Hacker News new | comments | ask | show | jobs | submit login

At Zapier, we jumped through a lot of extra hoops to make sure that emails are categorized and you can easily opt-out with a single click (no matter if you are logged in or not). Some emails cannot be opted out of (the only two right now are payment transactions and forgotten/reset password) but everything else can be.

We have a lot of other cool stuff in emails like single click logins, viewing pixels with custom payloads, our open source drip campaign mailer for Django, and much more. If there is any interest, I'd be happy to go into deeper detail.

We do the same and just got our first request to unsubscribe from our receipt emails since we don't provide an unsubscribe link on it. Waiting for our first person to complain about our reset password email, have a feeling its coming soon.

I'd be interested if you have details on handling single-click login as securely as possible.


Basically, reuse a lot of signing functions that you might find in a library (IE: Django's https://docs.djangoproject.com/en/dev/topics/signing/), don't roll your own. Then, keep track of last login IP address and block auto-logins when they mismatch. Then, set a max age for the login links to work (for example, 24 hours). There are a few other things we do as well, but those are the major ones.

Those three combined are fairly secure.

Thanks. You said "last login IP". If it's a single IP, I guess you're talking about transactional mails the user has triggered. If it was marketing mails, you'd surely want to compare against a list of recent IPs, not just the very last, wouldn't you?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact