Hi @seaneffel, I'm closing this issue since it has been some time since activity. This issue acts as a record if any more reports come in about possible spam from this user. If you have the email header, please add it here and re-open this issue. Thanks.
Received 4 different emails allegedly from this person on 3 different email addresses, all claiming he had "noticed" I was running 6.34 on a website and that I had missed security updates (not true as far as I can tell since 6.34 is the latest release). Looks like it has at least one fake received header, and the title line is deceptive: "[Drupal.org] ******.com is using Drupal 6.34 which has security vulnerabilities"
These emails were sent by our team via direct emails & NOT drupal.org contact form. We send few emails directly sometimes to people running older, vulnerable Drupal 6.x website and tell them about the upgrade to latest 6.x (6.34+) to avoid security issues.
None of these emails were sent by Drupal.org contact form. I guess the confusion is because of the subject line. I will get this changed at the earliest.
@sudeepg - Did these people you're emailing OPT-IN to your mailing list? Or did you just collect their emails over the years and added them to your list?
Unless they want the emails, what you're doing is inappropriate, even though it may not violate Drupal.org's rules,
@silverwing: I kind of agree with you. We are sending very few emails to selected few drupal sites that believe would benefit from the upgrade. So it is kind of a personal touch email that we use to as an invitation to build relation with them. I will still talk to my internal team and see what we can do here.
@sudeepg: I've now received two unsolicited spams from you, as has at least one other person associated with our site.
Not only are these emails unsolicited and unwanted, but your attempt to identify the version of Drupal being used is wrong -- my site is up-to-date on security patches.
If you enjoy earning ill-will among the community, just keep acting as you are.
Edit: I'm getting this spam forwarded from the people listed on our contacts page. Evidently email addresses are being scraped from Drupal sites. Not a positive way to generate business, to say the least.
Just got one saying I need to update to 6.36, I did that about a month ago.
So at least your method of determining a user needs an update is not correct.
Personally I don't mind a correct reminder. But I dislike getting false alarm and it is spam...
I have revoked sudeepq's "confirmed" status for now. This should prevent him from using the contact form. I find the fact that this behavior continues on (mind you there might be many more contacted people not taking part in this issue) unacceptable.
Comments
Comment #1
killes@www.drop.org commentedare you sure that this mail got to you through our contact form? Can you paste the headers of that mail?
Comment #2
dddave commentedGood community member otherwise: https://www.drupal.org/node/1962434
Comment #3
lizzjoyHi @seaneffel, I'm closing this issue since it has been some time since activity. This issue acts as a record if any more reports come in about possible spam from this user. If you have the email header, please add it here and re-open this issue. Thanks.
Comment #4
MadOverlord commentedReceived 4 different emails allegedly from this person on 3 different email addresses, all claiming he had "noticed" I was running 6.34 on a website and that I had missed security updates (not true as far as I can tell since 6.34 is the latest release). Looks like it has at least one fake received header, and the title line is deceptive: "[Drupal.org] ******.com is using Drupal 6.34 which has security vulnerabilities"
Comment #5
dddave commentedCould you provide the email?
Comment #6
silverwing commentedThe user is apparently https://www.drupal.org/u/sudeepg a DA member.
Comment #7
lizzjoyI reached out to @sudeepg about this issue. I also mentioned that unwanted solicitations via contact form are not welcome by Drupal.org users.
Comment #8
sudeepg commentedThese emails were sent by our team via direct emails & NOT drupal.org contact form. We send few emails directly sometimes to people running older, vulnerable Drupal 6.x website and tell them about the upgrade to latest 6.x (6.34+) to avoid security issues.
None of these emails were sent by Drupal.org contact form. I guess the confusion is because of the subject line. I will get this changed at the earliest.
Comment #9
silverwing commented@sudeepg - Did these people you're emailing OPT-IN to your mailing list? Or did you just collect their emails over the years and added them to your list?
Unless they want the emails, what you're doing is inappropriate, even though it may not violate Drupal.org's rules,
Comment #10
sudeepg commented@silverwing: I kind of agree with you. We are sending very few emails to selected few drupal sites that believe would benefit from the upgrade. So it is kind of a personal touch email that we use to as an invitation to build relation with them. I will still talk to my internal team and see what we can do here.
Comment #11
younggeezer commented@sudeepg: I've now received two unsolicited spams from you, as has at least one other person associated with our site.
Not only are these emails unsolicited and unwanted, but your attempt to identify the version of Drupal being used is wrong -- my site is up-to-date on security patches.
If you enjoy earning ill-will among the community, just keep acting as you are.
Edit: I'm getting this spam forwarded from the people listed on our contacts page. Evidently email addresses are being scraped from Drupal sites. Not a positive way to generate business, to say the least.
Comment #12
pjeutr commentedJust got one saying I need to update to 6.36, I did that about a month ago.
So at least your method of determining a user needs an update is not correct.
Personally I don't mind a correct reminder. But I dislike getting false alarm and it is spam...
Comment #13
dddave commentedI have revoked sudeepq's "confirmed" status for now. This should prevent him from using the contact form. I find the fact that this behavior continues on (mind you there might be many more contacted people not taking part in this issue) unacceptable.
Comment #14
avpadernoGiven the last comment and that this happened 4 years ago, I am setting this as fixed.