I’ve had several users report receiving PM SPAM from LinkedIn.
These come in the form of emails sent to the special reply email addresses which are used by Discourse when notifications are sent out to users.
E.g. replies+nnnnnnnnnnnnnnnnn@reply.example.com
Somehow these email addresses are imported into LinkedIn (perhaps by contacts sync) and then used to invite you to LinkedIn.
The first line of the email is usually something similar to (but with a different name):
John Smith would like to connect on LinkedIn. How would you like to respond?
Or
I’d like to add you to my professional network on LinkedIn
In order to get ahead of these as I can see quite a number of my users have has messages in this form…
I’ve added a “filter” to the GMail account I use to handle mail for Discourse and set it to “Archive” / “Skip inbox” “Delete it” for those emails.
This is due to LinkedIn stealing your address book and spamming every email address that you’ve communicated with. Not necessarily a bug in Discourse, but I think this may be worth handing in Discourse.
We recently noticed LinkedIn attempting to use your account to post messages on this Discourse forum. This can happen if you grant it access to your address book. Please refrain from doing so in the future.
I really think this is beyond a lot of users, they just press buttons when asked to…
… by very carefully designed user prompts and on-boarding processes in products like LinkedIn.
Educating a user about someone else’s product is not Discourse’s job.
Sadly it’s probably just a matter of filtering emails.
I just realized that this could be helped by putting expiration dates in topic emails and also closIng topics. Anyway it is a fairly rare occurrence so maybe no action is needed.
Yes, I recommend you set the reply email account to automatically delete any incoming “reply” mails containing a FROM address that includes linkedin.com.
FYI I just got another linkedin.com spam invitation, this time from someone in another language locale besides english… It got through to my discourse because the filter I created was explicit and the portuguese linkedin email uses a different email address. Now I’ve changed it so any matches to from:(@linkedin.com) will get deleted.
heh. at this rate, I’m almost thinking it’s worth muting any linkedin staff who might decide to join my community to be able to block these crazy messages.
it’s bad enough that linkedin encourages this spamming of everyone in your addressbook… but then to do it from different email addresses in different locales. Jiminy cricket.