Besides bounce tracking configuration (covered in yesterday’s email), there's another important step in configuring CiviCRM to ensure your outbound email makes it to your recipients' inboxes:

Using a reputable outbound email service.

Why does this matter?

By default, CiviCRM will try to send emails directly from your server.

That's better than nothing, but it won't be enough to get your email through to most of your recipients.

The problem is that inbox providers have become much stricter about who they trust.

These days, services like Gmail, Yahoo, Apple, and Microsoft expect email to come from systems that follow modern sending standards and maintain a reputation as legitimate senders.

That's where an email delivery service comes in.

Services like SendGrid, Mailgun, Postmark, Amazon SES, and others specialize in getting email delivered reliably.

Instead of sending email directly from your website, CiviCRM hands the message to the delivery service, which takes care of the rest.

For many organizations, the cost is minimal.
For lower volumes, it may even be free.

My usual recommendation is SendGrid paired with CiviCRM's AirMail extension, but there are other good options as well.

Whatever service you choose, don't stop at simply connecting it.

Take the time to follow the provider's setup instructions completely.

Especially the parts about domain authentication and bounce handling.

Because the difference between "email was sent" and "email was delivered" is often larger than people realize.

All the best,
A.

One of the most valuable email features in CiviCRM is also one of the most commonly overlooked: bounce tracking.

Every organization accumulates bad email addresses over time.

People change jobs.
Accounts get abandoned.
Domains disappear.

When you send email to those addresses, the messages bounce.

And if you keep sending to addresses that bounce repeatedly, inbox providers will start to think you're acting like a spammer.
And they'll start treating you like one, by bouncing your emails more frequently.

Fortunately, CiviCRM has tools to help.

It can track bounced emails and automatically de-list bad addresses so you don't continue sending to them.

The catch?
You have to configure it.

CiviCRM just doesn't have access to automatically set this up for you.

Here’s a quick test:

Create a CiviCRM scheduled mailing that includes an address you know will bounce.

If that address doesn't appear in the "Mail Bounces" report within a day or so, there's a good chance your bounce handling isn't configured correctly.

That's worth investigating.

Because sending email is only half the job.

Knowing which messages never arrived is just as important.

If you're having trouble with this, I recommend you take a look at the docs here, or reach out to someone who can help you with this.

All the best,
A.

Here’s a nice tool that will help you get ready for your next CiviCRM upgrade: CiviCRM Upgrade Message Previewer.

You might want to take a look at it before the next CiviCRM security update, which is scheduled for this week.

How does this make upgrades easier?

Upgrades in CiviCRM will sometimes present you with alert messages that need a little extra thought — and sometimes need a little extra action.

Normally, you won’t see these messages at all until you’re in the middle of an upgrade. That is, after you’ve already loaded the newest CiviCRM code files on your site.

Considering that some of these messages call for additional action on your part, it can help a lot to know what to expect ahead of time, so you can be ready.

How does it work?

Just tell it your current CiviCRM version, the version you’ll be upgrading to, and your CMS (Drupal, WordPress, etc.), and click the button.

You’ll get a full list of the pre-upgrade and post-upgrade messages you can expect to see in that upgrade, including helpful descriptions and links to additional documentation when it’s relevant.

Shouldn’t I see these messages when I upgrade my sandbox site?

Yes! If you’re making the extra effort to upgrade a sandbox copy of your live site first — as a test before actually upgrading you’re live site — that’s great! It’s the recommended practice.

And when you do that, you’ll see these same messages. Since the site is just a sandbox copy and not your actual live site, you’ll have time to react to those messages.

But for folks who still have a hard time building a sandbox copy of their site, that kind of prevew workflow is not an easy option. So a tool like this can really help.

All the best,
A.

Have you (or your staff) ever uploaded a spreadsheet from your CRM into Gemini for some quick insights?

Or pasted a long email thread into ChatGPT for a summary?

It's convenient.

Maybe a little too convenient.

Twenty years ago, it was hard to convince people that password security mattered.

"Use strong passwords."
"Use different passwords on different accounts.”
"Never send them by email."

For people who were just trying to get things done, the risks felt abstract.

By now, most of us have heard enough stories of hacked accounts, identity theft, and fraud to understand why those precautions matter.

I think we're in a similar place with AI.

The benefits are obvious.
The risks are harder to see.

But I don't think it will be 20 years -- maybe not even 5 -- before we start hearing real stories that make the risks clearer: major data disclosures, fraud, and other abuses derived from the information people are casually sharing with their AI tools.

Please be careful.

If you wouldn't post that info publicly on social media, think twice before sharing it with an AI vendor.

All the best,
A.

Everybody's excited about AI and the possibilities of represents for productivity and insights.

But guess who else is using it.

Criminals, spammers, and troublemakers, that’s who.

This article from NPR covers lots of detail without getting too technical, but my main take-aways for you are two:

1. This is one more reason to apply security updates for your software in a timely fashion. For example, CiviCRM has a security update coming out next week.

2. Password disclosures and other run-of-the-mill weaknesses are still far more common than AI-powered attacks. So use strong passwords and two-factor authentication, and disable unused accounts.

Here’s the thing:

As long as you've got something the bad guys want -- and you probably do -- security will continue to be an arms race.

Staying ahead of the game is worth the effort.

All the best,
A.

Getting new staff into your CRM usually comes with some real challenges in training:

• “There are a ton of features just out of the box; how can we orient them quickly on how it all fits together?”

• “We’ve got our own way of using this CRM; how can we train them in our unique standard procedures?”

For that second one, it may be obvious that documenting your own policies and procedures is a worthwhile endeavor, however tempting it may be to put it off.

After all, if there’s nobody else in the world who does this the way you do, then nobody else can help you train new staff on doing it your way.

But for that first one, you might want to check out CiviAcademy, an ongoing series of training videos published by the creators of CiviCRM.

They describe it as:

Bite-sized tutorials to help you maximize CiviCRM.

Easy to understand video tutorials that will take you from an absolute newbie to a CiviNinja in no time!

... high-level, fast-paced instruction designed for users of CiviCRM ... showcasing major features and common customizations.

It’s a growing library of genuinely well-presented short content.

Honestly, even if you’ve been using CiviCRM for years, I’m willing to be there’s something in there that will improve your understanding.

Finally, a special benefit for my existing clietns:

If you’re already a subscriber to any of my services, and you’d like to use CiviAcademy for your team, please email me about getting a 100% lifetime discount for this resource.

(Since Joinery is a CiviAcademy sponsor, I’m able to offer this to you, no strings attached. I really just think it’s a great resource and want to see more people making use of it.)

All the best,
Allen

If you're sending mass emails from CiviCRM, you really ought to be using a professional SMTP service to handle those outbound emails.

Until recently, I've recommended that my clients consider either SendGrid or SparkPost for this service.

But I can't recommend SparkPost anymore.

They're not evil or incompotent -- nothing like that.

The problem is just that SparkPost isn’t a good fit for any organization that maintains more than one mailing list.

Consider a scenario where your organization lets people sign up for a variety of email lists:

• Legislative Updates

• Monthly Newsletter

• Volunteer Opportunities

CiviCRM is built to allow each person to unsubscribe from any of those lists, while remaining subscribed to others.
That seems pretty reasonable.

Unfortunately, my clients and I have found that SparkPost is not so nuanced.

For each mass email message you send, CiviCRM insists that it offer an “unsubscribe” link of some kind.

But still, SparkPost adds an "unsubscribe" feature of its own.

Unfortunately, if one of your readers uses that feature to unsubscribe from, say "Legislative Updates," SparkPost will treat them as if they've unsubscribed from all possible lists, so they'll also stop receiving the Monthly Newsletter and the Volunteer Opportunities mailings too.

... even though they still appear to be subscribed in CiviCRM.

:-(

Now, I'm sure the intent here was good.

SparkPost surely is trying to prevent the delivery of unwanted emails.
That's an admirable goal.

Unfortunately, the way they're doing it is rather ham-fisted, a sledgehammer in place of a scalpel.

So ...

If you're using SparkPost, and you've been wondering why some people aren't getting your emails, this may be part of the reason.

There are ways to inspect your SparkPost account (under the "Suppression List") to find subscribers who may have been caught up in this.

But even then, there's no way to say for sure whether they really wanted to unsubscribe from everything, or just a single mailing list.

Now I'm down to recommending just one SMTP service: SendGrid.

If you're using another SMTP service (or "ESP", Email Sending Platform), and are having a good experience there, please let me know.

I'd love to hear about it.

Having more options is generally a good thing — as long as they’re good options.

All the best,
Allen

Let me ask you ...

Where do you go for information?
Your phone, news feed, social media?

And where do you go for knowledge?
Research, experimentation, measurement?

And where do you go for wisdom?
... well ... ?

Here's a thought:

We're generally drowning in information:
Reports.
Dashboards.
Metrics.
Benchmarks.
News.
Updates.
Events.
Opinions.
Facts.

With a little effort,
we can even distill that down for knowledge.

But for wisdom ... it's different.

Wisdom is knowing what matters.

It's understanding that every choice means giving up something else.
It's recognizing that we rarely get everything we want.
But that we can often get what matters most,
And be content with the trade-offs.

That perspective only comes over time,
through experiences, mistakes, reflection, and care.

You can't download it.
You can't subscribe to it.
You can't generate it on demand.

You have to earn it.

A little at a time.

All the best,
A.

CiviCRM has announced a security update to be released on the evening of June 17.

Security updates are important. You don’t want to let this slide.

If you’ll be handling this update yourself, now would be a good time to prepare:

• Review the official documentation on upgrades, including the specifics for your CMS (Drupal, WordPress, Backdrop, etc), and make sure you understand it.

• Ensure you understand how to perform a full site backup — and how to restore your site from a backup if needed.

• If this is your first time, block out a couple of hours for the actual upgrade.

• Consider upgrading twice — once now (or soonish), and once when the security update is released. Sounds crazy, maybe, but there are good reasons to take this approach.

If you’re a subscriber to Joinery’s Operational Assurance plan for ongoing support, and/or a Joinery hosting subscriber, we’ll be handling this upgrade for you, including full pre-upgrade backups and post-upgrade verification.

If you need help preparing for or conducting the upgrade, consider booking a coaching call so we can discuss your particular situation and ensure you have a good plan in place.

Whatever you do, don’t put this off.

• A security release is a great fix for issues you probably don’t even know you have.

• But just as importantly, it’s an announcement to the world that all un-upgraded sites have a specific set of security vulnerabilities. You don’t want to be one of those.

All the best,
Allen

Tech changes will demand organizational changes — like it or not.

But you don't have to do it all at once.

Often it's best to start by doing one thing very well -- get an early success -- to build early confidence, rather than insisting on wholesale change right out of the gate.

Case in point: I spoke recently with a CiviCRM site admin who wanted to start leveraging SearchKit for reporting, rather than just relying on the traditional (and more rigid) CiviReport framework.

But she knew it would make for a lot of questions for her team if she insisted on moving all their reports to SearchKit.

So took it a step at a time.
Picked one simple report.
Recreated it in SearchKit.
Told her team about it.
And even changed the criteria on the old report so it would always display zero rows (a kind of "this is not the data you're looking for" enforcement mechanism).

The result?

Her team have gotten used to the SearchKit interface,
and they're more open to using it in the future.
She's now in a position to start moving more reports to SearchKit,
and to start choosing SearchKit instead of CiviReports for new reporting needs.

Her staff are happy.
She's happy.

Because she moved slowly enough for her team to keep up, and focused on early success.

All the best,
A.

Ever get stuck trying to make “the perfect thing”?

The perfect membership outreach.
The perfect reporting interface.
The perfect sign-up form.

We've all been there.

After all, it's tempting.

But it just never seems to happen.

Here's the thing:

Even with all the funding and all the time you could want,
you'll never make "perfect" tools or systems.

That's because:

"Perfect" is a moving target, not a state of being.
You'll always find a way to make it better.

That's a good thing.

You can start with what you have today,
the best results you can deliver right now.
That gives you something to start with.

Then you can see ways to improve it,
based on what you learn as you go.
That lets you make smart investments where you know they're needed.

To put it another way:

"Starting from perfect" is equivalent to "never really starting."

Start from imperfect.

All the best,
A.

Open-source tools like CiviCRM, WordPress, and Drupal are free.

• Free as in "free speech": use them for the cause of your choosing.

• Free as in "free beer": use them with zero license fees.

• Free as in "free reign": modify or extend them however you wish.

They're also free as in "free kittens":
Incredibly likable from the start (not just because of the above freedoms).
And demanding of care, feeding, and attention.

One of the most common mistakes I see in organizations adopting new tools is a tendency to consider only the up front costs of acquisition.

For open source tools, that's a no brainer — they're free!

But don’t forget to account for the cost of ownership.
The effort of maintenance.
The investment of training.

If you've got a plan — and a budget — for that,
you'll be much happier in the long run.

All the best,
A.

It's frustrating to be separated from your favorit pickles or jams only by something as simple as a quarter-turn of a screw-top lid.

But when it's tough, you have escalating options:

1. Try harder. Get a firm grip, keep your hands close to your torso, and exhale while turning.

2. Ask someone stronger. If they're handy and you ask nicely, they'll probably be glad to try -- and if they succeed, they'll often feel even happier to have helped.

3. Try a tea towel. It softens the lid's ridges against your hand, allowing you to grip harder with less pain -- and it eliminates slippage from any incidental moisture.

4. Try a rubber band. If you have one that’s the right size, you’ll find it reduces slippage even more than the tea towel.

5. Use hot water. Heating the lid with hot tap water will expand the metal more than the glass, reducing the friction between lid and jar.

6. Get out the machines. An electric jar opener will take up space in your kitchen and cost you some cash, but it's likely to remove even the tightest of lids.

Getting your pickles out of that jar isn't so different from getting your data out of (or into) your CRM.

When it's easy, life is good.

But when it's tough, there's nothing more frustrating.
I mean, the goods are right there!
You can literally see them!
This should be easy!

Of course, you could spring for an expensive solution like hiring expert help.

But usually you'll benefit most by starting with what's easiest and then escalating only as needed.

Keep that in mind the next time you're in a pickle.

All the best,
A.

Is your organization hosting CiviCRM separately from your main site?

I've seen a few organizations do this, and it's a good idea in certain situations.

For a long time, the only way to do it was to spin up a separate Drupal or WordPress site that really did nothing else but contain CiviCRM.

But these days, it's worth considering CiviCRM Standalone.

It's just CiviCRM, so you don't have the burden of security updates and bug fixes for Drupal or WordPress.

But you do get all the necessary features for multiple user roles and permissions, switching users, and more.

If your separate CiviCRM site really is just CiviCRM, you might consider switching to Standalone.

It can be a whole lot simpler to manage.

All the best,
A.

P.S. If you're having trouble imagining what “just CiviCRM” would look like, head over to the official CiviCRM Standalone live demo site, where you can log in and give it a spin.

So here’s this thing I said yesterday about hiring staff members based on CRM experience:

Compared to someone who knows your tools,
it's much more valuable to hire someone who can
understand your mission,
think on their feet,
take ownership of their work,
and communicate well.

Now that I think of it, that’s not just true of staff hires.

It’s true for anybody you look to for paid help.

All the best,
A.

Your CRM is central to your operations.

So is your staff.

And maybe you're thinking about bringing on a new hire.

And maybe you thought that hiring someone with deep CiviCRM experience would mean quicker on-boarding with less training.

Indeed, there is a job board right on civicrm.org where you can create a job listing.

But it's almost always empty. (Look and see right now, if you want.)

What gives? Why aren't more organizations hiring specifically for CiviCRM?

A few reasons come to mind:

• A listing on that job board will be answered mostly by professional service providers, not potential employees.

• People who want to be employed for their CiviCRM skills usually get hired by service providers. It's the same with most skilled experts, from attorneys to plumbers; they typically work at specialty firms, not in-house at those firms' potential clients.

But perhaps most importantly:

• This kind of specialized skill is only a small part of what you're really hiring for.

To put it another way:

Compared to someone who knows your tools,
it's much more valuable to hire someone who can
understand your mission,
think on their feet,
take ownership of their work,
and communicate well.

Someone like that can be trained on any particular tool or system.

The main value is not in the technical skill.
It’s in the ability to produce results, reliably, in a dynamic environment.

As always:
Never let the tool distract you from the task.

All the best,
A.

When folks read your next announcement or newsletter or appeal, would you rather they …

• Think it sounds polished?
  OR:

• Get the message and act on it?

I’m after that second one.
You probably are too.

So …

What’s a great way to create content that sounds polished?
Have your AI write it.

It’s polished, professional, smooth …
and sounds like it was written by a machine (or worse, by a politician; or a marketer).

What’s a great way to create content that sounds real?

Write it yourself.
Use your own voice.
Write as if for one person.
Say the thing you want to say.

Now …

If you want to chat with your AI to flesh out an idea, go ahead.

But if you let it speak for you,
it’s probably going to sound just like
every other mass-market email you saw (and ignored) today.

All the best,
A.

What would it be like to explain, over a phone call, how to make tiramisu?

Even If you've made it dozens of times yourself...

How much time would it take?
What could go wrong?

What if … you'd never made it before, but you have a recipe in front of you?

What if … you've never made it, and you have no recipe, but you've tasted it many times, and thought carefully about making it?

What if … you've never tasted it, don't know what it's called, but have a great idea for it in your head?

In that case, you might have to go through a long process of trial and error describing your idea of tiramisu to someone, such that they could make it happen the way you see it.

Custom reports are a lot like that tiramisu.

The more you understand the ingredients, how they fit together, and the actual intended result, the easier it gets.

It's not that customer reports — or tiramisu — are particularly difficult.

It's just that it takes a good deal of careful thinking, and careful communication, to get the result you want.

All the best,
A.

Systems provide safety and convenience by enforcing a structure.

Take my small but rapidly growing North Texas town.

Somebody has to lay out the streets.
Somebody has to set limits on speed, traffic direction, stop lights, etc.
Somebody has to be the cop, and the zoning department, and the building inspector.

Any of those are sure to ruffle somebody's feathers at one time or another.

But most of us prefer some structure -- even with its expense and limitations -- over limitless flexibility for everyone at all times.

Your CRM, and your website, will present similar challenges.

A tighter structure requires more planning, maintenance, training, and enforcement.
And it will limit your flexibility.

A looser structure is easier in the short term and gives you more flexibility,
but requires a greater tolerance for surprises.

Somewhere in there is a sweet spot.

And it will always come with trade-offs.

All the best,
Allen

A friend in the office down the hall tells me he’s spent around $3,000 on paint samples in the past year.

His company builds condos and apartments.

He says $3,000 for paint samples is a lot better than $30,000 for the wrong paint.

Of course it is.

When you're trying out new ideas, it helps to have an operational budget that allows you to test them on a small scale.

The alternative is “doing everything live,” and “waiting to see if it fails.”

All the best,
A.