Presenting three new SASSIE core updates
We are pleased to release these SASSIE updates. These features are completed and will be going live in the next week or so. Details on the upgrades and how to configure them are below.
1: RuleZ Permission change – “All Client access” no longer needed
2: Removal of Shopper geocode “Pin move” feature
3: Update FROM address for Client Shop View triggers
RuleZ Permission Change
Once live, you will be able to limit your Admins to just specific clients and still be able to give them RuleZ access.
One of the primary tenants of online security is the concept of “least privileged access” meaning any user of an online system should only be granted as much access as they need to complete their work and nothing more.
Previously, in order to activate the RuleZ permission for a given Admin, they had to be granted “All Client Access” even if they were only working on one client.
After this is released you will be able to tighten up existing access (highly recommended) and limit future access when setting up new admins. We strongly recommend that, at that time, you review your current list of Admins and update their access to just the clients they need. If they already have RuleZ access they will retain it for the clients you give them access to.
To add the RuleZ permission to any existing Form Certified admin managers, please open a tracker notice.
Removing Shopper Geocode “Pin Move” feature
As many of you may be aware, on the Shopper profile the shopper has the ability to “fix” their geocode information by moving a pin on a map to match their home address. This was designed to assist in those rare occasions when the geocode service incorrectly geocoded their address and caused them to receive shop offers that were out of their area.
Unfortunately we believe this feature has been used more for potentially fraudulent purposes than corrective so we have opted to remove this feature moving forward.
Please note that the ability for the Shopper to verify their home address still exists, it just requires the use of our GPS Verifier app to update the geocode information if the map is incorrect. The app is freely available in both the Google Play Store and the Apple IOS App Store.
Update FROM address for Client Shop View triggers
Historically, client shop view email triggers from the Admin Review page would use the FROM address of the logged in manager reviewing the shop. The Admin Review page also provided the ability to type over that address and put in something else.
Unfortunately this has lead to deliverability issues as spam filters are increasingly looking for “spoofed” addresses and/or requiring DMARC/DKIM/SPF verification. If a reviewer is using their personal Gmail address for instance, we have no way to set the necessary DMARC/DKIM/SPF configurations. We can only do that with domains that we (or you) control.
Moving forward the FROM address is going to be created by the system to ensure that these settings are in place.
If you do not have a custom domain and just login with sassieshop.com, the FROM address will be no-reply@sassieshop.com and the REPLY-TO address will be your logged in manager email address or whatever email address you typed into that field. This will allow for the recipient to reply to an appropriate person while ensuring that the FROM address domain matches the domain of the URL in the enclosed link and is properly configured for DMARC/DKIM/SPF.
If you login via a custom domain, the new FROM address will be formatted as no-reply@your_custom_domain.com (whatever that happens to be). If you already have a customization that does this or something else with the FROM address, it will continue to work as it does currently. For custom domains you must configure your own DNS settings for DKIM/DMARC/SPF.
