I’ve enabled Confirmed Opt-in and created a web page with a form where the user inserts their email and receives an email with a link to click to approve. Everything works fine: when the user clicks on the opt-in link, they’re redirected to a thanks page and their email appears with the double check in the Lead record (the web form creates a Lead whenever a user confirms the request).
Now, in order to prevent a possible abuse, i.e. users inserting other’s email in the web form, I’d like to stop emails going to “opted-out addresses”. At this moment, the opt-in email is sent to the address inserted in the form EVEN IF that address is opted out in the Lead record. I tried to set the INVALID flag, but the opt-in email is sent as well.
Is it possible to completely stop the outgoing email when the address is OPTED-OUT? Thanks.
I understand your point, and we’ve been discussing about that. Our main concerne is related to GDPR and the possibility an ill-intentioned person could use our web form to send repeated messages to any email address of his choice. In our first version we were sending the opt-in message with a copy of all the fields compiled by the user, but then we decided to send a neutral message, to avoid the possibility for the form to be used as a spamming tool.
I think we need a flag somewhere to totally block the outgoing email to an email address. Maybe the opt-out flag is not the best choice, as I agree a user could decide to re-opt-in later. In that case the best option would be a direct contact with the customer service, as any other automated form is open to reiterate abuse itself.
We have some options to solve the issue internally, i.e. we could blacklist the email address on the mailserver, but I think it’d be better to handle this inside the SuiteCRM platform.