Fake LinkedIn Invitations

[nzkiwi]

We are seeing a large number of Fake LinkedIn Invitations recently. Unfortunately I just don't seem to be able to persuade many of my users that these invites are fake.

There's nothing common about the sending addresses, nor about the links embedded in the messages, However, they all have an identical footer section that starts with "This email was intended for Lindsay Nelson (Student at Pensacola State College)".

I'm wondering if you JH could add this string to SpamAssassin?

 

[Manoj Saini]

Please raise support ticket with the mailbox where you are receiving these emails. We will work on it and will do needful as soon as possible.

 

[nzkiwi]

I don't understand. I have to whitelist my medicine supplier and a government department because SpamAssassin identifies the content as too Spammy, yet it's not possible to filter out out the fake Linkedin messages. Why?

Ticket EKT-33735-550

Hello,
Yes, as per mail headers it appears to be a spam.But in H-sphere there is no feature to block spam content by adding a string to SpamAssassin.We recommend here to use email client based anti-spam tools, like SpamBayes, which is highly trainable, and can provide very
better performance than server-side antispam system, since it learns what kind of emails users don't like.

Am I to gather from this that Jodohost is not able to add any filters to SpamAssassin?

 

[SachinK]

SpamAssassin has its own filters rules and which are also updated. However, adding custom filter for a string like you've mentioned as "Invitation to connect on LinkedIn" or something else will also block the legit invitation mails for the other user's.
So you can restrict them by making strict your Antispam rules setting in the control panel and whitelist your known email user's in it.

Other then that you can put your domain behind a filter like spamhero or spambayes as recommended on ticket.
You can do that independent of anything here, and it is quite cheap as well. Also it offers a 30 days free trial.

http://www.spamhero.com/

 

[nzkiwi]

The string "Invitation to connect on LinkedIn" is not what I suggested. The only person who legitimately should have "This email was intended for Lindsay Nelson (Student at Pensacola State College)" is a student at Pensacola State College who goes by the name Lindsay Nelson. So unless Lindsay Nelson of Pensacola State College has a Linkedin account with a JH email address, no legitimate invites will be marked as Spam.

With regards to your other suggestions: The fake invites can have a Spam score as low as 0 so even at the most strict setting the fake invites will still get through the JH filters. And if you're in business, you can't rely on whitelists (as hopefully you're getting new customers as well as repeat business).

"Cheap" is relative. As a JH reseller I charge many of my clients about the same the SpamHero monthly fee, so it would mean doubling my hosting charges. I don't see that as a viable option. I guess I'll just have to double my efforts in the ongoing education of my clients

 

[SachinK]

Hello,

We've setup a custom rule for the fake INVITES of LinkedIn on the server which basically do test on the spf in the header and will mark the mails as spam or not. As legitimate mails form linkedIn must passed the spf but not the fake one's. So this should work here atleast in your case .

Please do reset the antispam setting as normal as it was before and monitor for such fake invites now whether they'll still come or not.

 

[nzkiwi]

Yes the fake invites are being identified with this rule:

8.0 FROM_LINKEDIN_NO_SPF FROM_LINKEDIN_NO_SPF

Thank you very much.

 

[SachinK]

I am glad it works.

Pleasure to help you.