Email Backups instead of Online Backups

In my previous blog post, I proposed a new feature of DONATION that would allow you to backup your database to “the Internet” somehow. Fortunately, however, some of you readers informed me about significant problems with that plan, including conflicts between Canadian privacy laws and the US Patriot Act, that would prevent Canadian users from using this feature if the Internet storage service I was using was based in the USA or even if it was based elsewhere, but run by a subsidiary of a US company. There are also apparently other laws governing transferring of encrypted files across country boundaries that could be relevant and a problem for this plan.

So, I have given up on that plan as such.

Instead, what I’m working on is a facility to easily email database backups as an attachment, to whatever email address you specify, and of course to restore those attachments after you save them back to your hard drive. This actually provides some of the benefits that the Internet backup idea had, namely storage elsewhere (either in an email program on another computer, or on an email service such as Hotmail or Gmail), and database transfer between computers. (It won’t help if one of the computers you need to transfer the database to or from isn’t connected to the Internet, but neither would the Internet backups idea have helped with that.)

I would plan to compress the database backup before sending it as an attachment, to speed up your email sending and receiving and reduce store requirements. One question I have, because it seems difficult to find an affordable and reliable single program that both compresses and encrypts files (with strong enoung encryption to be worthwhile) is whether you would feel that it is necessary to encrypt your database backups before sending them by email. Please let me know with comments to this posting.

As a prior requirement for this feature, I will be adding a feature to DONATION to allow you to specify how you send emails via your Internet Service Provider (your SMTP setup, for those who know what this means), so that DONATION can send the emails directly. (Currently, when it sends emails, for instance to request a license key, it uses a trick to send it via the Software4Nonprofits.com web site. That would not be acceptable for multi-megabyte emails – too much traffic for me, and too slow for you!)

I’m going to make this email sending setup as simple as possible, by having the program try to figure out which email client program you use (for instance, Microsoft Outlook, Outlook Express or Windows Live Mail, or Mozilla Thunderbird) and read the settings from that program. If you don’t use an email client program, for instance if you only use webmail, I will prompt for your email address, and try to fill in the correct SMTP settings based on research I have done on the SMTP settings required by the major webmail providers like Hotmail, gMail and Yahoo.

This email sending setup will then give me a great start on adding the other emailing features I have been wanting to add to the program, namely individual or mass emailing of receipts and letters. I don’t expect those further features to be in the next release (though I might include a simple feature for emailing just one receipt at a time), but the building blocks will at least be there.

I welcome your comments about any aspect of this post!

13 thoughts on “Email Backups instead of Online Backups

  1. One point I should have added is that if I did add encryption to your backup before emailing it, it would be with a password that you supply, and there would be absolutely no way for me to help you with that if you forgot the password. So, that’s one disadvantage of supporting encryption.

  2. Dan,

    I am already doing this manually. Each month, I compress the folder where I keep my DONATION backups using 7-Zip (free.. does a good job).. I email it to a Gmail and Yahoo account created for the sole purpose of holding these backups… I also use this technique to with some payroll and accouunting data.. Works really well. Our Auditor can go to the Gmail acct and get whatever data she needs.

    Why do I email to two accounts? Just for safety.. If either of the services is ever down, I can access the other.. plus.. it is no more difficult or time consuming to mail to two vs one.. and both are free.

    Bottom line.. I would welcome the ability to do this within the program, but it is pretty easy to do it manually..

    If you decide to do it, I’d like two things.. 1. ability to send to multiple email accounts and 2. be sure the emails sent have some unique identifier that includes the date, so that they can be easily identified by looking at the email account’s inbox listing.

    David

    • Thanks, David. As to including the date in the email (I presume you mean in the Subject line?), emails are dated in your inbox. How would adding the date a 2nd time to the Subject line help anything?

      Thanks.

  3. I presume that people realize that sending the email to a Yahoo or Gmail account which is hosted in the US is also violating the Canadian Privacy laws !! It must be an email provider whose servers are in Canada to not be in violation of the act.

    • Yes, that occurred to me as well, but I’m happy to leave that to my users’ discretion, with a warning about the issue in the Help. I think probably most people have a regular (non-webmail) email address too, which they can use instead, for this purpose.

  4. The DONATION database backup doesn’t turn me on greatly, but I can see the value of it for some people, so don’t let me discourage you.

    The mass mailing of letters or receipts sounds interesting, but I wonder if mailing receipts presents a problem when it comes to the signature on the receipt. To have a preprinted signature (through the computer) I believe you need approval from Canada Revenue Agency, but it is not impossible.

    My other concern is that some of the people to whom you email the receipt will have printers rated from good to bad, and will CRA approve them if the printed copy is poor? Also the people will be able to print off the receipt as many times as they like, which means we no longer have control of reissued receipts due to loss or destroyed receipts. Presently I have to keep a record of all reissued receipts.
    Robert

    • The CRA has a page about computer-generated receipts, including issues about both signatures and emailing them, at http://www.cra-arc.gc.ca/tx/chrts/prtng/rcpts/cmptr-eng.html.

      While there are some issues, mostly they are taken care of by the software, and the Help in the next version will explain the outstanding ones.

      Approval is definitely not needed to use what I call a bitmap signature and the CRA calls a facsimile signature. The program already allows for this, on printed receipts, in any case.

      And I am not aware that there is any requirement to track reissued receipts, with the same number. Since the CRA does allow emailing of receipts, and obviously such receipts can be printed multiple times by the recipients, it seems this is not a concern for them.

      But definitely thank you for raising these concerns!

  5. Dan,

    I am already attaching a backup file for offsite backup (to a Canadian ISP of course!). I do not do any compression as the file is only 2.5mg. Also, sending PDF receipts on request usually to accountants handling donors’ tax returns.
    It is a bit tedious but not difficult to do manually, so a built-in facility would be welcome.

    John.

  6. Dan,

    If I were you I wouldn’t waste my time with this email scheme. First off, email is not a very secure medium. We often read about email compromises, etc. If you want an off-site backup, what’s wrong with the following manual and relatively easy methods:
    1. burn a CD/DVD or copy to a USB stick and take it home
    2. transfer over the internet to another computer you control and have remote access to (I do this daily)

    I can see the usefulness to some organizations of mass emailing receipts. The receipts would have to be in .pdf format so that they are reproduced consistently by different printers and so they cannot be tampered with by the average person. Note, however, that anyone with the “full” version of Adobe can tamper with them. For our ministry, this method is not practical as we do not have email addresses for most donors and some donors just don’t have email. I’ll continue to stick to mail merges and “snail mail”.

    Klaus Schmidsrauter

    • Thanks, Klaus. I’m sure not everyone will want to email their backups, but some will. Would you feel better about it if the file were encrypted, with a password you provide? (Nobody has answered that question yet.)

      The receipts would indeed be in PDF, and starting in the next version, I am going to put a modification password on them, so that even with Adobe Acrobat you will not be able to modify them without knowing that password, which I will not give out.

      When I do add a mass-emailing feature for receipts, it will certainly have to address the issue of some people having email addresses and some not. My current thought is that you will be able to display them all, and tell it to email those it can, and print the rest. Alternatively you might be able to selectively display receipts only for people with email addresses (that you will then mass email) and or only for those those without email addresses (which you will print and mail).

  7. Dan,

    If it is a choice between compression or encryption I would choose encryption as I have an ADSL link. Encryption is a good idea especially if you are using the mail server as offline backup rather than just mailing the backup to another computer as I am currently doing.

    John

Comments are closed.