Last modified: 2014-04-11 19:49:22 UTC
I received this notification and though it was phishing:
From: MediaWiki mail
Subject: You have a new talkpage message
Wikipedia user Axpde posted on your talk page:
/* ? */ new section
To control which emails we send you, visit:
Wikimedia Foundation, 149 New Montgomery St., 3rd Fl., San Francisco, CA 94105.
The WMF never wants to appear responsible of the users' messages and emails.
From https://noc.wikimedia.org/conf/highlight.php?file=InitialiseSettings.php :
'wmgEchoEmailFooterAddress' => array(
'default' => 'Wikimedia Foundation, 149 New Montgomery St., 3rd Fl., San Francisco, CA 94105.',
This is parameter $1 in message 'echo-email-footer-default'.
(In reply to comment #0)
> The WMF never wants to appear responsible of the users' messages and emails.
I think the WMF might actually need to be here, due to some anti-spam requirements, You can always git blame the noc.local settings to see who added it and follow up with that user.
(In reply to comment #2)
> I think the WMF might actually need to be here, due to some anti-spam
Anti-spam requirements? This is text in the email body...
CC'ing Philippe so that he can confirm with LCA if they really want to be named in the body of the e-mails.
Thanks for bringing this up.
The decision to include the WMF address in notification emails was made by Michelle Paulson in the Wikimedia Foundation's legal team.
This address is required by law, and is consistent with best practices for this type of notifications.
Please let us know if you have any further questions about this. Thank you!
This is completely silly. Not even in OTRS we use the WMF address. And that text doesn't properly the fact that WMF operates the server, but has absolutely *nothing* to do with the content.
Added by bsitu on 18 Dec 2012, in e4d435a5da8b51bf1988a8d242eb7eb0c4fa1d99. The commit message says nothing about any email regulation (“Configuration change for Echo extension”). Looks like someone simply thought it was a good idea.
Fabrice, if you really want to keep the address, what about prepending it with "This site is operated by " [Wikimedia Foundation...] Even then, I'd expect some people misunderstanding it, taking it as coming from WMF.
(In reply to comment #5)
> The decision to include the WMF address in notification emails was made by
> Michelle Paulson in the Wikimedia Foundation's legal team.
Did they also review/request the specific implementation/look of it?
> This address is required by law, and is consistent with best practices for
> type of notifications.
What best practices? I don't see anything like that in Google's or eBay's notifications. Twitter has a line but it's very hidden, at the end of a small-font footer after several lines of other meta information on how to unsubscribe etc.
On the contrary, this footer is probably the most prominent part of the notification.
Yes, WMF's legal team reviewed the specific implementation of notifications.
Note that you are only looking at the plain text email notification -- not the HTML implementation that will come out in a few weeks, as shown in this mockup:
Once this HTML email feature is deployed, this legal notice will be greatly reduced in size and should address your concerns.
On the question of best practices, all top sites we have researched include such an address at the bottom of their notification emails, as shown in these screenshots:
Because this is required by law, I'm afraid I don't think we have a lot of flexibility on this issue.
Platonides, thanks for your suggestion that we add more clarifications in the footer. However, we would rather keep this legal disclaimer as short as possible, so it's more readable. I don't see a strong need to make this any more complicated than it needs to be, when you consider that most large sites use short versions as well.
P.S. On side note, I do not see any evidence to support the view that "this footer is probably the most prominent part of the notification", given that it appears last, not first, in the plain text emails. But this seems like a moot point, as plain text emails will soon be replaced by HTML emails.
As I understand it, the [[CAN-SPAM Act of 2003]] requires that certain organizations include a physical mailing address in e-mails.
From that article's "Content compliance" section:
A legitimate physical address of the publisher and/or advertiser is present. PO Box addresses are acceptable in compliance with 16 C.F.R. § 316.2(p) and if the email is sent by a third party, the legitimate physical address of the entity, whose products or services are promoted through the email should be visible.
Arguably that law only applies to commercial entities like Google and Facebook, but lawyers will be lawyers. :-)
For what it's worth, every Facebook notification e-mail I receive has this footer or a close variant:
View Conversation on Facebook · Reply to this email to message Some Sender.
This message was sent to email@example.com. If you don't want to receive these emails from Facebook in the future, please unsubscribe.
Facebook, Inc., Attention: Department 415, PO Box 10005, Palo Alto, CA 94303
I rarely get e-mail from Google, but the most recent e-mail I received (something I opted in to, even) included this footer:
You are receiving this notification for every newly generated Google Account Activity Report. Change reminder settings
Yes, even with the "©". Silly Google.
This bug may be a wontfix, unless the goal is to simply make the mailing address less obtrusive. Fabrice is right that using HTML e-mail will mitigate this annoyance heavily.
No good reasons for high priority here ("fixing" has no obvious urgency), plus proposing WONTFIX due to legal requirements.
Thanks, André and MZ McBride.
I concur with your recommendation to mark the but as wontfix, for all the reasons stated above.
I have gone ahead and done that.
Thanks again to everyone for your thoughtful observations on this issue!