Cameo co-operates with a number of external services for things like sending and receiving email, taking payments and offering publically-accessible forms. This article explains what is needed to set these up.
Contents
Domains for Cameo
Cameo requires a number of domains to operate, which will typically be subdomains of the main domain of your website. So if that is mysite.org, you might set up something like:
cameo.mysite.org, where the Cameo installation is located,forms.mysite.org, where forms from Cameo are fetched from for embedding in your main site, andcheckin.mysite.org(optionally) for the event ticket check-in app.signup.mysite.org(optionally) for the contacts collection signup app.
Typically these will all be set up as so-called CNAMEs, in your domain provider’s control panel, referencing mysite.cameo-membership.uk. , replacing mysite with whatever your real organisation name is, of course (note the final dot is included).
If you prefer, you could use a different style for the last three, for example:
forms.cameo.mysite.org,checkin.cameo.mysite.organdsignup.cameo.mysite.orgcameo-forms.mysite.org,cameo-checkin.mysite.organdcameo-signup.mysite.org
In addition you may need a sub-domain such as bounces.mysite.org to manage any emails bounced by recipient mail servers: see below.
Web proxy
For technical reasons, many Cameo installations are provided in cloud servers behind a web proxy. This means the Cameo domain name routes traffic to a special server called a reverse proxy which then forwards it to the real Cameo server. You don’t need to worry how this works, but to set it up we need to authorise your domain to do this with Cameo’s server provider. This needs a little co-ordination, so we’ll discuss this with you when it is needed.
Hosting forms
When you create a form in Cameo, it will provide instructions for embedding this in your main website. To make this possible your website needs to be using TLS (the encryption technology that is the basis for HTTPS, pages shown with a padlock in the browser address bar). This is a de-facto requirement these days, as sites not using HTTPS shout warnings at their visitors in modern browsers. If your web hosting provider isn’t able to offer you TLS certificates free from LetsEncrypt, you really should move to one who can.
Cameo, its forms server and check.in app are all HTTPS from the outset. They cannot communicate with non-HTTPS sites. HTTPS is required to protect personal information and payment details entered into Cameo’s forms.
At the time of writing, most browsers are now insisting your web server uses TLS version 1.2 or later, or they won’t connect to them. Older web servers may only have TLS 1.0 or TLS 1.1 available. Hopefully, your provider will deal with all this for you.
It is a wise precaution to limit where your forms can be embedded. Do this in forms → form configuration.
If your website is behind a reverse proxy, you’ll need to provide the final server IP address (or domain), not the website’s domain (which identifies the proxy server).
Sending email
One of Cameo’s main functions is sending email to people in the database. To do this it has to connect to a service that can transmit email, known as a mail transfer agent (MTA). While an installation of Cameo on its main server can send email freely, an installation elsewhere (for example, domestically) may require access to a third-party MTA to avoid provider’s and recipients’ restrictions on bulk email sources. Domestic SMTP providers (like GMail and Fastmail) are wholly unsuitable and using them for bulk email infringes their terms and conditions. Cameo supports most bulk email providers through SMTP.
Either way, modern security standards are desirable for your email. Perhaps more important is that adding these adds to the recipients’ view of your trustworthiness, and is therefore less likely to reject your bulk mail as spam.
- SPF (which is a method for the recipient to know that the email has come from a server nominated by the sender’s domain, and not a forgery from elsewhere), and
- DKIM (which digitally signs the email so the recipient can tell it hasn’t been tampered with en route).
You can send email as someone@mysite.org (following the example above), or use a separate domain for this, as in for example someone@mail.mysite.org. Whether you can do that depends on whether you can identify all the places where mail is already being sent from mysite.org addresses, so you can include this in the SPF information as a legitimate sender. With a subdomain set up for the purpose, you’ll also have to set up incoming mail.
Cameo provides you with entries which you need to add to your domain provider’s DNS control panel as TXT records. If you are already sending email from the domain elsewhere (Google Workspace, for example), you will also need to adapt the SPF entry to include the other servers as well.
Email bounces
Cameo sends any bounce messages from recipient mail servers via Cameo’s incoming email to communications → sent email.
More information is given under Technical requirements in this post about email bounces.
Email opt-out
If you are planning to send out mailshots, one of the first things you’ll need to do is set up a page on your main website to allow opt-outs. It is a legal requirement under GDPR that all mailshots have an opt-out link or similar in the email.
To do this:
- decide where the page will be on your website
- add the URL of that page to Organisation Details section in Cameo, with
_H_where a unique identifier will be automatically substituted when mail is sent. For example:https://www.mysite.org/optout/?msg=_H_ - Create the opt-out form in the Manage Forms section of the Forms menu.
- Use the instructions underneath your new form to embed it in the page you chose.
- Use the substitution
{show: optout link}in your email footer. This will be replaced by the mail merge in each message with a link to the URL you provided with a unique identifier in place of the_H_.
Because the form only works with a personalised link, and that comes from an email, you need to have at least prepared one email to someone on a public list before you can configure the form. You don’t actually have to send the email, but you will need to have a public list to opt-out from and a template with that list as its audience before the form will work.
Incoming email
Cameo receives incoming email for various purposes (for example to attach to a membership record, or put a file in the file store). See help for Incoming Email on the Profile menu for how to do this.
Political boundaries
Cameo’s facilities for political representation and lobbying rely on MapIt to determine which government areas (council wards and divisions and parliamentary constituencies) members addresses are within. If you propose to use this aspect of Cameo, you’ll need a MapIt account. These are free for (fairly broadly-defined) charitable organisations; otherwise there is a somewhat costly monthly fee.
Once you have an account, you’ll need to obtain an API Key from the MapIt control panel and pass this to the Cameo administrator.
Locating memberships on a map does not depend on MapIt (that uses a combination of Ordnance Survey’s CodePoint data and OpenStreetMap’s Nominatim search engine).
Including political representatives for those areas – to support lobbing, for example – requires connectors for those areas to be available. There is no reliable source of elected representatives in a common machine-readable format, so this relies on interpreting the information in a myriad of formats on councils’ websites. Fortunately many use a product called ModernGov to manage these, so formats tend to be quite similar, but not identical, from council to council.
Taking payments
Cameo supports the following payment methods in forms that take payment (join, membership renewal, general payment, event booking):
- manual methods: cash, cheque, standing order and bank transfer. These simply tell the payee how to make their payment.
- card payments: Stripe (fees: 1.4%+20p per transaction) and PayPal (fees: 3.4%+30p per transaction)
- ApplePay and GooglePay, via Stripe, but requiring an extra set-up step in the Stripe dashboard
- direct debits: GoCardless (fees: 1% of transactions)
- voucher payments (similar to phone top-ups)
Stripe, PayPal and GoCardless are easy to sign up for and do not charge fees for simply having an account. PayPal, however, will require increasingly onerous documentation from you are your income goes above certain thresholds, sometimes omits the card-only payment option in their forms, and is much more expensive.
Each third-party payment provider you want to support needs to be added to Cameo by an entry in the organisation settings → payment methods page. In particular, you will need to add credentials identifying your account to each of these before you can use them to take payments. The help for Payment Methods lists what these are and where to get them.
Bank Accounts
Usually, you also want to set up a bank account in Cameo for each provider in organisation settings → bank accounts. Stripe, PayPal and GoCardless can have automatic feeds to keep records in Cameo up-to-date for reconciliation against memberships.
This also requires credentials, which may or may not be the same as those for taking payments, depending on the provider (for example, you can make read-only credentials for GoCardless for the bank account that wouldn’t be suitable for taking payments). The help for Bank Accounts explains how to obtain these.
Importing existing members
You will almost certainly have existing membership records that you need to import. This is done in the Import Memberships section in the New menu.
Cameo can accept a number of formats for this based on Excel XLSX (including Google sheets: recommended), CSV or JSON files. Note that CSV files must use UTF-8 encoding. That is not the default for Microsoft Excel or LibreOffice when you save a CSV, but it is for Google Sheets.
See importing memberships from spreadsheets tutorial for more details on how to do this..
Backups
Live sites will generally have backup turned on automatically, sending backups to Cameo’s backup server. This is controlled from admin → backups. You can add additional destinations there, so that you can keep a copy of the backups yourself. There are numerous supported services for doing this.
Other initial setup
Basically, go through Organisation Settings entering information for each of the categories. These include
- basic information about your organisation, so that substitutions for these work in templates
- membership and contact types; for members you’ll include the fees for each type
- delivery round areas if you have a distribution network for printed material. If not a single ‘MAIL’ entry will be sufficient
Visit admin → custom fields for any additional information you keep for each membership that isn’t available out of the box
Sign up for updates
Get email about new articles published in this blog by signing up in the sidebar at the top right of this page. We will send you email for new features and other information about Cameo as it evolves.