If your email service supports Sieve scripts (for example, Fastmail or Proton Mail), you can use this filter [1] that I made. It's very aggressive and will block all emails that originate from Zendesk, so you'll need to disable it whenever you're actually expecting mail from Zendesk.
They're being used to hit addresses of mine exposed to Discord and GitHub. Catch-all had the names of two people in the news, oddly, as well. Hint: 1,000 bottle delivery to an island.
dandigangi
They've been getting hammered by bad actors. Work in the email industry and its been bad for them. Hopefully they figure it out. Yesterday I got two phishing scams that were from a BS gmail saying they were in hiring at Unilever and Nestle.
semiquaver
Zendesk’s mailserver reputation has got to be extremely poor by now. I think they will have trouble with deliverability after this is over. Got about 50 of these today and nearly all of them were categorized as spam before they made it to the inbox despite being nominally “legit”
show comments
dewey
Glad I'm not the only one. It seems to use {popular website without tld}@example.com as a pattern, so I'm getting a lot via my catch all address even if I haven't used the specific inbox yet.
spike_protein
I've got four emails, and I've no idea what’s going on. (I have a public email address on GitHub)
show comments
danpalmer
For a company utterly dependent on email, Zendesk came across to me as very naive about email sending.
I did a Zendesk integration shortly after working on a general overhaul of our email at a previous company. The overhaul involved separating out our different types (transactional, marketing, support, etc), and then implementing best practices on deliverability for each of them. Not your day-one email setup, but we were still a small company.
The comparison to Zendesk's approach was astounding. Assuming you don't want to use a Zendesk address (we didn't, customers thought it was dodgy), the email setup they let you do was bad, and their support folks had no idea about any of the details. DKIM, SPF, etc, was all alien to them. Ironically they had pretty bad support in general.
show comments
Gualdrapo
Thank you for letting us know, got a bunch of those in the last two hours, like one each five minutes, but it seems they've stopped (at least for now).
rootxy
Same here, I removed my email address from Github and all other public pages
axka
I'm getting emails titled "Activate account for ...", and addressed to random names of web services at my domain (e.g. reddit@example.org). Also Twitch-related names like pog, kekw and xqc.
Also super annoying are crypto scams sent from an Italian ISP's (tiscali.it, shame on you) email service, even though I tried to contact the ISP, but that's unrelated to this.
show comments
noname120
Yeah same here, specifically on my (public) GitHub email address
timvisee
I've also received about 40 messages, on mail adresses I've never used before.
Wingy
I got 201 activation emails in 98 minutes.
akpa1
I've been getting some of these these to my wildcard domain - I've had sign-up messages sent to diddy@<domain> and epstein@<domain>, which is... odd. And no, I can't say I've ever used those addresses.
show comments
bitwize125
sounds like a sign up bomb for github addresses, these are typically used to hide new login notifications by threat actors
_Chief
Received 15+ in 10mins on a public email (dropbox, soundcloud, gitlab, tidelift etc). Then just started hitting handles on the domain ( diddy@, epstein@ ). Just placing an aggressive block for "Activate account" and "zendesk" in content for now
graton
Same. I've gotten over 30 I think.
petetnt
Started getting these too just now
LoganDark
Huh. I thought this was targeted to me in particular, because it started coming up with new aliases at my Firefox Relay subdomain, and then only once I started blocking them it started using plus-addressing on my gmail. Annoying.
dang
I got about 50 of these this morning and thought it was a disgruntled HN user.
adityashankar
I just got 50 emails lol, this really sucks, phew glad i am not alone
If your email service supports Sieve scripts (for example, Fastmail or Proton Mail), you can use this filter [1] that I made. It's very aggressive and will block all emails that originate from Zendesk, so you'll need to disable it whenever you're actually expecting mail from Zendesk.
[1]: https://gist.github.com/hampuskraft/780c8fbcc4042689153533ef...
They're being used to hit addresses of mine exposed to Discord and GitHub. Catch-all had the names of two people in the news, oddly, as well. Hint: 1,000 bottle delivery to an island.
They've been getting hammered by bad actors. Work in the email industry and its been bad for them. Hopefully they figure it out. Yesterday I got two phishing scams that were from a BS gmail saying they were in hiring at Unilever and Nestle.
Zendesk’s mailserver reputation has got to be extremely poor by now. I think they will have trouble with deliverability after this is over. Got about 50 of these today and nearly all of them were categorized as spam before they made it to the inbox despite being nominally “legit”
Glad I'm not the only one. It seems to use {popular website without tld}@example.com as a pattern, so I'm getting a lot via my catch all address even if I haven't used the specific inbox yet.
I've got four emails, and I've no idea what’s going on. (I have a public email address on GitHub)
For a company utterly dependent on email, Zendesk came across to me as very naive about email sending.
I did a Zendesk integration shortly after working on a general overhaul of our email at a previous company. The overhaul involved separating out our different types (transactional, marketing, support, etc), and then implementing best practices on deliverability for each of them. Not your day-one email setup, but we were still a small company.
The comparison to Zendesk's approach was astounding. Assuming you don't want to use a Zendesk address (we didn't, customers thought it was dodgy), the email setup they let you do was bad, and their support folks had no idea about any of the details. DKIM, SPF, etc, was all alien to them. Ironically they had pretty bad support in general.
Thank you for letting us know, got a bunch of those in the last two hours, like one each five minutes, but it seems they've stopped (at least for now).
Same here, I removed my email address from Github and all other public pages
I'm getting emails titled "Activate account for ...", and addressed to random names of web services at my domain (e.g. reddit@example.org). Also Twitch-related names like pog, kekw and xqc.
Also super annoying are crypto scams sent from an Italian ISP's (tiscali.it, shame on you) email service, even though I tried to contact the ISP, but that's unrelated to this.
Yeah same here, specifically on my (public) GitHub email address
I've also received about 40 messages, on mail adresses I've never used before.
I got 201 activation emails in 98 minutes.
I've been getting some of these these to my wildcard domain - I've had sign-up messages sent to diddy@<domain> and epstein@<domain>, which is... odd. And no, I can't say I've ever used those addresses.
sounds like a sign up bomb for github addresses, these are typically used to hide new login notifications by threat actors
Received 15+ in 10mins on a public email (dropbox, soundcloud, gitlab, tidelift etc). Then just started hitting handles on the domain ( diddy@, epstein@ ). Just placing an aggressive block for "Activate account" and "zendesk" in content for now
Same. I've gotten over 30 I think.
Started getting these too just now
Huh. I thought this was targeted to me in particular, because it started coming up with new aliases at my Firefox Relay subdomain, and then only once I started blocking them it started using plus-addressing on my gmail. Annoying.
I got about 50 of these this morning and thought it was a disgruntled HN user.
I just got 50 emails lol, this really sucks, phew glad i am not alone