been verified so that we can manually re-send them all the verification email again in bulk?

• In order to have a second verification email sent from our service, the email has to be sent manually and can only be done at the request of the recipient. Manual bulk resending of multiple verification emails a second time, without the request of the recipient is considered spam. Again, this new email service requirement is for a manual opt-in meaning a patron will have to take an action which proves they are not a bot before being on the list. If a patron has not verified his or her email address or given a request for a manual re-send of the verification email, then he or she has not granted our email service permission to send anymore emails or proven he or she is not a bot. Within our newly assessed verification workflow there is now the ability to have an Admin or Staff member initiate a manual private re-send of this verification email.

Why is preventing Bot and Spam abuse important?

• Measures to prevent spam and bot abuse are critical to maintaining our standing as a secure and reputable email service provider. To this end, we are constantly striving to maintain high standards that both protect our customers and prevent system outages that may result from not adhering to industry guidelines.

Can I change the look of these Verification Emails?

• Each outbound verification email is already tailored towards the product which it is coming from e.g. SignUp, Spaces, Events, Room Reserve along with library specificity, but if you wish to customize these templates further there are certain segments which are able to be changed (as long as it stays within the industry guidelines). These customizations are limited to the opening sentence, subject line, and signature of these emails. For any configuration changes, you will want to reach out to Evanced Support to have them facilitate the change.

What changes have been made for Spaces?

• When a patron creates an account within Spaces and their email address is previously unverified, they will receive the Spaces account confirmation email instead of a verification email. With the action of verifying their Spaces account, they will perform a dual action of verifying their email address along with confirming their Spaces account.

** The email domains are as follows (the username, or prefix, of the sender address is dependent upon your library):

Article ID: 678
Created On: Tue, Nov 3, 2015 at 3:46 PM
Last Updated On: Thu, Aug 25, 2022 at 12:42 AM

Online URL: https://kb.demcosoftware.com/article.php?id=678