Hi,
I assume these emails were send to the address where your community is sending the notifications from? I have seen something like this before and usually was the case that these users were using email addresses that were not valid, but no harmful intentions could be identified.
There might be other reasons than an invalid email address that could trigger these messages. However all of them are rather unlikely (e.g. mail provider outage or something going very wrong on our side).
Your community is using an SSO login - different to our community login/registration, it could be that there are scenarios where the email address of an account is not valid. Opposed to this form of registration on the community, our inSided login requires users to confirm their email address before they can even become active on the community.
Maybe you want to check if their accounts have an SSO ID listed in their user profile page? If that is the case, it could be that someone used a dummy address for their registration on your company website.
Also, check the primary role of these users: If their primary user role is “awaiting email confirmation” it means that they used an invalid email address for their registration using the inSided registration page and not the SSO login (and were unsuccesful as the activation email could not be sent). In this case it could mean someone tried to get on the platform but did not succeed.
In the end, it does not have to mean that these accounts have the intention to spam - it is more likely that some users did not want to give their actual email address during registration and then chose to use non-existing ones.
I would not be too concerned about this, unless you see a vast increase in email notifications bouncing back. If you see many new users with invalid email adresses it indeed could be a sign of some spammers trying to get on the platfom. Please let us know about this in this case as well, as it could affect our platform notification performance if many users are not using existing email addresses.
Hey Julian - Coming back to this issue. Thank you for your very helpful reply. We only use SSO for employees, but partners/customers/anyone else can register.
I currently have 75 people in the “users awaiting email confirmation” status. So they can’t participate in the community. I’ve tried to email some of them to figure out the issue - but I often get a bounce back, meaning they didn’t use a valid email.
What’s the best practice here? Delete the accounts? They can’t participate or access anything that isn’t public anyway …