Email notify users when they are marked suspicious

[chadwhitacre]

Send an email notification when possible to users when we mark them suspicious.

---

Original

This might be controversial.

I want to have a page at /about/fraud/untrusted/ which simply lists all participants with is_suspicious is true. As our fraud system evolves (#556), so will this listing. The principle is that untrusted users are announced as such so that false positives have a chance to discover this and attempt to redeem themselves. We can't be like PayPal, an infuriatingly opaque black box if you're a false positive.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

[sigmavirus24]

Perhaps, we also notify the user (if possible) and put a note on their
profile?

[mattbk]

Perhaps, we also notify the user (if possible)

+1 to this. Recently interacted with a user at FD who couldn't log in and wasn't notified why--nothing happened when the user tried to log in. Took me a while to think of checking is_suspicious. Showing a message would help.

[mattbk]

Perhaps, we also notify the user (if possible) and put a note on their
profile?

If you view the profile when not logged in, it has a pink overlay at the top and the word "Suspicious" below the avatar. That doesn't tell people what to do, however. And since they can't log in, showing them a notification doesn't help. I vote for sending an email when we mark someone suspicious.

[chadwhitacre]

Recently interacted with a user at FD who couldn't log in and wasn't notified why--nothing happened when the user tried to log in.

For the record, the user turned out to be a true positive. ;-)

[chadwhitacre]

Perhaps, we also notify the user (if possible) and put a note on their profile?

As discussed at #4188 (comment), I like this solution better than the listing of suspicious accounts, because a) it's much less work for those affected to discover that they're affected, and b) it's more respectful of user privacy. A public listing would only seem to make sense if we're trying to warn others about these users or something like that, but that doesn't seem necessary since suspicious users can't do anything on the site (so there's nothing to watch out for).

[mattbk]

I'm fine with that, but I think there should be a message (not just a note on the profile) when someone tries to log in and are denied because they're suspicious. My first inkling in such a case would be that the login form is broken, not that I should go look at my own profile page to see what's up.

[chadwhitacre]

I'm fine with that, but I think there should be a message (not just a note on the profile) when someone tries to log in and are denied because they're suspicious.

Okay. I've rescoped this to be about email notification, and reticketed the login prompt as #4199.

[mattbk]

Is there an example I can look at for how to send an email?

I see that the templates are in https://github.com/gratipay/gratipay.com/tree/4b5b0b3e287424a3e5b4179d49eddac44064f7e4/emails.

Notes:

• tests https://github.com/gratipay/gratipay.com/blob/fdc132287f2c28486b2b68bad28d11b516ad1e97/tests/py/test_email.py
• sending

  gratipay.com/www/%team/set-status.json.spt

  Line 39 in b7449e3

  if status in ('rejected', 'approved'):

• should be tripped when is_suspicious is set, probably in https://github.com/gratipay/gratipay.com/blob/7a9cc3cd93dbebfb8cd949cdae2e3221c544a461/www/~/%25username/toggle-is-suspicious.json.spt ?

[chadwhitacre]

Search for app.email_queue.put.