Email Security

Security-Verification of Messaging

We take the Green Button brand and name seriously—and your security is of paramount importance to us.

We use the following combination of email-verification techniques:

All “greenbuttonalliance.org” email messages are…

  1. Authenticated (message signed) with
    DomainKeys Identified Mail
    (about DKIM),
  2. Authorized (servers able to be validated) with
    Sender Policy Framework
    (about SPF), and
  3. SPAM-protected (pass/fail coordination between DKIM & SPF) with
    Domain-based Message Authentication, Reporting & Conformance
    (about DMARC).

If your email client can verify “greenbuttonalliance.org” with DMARC, you can be assured that the email message is from us.

   

Authorized Service Providers

We send our Newsletters through Roving’s Constant Contact emailing services: 

  • sent-by: scheduler.constantcontact.com
  • mailed-by: in.constantcontact.com
  • signed-by: greenbuttonalliance.org

Until 23 April 2023, we sent our Member correspondence through Personify’s MemberClicks emailing services, through Intuit QuickBooks, from our own Google-hosted servers, and through the following: 

  • sent-by: memberclicks-mail.net (gba.memberclicks.net)
  • mailed-by: em3618.greenbuttonalliance.org
  • signed-by: greenbuttonalliance.org

Since 24 April 2023, we send our Member correspondence through Novi AMS, through Roving’s Constant Contact emailing services, through Intuit QuickBooks, from our own Google-hosted servers, and through the following:

  • sent-by: outbound-mail.sendgrid.net
  • mailed-by: em2092.greenbuttonalliance.org
  • signed-by: greenbuttonalliance.org

   

Links in Invoice Emails

Invoices may include links to https://email.noviams.net/… or to http://links.notification.intuit.com/… but if you are unsure about an invoice, please login to your account at https://www.greenbuttonalliance.org/login  (or using Login at the top of this page).  If you are already logged in, please click or tap your name at the top of this page.

   

Password Resets

Accounts can request password resets online.  Email will be sent to the account-holder's e-mail address from GBA Mail <mail@greenbuttonalliance.org> and be fully signed by greenbuttonalliance.org for security.

All password resets will be links to https://email.noviams.net/… — Novi AMS, our member-management platform provider.  Do not click or tap any links in a password-reset e-mail message that might take you elsewhere.

   

Two-Factor Authentication

Accounts can use Two-Factor Authentication (2FA) through an Authenticator application (Google, Microsoft, etc.) and/or Text Messaging (Short Message Service, SMS) verification.

For 2FA using Text Messaging (SMS), you will receive a message from +1-970-696-8843 with your six-digit login code.  You will never be asked to click/tap any links or to provide any information in return.

    

No email messages are presently sent from GreenButtonData.org or any other Green Button -related domains other than GreenButtonAlliance.org.

In the near future, email (fully signed) may be sent from GreenButtonConnect.org and that will be noted here at the time that messages from that domain are valid.

“Short links” (not email) may have the domain of the-gba.org or green-button.org and will always be encrypted.  No email is ever sent from those two domains.  Here’s a valid short-link example: https://the-gba.org/contact